hook-engine
Version:
Production-grade webhook engine with comprehensive adapter support, security, reliability, structured logging, and CLI tools.
46 lines (45 loc) • 1.6 kB
JavaScript
;
var __importDefault = (this && this.__importDefault) || function (mod) {
return (mod && mod.__esModule) ? mod : { "default": mod };
};
Object.defineProperty(exports, "__esModule", { value: true });
const crypto_1 = __importDefault(require("crypto"));
const stripe = {
getSignature(req) {
return req.headers["stripe-signature"];
},
verifySignature(rawBody, sigHeader, secret) {
if (!sigHeader)
return false;
try {
const timestamp = sigHeader.split(',')[0].split('=')[1];
const signature = sigHeader.split(',')[1].split('=')[1];
if (!timestamp || !signature)
return false;
const signedPayload = `${timestamp}.${rawBody}`;
const expected = crypto_1.default
.createHmac("sha256", secret)
.update(signedPayload)
.digest("hex");
return crypto_1.default.timingSafeEqual(Buffer.from(expected), Buffer.from(signature));
}
catch (error) {
console.error('Error verifying signature:', error);
return false;
}
},
parsePayload(body) {
return JSON.parse(body.toString("utf8"));
},
normalize(event, options) {
return {
id: event.id,
type: event.type,
source: "stripe",
timestamp: event.created ?? Math.floor(Date.now() / 1000),
payload: event.data?.object ?? {},
raw: options?.includeRaw ? JSON.stringify(event) : '',
};
},
};
exports.default = stripe;