-
Notifications
You must be signed in to change notification settings - Fork 92
Expand file tree
/
Copy pathWebhookController.cs
More file actions
71 lines (63 loc) · 2.63 KB
/
WebhookController.cs
File metadata and controls
71 lines (63 loc) · 2.63 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.DataProtection;
using Microsoft.AspNetCore.Mvc;
using Microsoft.Extensions.Logging;
using OrchardCore.Commerce.Payment.Stripe.Abstractions;
using OrchardCore.Commerce.Payment.Stripe.Models;
using OrchardCore.Settings;
using Stripe;
using System.Collections.Generic;
using System.IO;
using System.Threading.Tasks;
namespace OrchardCore.Commerce.Payment.Stripe.Controllers;
[Route("stripe-webhook")]
[ApiController]
[Authorize(AuthenticationSchemes = "Api"), IgnoreAntiforgeryToken, AllowAnonymous]
public class WebhookController : ControllerBase
{
private readonly ISiteService _siteService;
private readonly IDataProtectionProvider _dataProtectionProvider;
private readonly ILogger<WebhookController> _logger;
private readonly IStripeHelperService _stripeHelperService;
private readonly IEnumerable<IStripeWebhookEventHandler> _stripeWebhookEventHandlers;
public WebhookController(
ISiteService siteService,
IDataProtectionProvider dataProtectionProvider,
ILogger<WebhookController> logger,
IStripeHelperService stripeHelperService,
IEnumerable<IStripeWebhookEventHandler> stripeWebhookEventHandlers)
{
_siteService = siteService;
_dataProtectionProvider = dataProtectionProvider;
_logger = logger;
_stripeHelperService = stripeHelperService;
_stripeWebhookEventHandlers = stripeWebhookEventHandlers;
}
[HttpPost]
public async Task<IActionResult> Index([FromHeader(Name = "Stripe-Signature")] string signature)
{
using var streamReader = new StreamReader(HttpContext.Request.Body);
var json = await streamReader.ReadToEndAsync(HttpContext.RequestAborted);
try
{
var stripeApiSettings = (await _siteService.GetSiteSettingsAsync()).GetOrCreate<StripeApiSettings>();
var webhookSigningKey = stripeApiSettings.DecryptWebhookSigningSecret(_dataProtectionProvider, _logger);
var stripeEvent = _stripeHelperService.PrepareStripeEvent(
json,
signature,
webhookSigningKey,
// Let the logic handle version mismatch.
throwOnApiVersionMismatch: false);
if (string.IsNullOrEmpty(stripeEvent.Id))
{
throw new StripeException("Invalid event or event Id.");
}
await _stripeWebhookEventHandlers.AwaitEachAsync(handler => handler.ReceivedStripeEventAsync(stripeEvent));
return Ok();
}
catch (StripeException e)
{
return BadRequest(e);
}
}
}