-
Notifications
You must be signed in to change notification settings - Fork 0
/
utils.go
108 lines (92 loc) · 2.76 KB
/
utils.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
package smartpay
import (
"bytes"
"crypto/hmac"
"crypto/sha256"
"encoding/hex"
"encoding/json"
"github.com/eknkc/basex"
"github.com/google/uuid"
"io"
"log"
"net/http"
"net/url"
"strings"
)
// Ptr Inline pointer helper
func Ptr[T any](v T) *T {
return &v
}
func ConvertToStruct[T any](from interface{}) (to T, err error) {
jsonData, err := json.Marshal(from)
if err != nil {
return to, err
}
err = json.Unmarshal(jsonData, &to)
if err != nil {
return to, err
}
return
}
func (checkoutSessionUrl *CheckoutSessioUrl) WithPromotionCode(promotionCode string) (checkoutSessionUrlWithPromotionCode string, err error) {
rawUrl, err := url.Parse(string(*checkoutSessionUrl))
if err != nil {
return
}
values := rawUrl.Query()
values.Add("promotion-code", promotionCode)
rawUrl.RawQuery = values.Encode()
checkoutSessionUrlWithPromotionCode = rawUrl.String()
return
}
// CalculateWebhookSignatureMiddleware return a middleware that adds Calculated-Signature to request header
func CalculateWebhookSignatureMiddleware(signingSecret string, next http.Handler) http.Handler {
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
signature := r.Header.Get("Smartpay-Signature")
signatureTimestamp := r.Header.Get("Smartpay-Signature-Timestamp")
if signature != "" && signatureTimestamp != "" {
// Read body and reassign a new body reader for the next middleware
bodyBytes, _ := io.ReadAll(r.Body)
r.Body.Close()
r.Body = io.NopCloser(bytes.NewBuffer(bodyBytes))
data := signatureTimestamp + "." + string(bodyBytes)
sha, err := CalculateSignature(signingSecret, data)
if err != nil {
log.Println("calculateSignature failed: ", err)
}
r.Header.Set("Calculated-Signature", sha)
}
next.ServeHTTP(w, r)
})
}
func CalculateSignature(signingSecret string, data string) (sha string, err error) {
enc, err := basex.NewEncoding("ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789")
if err != nil {
return "", err
}
secret, err := enc.Decode(signingSecret)
if err != nil {
return "", err
}
h := hmac.New(sha256.New, secret)
h.Write([]byte(data))
sha = hex.EncodeToString(h.Sum(nil))
return
}
func VerifyWebhookSignature(signingSecret string, data string, signature string) bool {
sha, _ := CalculateSignature(signingSecret, data)
return sha == signature
}
func newRequest(method, url string, body io.Reader) (*http.Request, error) {
req, err := http.NewRequest(method, url, body)
if err != nil {
return nil, err
}
// Add Idempotency-Key for POST, PUT and PATCH requests.
// ref: https://en.docs.smartpay.co/reference/idempotency
method = strings.ToUpper(method)
if method == "POST" || method == "PUT" || method == "PATCH" {
req.Header.Set("Idempotency-Key", uuid.New().String())
}
return req, nil
}