Created
September 6, 2017 20:42
-
-
Save brianhogg/fadaf671717efebf02d0b5c5e70b2cab to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
class EDD_Sendowl_Webhook_Handler extends EDD_Webhook_Handler { | |
function get_hook_id() { | |
return 'sendowl'; | |
} | |
function get_hook_name() { | |
return 'SendOwl'; | |
} | |
function get_webhook_params( $request ) { | |
// Need to get raw parameters with the SendOwl webhooks | |
// See https://help.sendowl.com/help/using-web-hooks#web-hook-events-and-descriptions for more info | |
return json_decode( file_get_contents( "php://input" ), true ); | |
} | |
function verify_webhook_params( $params ) { | |
if ( ! is_array( $params ) or ! isset( $params['order'], $params['order']['id'], $params['order']['buyer_email'], $params['order']['cart'], $params['order']['cart']['cart_items'], $params['order']['settled_gross'] ) ) | |
return false; | |
return true; | |
} | |
function get_buyer_email_address( $params ) { | |
return sanitize_text_field( $params['order']['buyer_email'] ); | |
} | |
function get_order_id( $params ) { | |
return sanitize_text_field( $params['order']['id'] ); | |
} | |
function get_item_id( $params ) { | |
return $params['order']['cart']['cart_items'][0]['product']['id']; | |
} | |
function get_item_price( $params ) { | |
// Change if not dollars. SendOwl annoyingly includes the currency symbol in the decimal amounts. | |
return str_replace( '$', '', $params['order']['settled_gross'] ) - str_replace( '$', '', $params['order']['settled_tax'] ); | |
} | |
function get_item_tax( $params ) { | |
// Change if not dollars. SendOwl annoyingly includes the currency symbol in the decimal amounts. | |
return str_replace( '$', '', $params['order']['settled_tax'] ); | |
} | |
function get_secret_key() { | |
// TODO: Move this to server environment vs. in code | |
return '...'; | |
} | |
/** | |
* Verifies the header is correct | |
* See https://help.sendowl.com/help/using-web-hooks#authenticating-web-hooks | |
* and Shopify example https://ecommerce.shopify.com/c/shopify-apis-and-technology/t/validating-webhook-using-hmac-in-php-281376 | |
*/ | |
function verify_request( $request ) { | |
if ( isset( $_SERVER['HTTP_X_SENDOWL_HMAC_SHA256'] ) ) { | |
$hmac_header = $_SERVER['HTTP_X_SENDOWL_HMAC_SHA256']; | |
$data = file_get_contents( 'php://input' ); | |
$calculated_hmac = base64_encode( hash_hmac( 'sha256', $data, $this->get_secret_key(), true ) ); | |
return ( $hmac_header == $calculated_hmac ); | |
} else { | |
error_log( 'Request not from sendowl: ' . print_r( $_SERVER, true ) . print_r( $data, true ) ); | |
} | |
return false; | |
} | |
} | |
$GLOBALS['edd_webhook_handler'] = new EDD_Sendowl_Webhook_Handler(); |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment