module Stripe::Webhook::Signature

Defined in:

stripe/methods/core/webhook/webhook.cr

Constant Summary

EXPECTED_SCHEME = "v1"

Class Method Summary

.compute_signature(timestamp : Time, payload : String, secret : String) : String
Computes a webhook signature given a time (probably the current time), a payload, and a signing secret.
.generate_header(timestamp : Time, signature : String, scheme : String = EXPECTED_SCHEME) : String
Generates a value that would be added to a Stripe-Signature for a given webhook payload.
.verify_header(payload : String, header : String, secret : String, tolerance : Int32 | Nil = nil) : Bool
Verifies the signature header for a given payload.

Class Method Detail

def self.compute_signature(timestamp : Time, payload : String, secret : String) : String #

Computes a webhook signature given a time (probably the current time), a payload, and a signing secret.

def self.generate_header(timestamp : Time, signature : String, scheme : String = EXPECTED_SCHEME) : String #

Generates a value that would be added to a Stripe-Signature for a given webhook payload.

Note that this isn't needed to verify webhooks in any way, and is mainly here for use in test cases (those that are both within this project and without).

def self.verify_header(payload : String, header : String, secret : String, tolerance : Int32 | Nil = nil) : Bool #

Verifies the signature header for a given payload.

Raises a SignatureVerificationError in the following cases:

the header does not match the expected format
no signatures found with the expected scheme
no signatures matching the expected signature
a tolerance is provided and the timestamp is not within the tolerance

Returns true otherwise