Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Question rather than issue #50

Closed
renzocastillo opened this issue Mar 5, 2020 · 2 comments
Closed

Question rather than issue #50

renzocastillo opened this issue Mar 5, 2020 · 2 comments

Comments

@renzocastillo
Copy link

Hi I'm new to this package and I want to verify a header that does not have a signature key. It actually has a user and password, so when you receive the request at the url endpoint you need to verify that header. Im not sure about how to use custom verify signature because I don't understand it for my case.

Could someone help me up with this?

Thanks in advance
@callum-veloxcommerce
Copy link

You could create a custom signature validator like the below:

<?php

namespace App\Http\Webhooks;

use \Spatie\WebhookClient\SignatureValidator\SignatureValidator as SpatieSignatureValidator;
use \Illuminate\Http\Request;
use \Spatie\WebhookClient\WebhookConfig;

class SignatureValidator implements SpatieSignatureValidator
{
    public function isValid(Request $request, WebhookConfig $config) : bool
    {
        $data = $request->all();
        $user = $data->username;
        $pass = $data->password;
        

        if(YourAuthClass::checkUserAndPassword($user, $pass))
        {
            return true;
        }

        return false;

    }
}

where YourAuthClass::checkUserAndPassword is a class you create yourself to handle your authentication of a user and pass that returns a boolean value.

and define it to be used in your config like the following:

<?php

return [
    'configs' => [
        [
            'name' => 'default',
            'signing_secret' => env('WEBHOOK_CLIENT_SECRET'),
            'signature_validator' => App\Http\Webhooks\SignatureValidator::class,
            'webhook_profile' => \Spatie\WebhookClient\WebhookProfile\ProcessEverythingWebhookProfile::class,
            'webhook_model' => \Spatie\WebhookClient\Models\WebhookCall::class,
            'process_webhook_job' => App\Http\Webhooks\ProcessWebhook::class,
        ],
    ],
];

@renzocastillo
Copy link
Author

Awesome @callum-veloxcommerce thank you very much. Your answer is really helpful. The user and the password are not for user authentication but just comparing them with some default values. I didn't know how to use this benefits of laravel webhook. Thank you again for your great answer and support

@darshanadaptit darshanadaptit mentioned this issue May 13, 2020
Closed
@jennmagat jennmagat mentioned this issue Feb 18, 2022
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@freekmurze @renzocastillo @callum-veloxcommerce