webhook_system 0.0.1

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: 05503cb6981ef8a26c904b045fa7ad24b420f6f2
+  data.tar.gz: c870e8c64ffcc3dd09785b4e856e50ee385d1f3d
+SHA512:
+  metadata.gz: 7f9fa83a0a0cdc22efac7c092807c86fc45e6df6bba6fa61d7b632dc33e146c90d58f7de1860abf15b9c92d0fd0b2683892b99b90b6c3fa690c750fa041770f2
+  data.tar.gz: 309d84dd3b30e2ebe343475ce7ac02fd316b617a86f0e2ba78eff1d2e8a15704b825a7ebf272089b8bb197732a4bd95bea148ec9a9f74300a7c50bbb04203d5a

data/.codeclimate.yml

@@ -0,0 +1,9 @@
+engines:
+  rubocop:
+    enabled: true
+ratings:
+  paths:
+  - "lib/**"
+  - Gemfile.lock
+exclude_paths:
+  - "spec/*"

data/.gitignore

@@ -0,0 +1,5 @@
+Gemfile.lock
+doc/
+pkg/
+*.db
+tmp/

data/.hound.yml

@@ -0,0 +1,2 @@
+ruby:
+  config_file: .rubocop.yml

data/.reek

@@ -0,0 +1,10 @@
+DuplicateMethodCall:
+  max_calls: 2
+TooManyStatements:
+  max_statements: 8
+NestedIterators:
+  max_allowed_nesting: 3
+DataClump:
+  max_copies: 4
+LongParameterList:
+  max_params: 8

data/.rubocop.hound.yml

@@ -0,0 +1,243 @@
+AllCops:
+  Exclude:
+    - "vendor/**/*"
+    - "db/schema.rb"
+  UseCache: false
+Style/CollectionMethods:
+  Description: Preferred collection methods.
+  StyleGuide: https://github.com/bbatsov/ruby-style-guide#map-find-select-reduce-size
+  Enabled: true
+  PreferredMethods:
+    collect: map
+    collect!: map!
+    find: detect
+    find_all: select
+    reduce: inject
+Style/DotPosition:
+  Description: Checks the position of the dot in multi-line method calls.
+  StyleGuide: https://github.com/bbatsov/ruby-style-guide#consistent-multi-line-chains
+  Enabled: true
+  EnforcedStyle: trailing
+  SupportedStyles:
+  - leading
+  - trailing
+Style/FileName:
+  Description: Use snake_case for source file names.
+  StyleGuide: https://github.com/bbatsov/ruby-style-guide#snake-case-files
+  Enabled: false
+  Exclude: []
+Style/GuardClause:
+  Description: Check for conditionals that can be replaced with guard clauses
+  StyleGuide: https://github.com/bbatsov/ruby-style-guide#no-nested-conditionals
+  Enabled: false
+  MinBodyLength: 1
+Style/IfUnlessModifier:
+  Description: Favor modifier if/unless usage when you have a single-line body.
+  StyleGuide: https://github.com/bbatsov/ruby-style-guide#if-as-a-modifier
+  Enabled: false
+  MaxLineLength: 80
+Style/OptionHash:
+  Description: Don't use option hashes when you can use keyword arguments.
+  Enabled: false
+Style/PercentLiteralDelimiters:
+  Description: Use `%`-literal delimiters consistently
+  StyleGuide: https://github.com/bbatsov/ruby-style-guide#percent-literal-braces
+  Enabled: false
+  PreferredDelimiters:
+    "%": "()"
+    "%i": "()"
+    "%q": "()"
+    "%Q": "()"
+    "%r": "{}"
+    "%s": "()"
+    "%w": "()"
+    "%W": "()"
+    "%x": "()"
+Style/PredicateName:
+  Description: Check the names of predicate methods.
+  StyleGuide: https://github.com/bbatsov/ruby-style-guide#bool-methods-qmark
+  Enabled: true
+  NamePrefix:
+  - is_
+  - has_
+  - have_
+  NamePrefixBlacklist:
+  - is_
+  Exclude:
+  - spec/**/*
+Style/RaiseArgs:
+  Description: Checks the arguments passed to raise/fail.
+  StyleGuide: https://github.com/bbatsov/ruby-style-guide#exception-class-messages
+  Enabled: false
+  EnforcedStyle: exploded
+  SupportedStyles:
+  - compact
+  - exploded
+Style/SignalException:
+  Description: Checks for proper usage of fail and raise.
+  StyleGuide: https://github.com/bbatsov/ruby-style-guide#fail-method
+  Enabled: false
+  EnforcedStyle: semantic
+  SupportedStyles:
+  - only_raise
+  - only_fail
+  - semantic
+Style/SingleLineBlockParams:
+  Description: Enforces the names of some block params.
+  StyleGuide: https://github.com/bbatsov/ruby-style-guide#reduce-blocks
+  Enabled: false
+  Methods:
+  - reduce:
+    - a
+    - e
+  - inject:
+    - a
+    - e
+Style/SingleLineMethods:
+  Description: Avoid single-line methods.
+  StyleGuide: https://github.com/bbatsov/ruby-style-guide#no-single-line-methods
+  Enabled: false
+  AllowIfMethodIsEmpty: true
+Style/StringLiterals:
+  Description: Checks if uses of quotes match the configured preference.
+  StyleGuide: https://github.com/bbatsov/ruby-style-guide#consistent-string-literals
+  Enabled: true
+  EnforcedStyle: double_quotes
+  SupportedStyles:
+  - single_quotes
+  - double_quotes
+Style/StringLiteralsInInterpolation:
+  Description: Checks if uses of quotes inside expressions in interpolated strings
+    match the configured preference.
+  Enabled: true
+  EnforcedStyle: single_quotes
+  SupportedStyles:
+  - single_quotes
+  - double_quotes
+Style/TrailingCommaInArguments:
+  Description: 'Checks for trailing comma in argument lists.'
+  StyleGuide: 'https://github.com/bbatsov/ruby-style-guide#no-trailing-array-commas'
+  Enabled: false
+  EnforcedStyleForMultiline: no_comma
+  SupportedStyles:
+  - comma
+  - consistent_comma
+  - no_comma
+Style/TrailingCommaInLiteral:
+  Description: 'Checks for trailing comma in array and hash literals.'
+  StyleGuide: 'https://github.com/bbatsov/ruby-style-guide#no-trailing-array-commas'
+  Enabled: false
+  EnforcedStyleForMultiline: no_comma
+  SupportedStyles:
+  - comma
+  - consistent_comma
+  - no_comma
+Metrics/AbcSize:
+  Description: A calculated magnitude based on number of assignments, branches, and
+    conditions.
+  Enabled: false
+  Max: 15
+Metrics/ClassLength:
+  Description: Avoid classes longer than 100 lines of code.
+  Enabled: false
+  CountComments: false
+  Max: 100
+Metrics/ModuleLength:
+  CountComments: false
+  Max: 100
+  Description: Avoid modules longer than 100 lines of code.
+  Enabled: false
+Metrics/CyclomaticComplexity:
+  Description: A complexity metric that is strongly correlated to the number of test
+    cases needed to validate a method.
+  Enabled: false
+  Max: 6
+Metrics/MethodLength:
+  Description: Avoid methods longer than 10 lines of code.
+  StyleGuide: https://github.com/bbatsov/ruby-style-guide#short-methods
+  Enabled: false
+  CountComments: false
+  Max: 10
+Metrics/ParameterLists:
+  Description: Avoid parameter lists longer than three or four parameters.
+  StyleGuide: https://github.com/bbatsov/ruby-style-guide#too-many-params
+  Enabled: false
+  Max: 5
+  CountKeywordArgs: true
+Metrics/PerceivedComplexity:
+  Description: A complexity metric geared towards measuring complexity for a human
+    reader.
+  Enabled: false
+  Max: 7
+Lint/AssignmentInCondition:
+  Description: Don't use assignment in conditions.
+  StyleGuide: https://github.com/bbatsov/ruby-style-guide#safe-assignment-in-condition
+  Enabled: false
+  AllowSafeAssignment: true
+Style/InlineComment:
+  Description: Avoid inline comments.
+  Enabled: false
+Style/AccessorMethodName:
+  Description: Check the naming of accessor methods for get_/set_.
+  Enabled: false
+Style/Alias:
+  Description: Use alias_method instead of alias.
+  StyleGuide: https://github.com/bbatsov/ruby-style-guide#alias-method
+  Enabled: false
+Style/Documentation:
+  Description: Document classes and non-namespace modules.
+  Enabled: false
+Style/DoubleNegation:
+  Description: Checks for uses of double negation (!!).
+  StyleGuide: https://github.com/bbatsov/ruby-style-guide#no-bang-bang
+  Enabled: false
+Style/EachWithObject:
+  Description: Prefer `each_with_object` over `inject` or `reduce`.
+  Enabled: false
+Style/EmptyLiteral:
+  Description: Prefer literals to Array.new/Hash.new/String.new.
+  StyleGuide: https://github.com/bbatsov/ruby-style-guide#literal-array-hash
+  Enabled: false
+Style/ModuleFunction:
+  Description: Checks for usage of `extend self` in modules.
+  StyleGuide: https://github.com/bbatsov/ruby-style-guide#module-function
+  Enabled: false
+Style/OneLineConditional:
+  Description: Favor the ternary operator(?:) over if/then/else/end constructs.
+  StyleGuide: https://github.com/bbatsov/ruby-style-guide#ternary-operator
+  Enabled: false
+Style/PerlBackrefs:
+  Description: Avoid Perl-style regex back references.
+  StyleGuide: https://github.com/bbatsov/ruby-style-guide#no-perl-regexp-last-matchers
+  Enabled: false
+Style/Send:
+  Description: Prefer `Object#__send__` or `Object#public_send` to `send`, as `send`
+    may overlap with existing methods.
+  StyleGuide: https://github.com/bbatsov/ruby-style-guide#prefer-public-send
+  Enabled: false
+Style/SpecialGlobalVars:
+  Description: Avoid Perl-style global variables.
+  StyleGuide: https://github.com/bbatsov/ruby-style-guide#no-cryptic-perlisms
+  Enabled: false
+Style/VariableInterpolation:
+  Description: Don't interpolate global, instance and class variables directly in
+    strings.
+  StyleGuide: https://github.com/bbatsov/ruby-style-guide#curlies-interpolate
+  Enabled: false
+Style/WhenThen:
+  Description: Use when x then ... for one-line cases.
+  StyleGuide: https://github.com/bbatsov/ruby-style-guide#one-line-cases
+  Enabled: false
+Lint/EachWithObjectArgument:
+  Description: Check for immutable argument given to each_with_object.
+  Enabled: true
+Lint/HandleExceptions:
+  Description: Don't suppress exception.
+  StyleGuide: https://github.com/bbatsov/ruby-style-guide#dont-hide-exceptions
+  Enabled: false
+Lint/LiteralInCondition:
+  Description: Checks of literals used in conditions.
+  Enabled: false
+Lint/LiteralInInterpolation:
+  Description: Checks for literals used in interpolation.
+  Enabled: false

data/.rubocop.yml

@@ -0,0 +1,57 @@
+inherit_from:
+ - .rubocop.hound.yml
+
+AllCops:
+  Exclude:
+    - '*.gemspec'
+    - 'Gemfile'
+
+Style/Lambda:
+  Enabled: false
+
+Style/EmptyLinesAroundClassBody:
+  Enabled: false
+
+Style/EmptyLinesAroundModuleBody:
+  Enabled: false
+
+Style/EmptyLinesAroundMethodBody:
+  Enabled: false
+
+Style/ClassCheck:
+  Enabled: false
+  # we don't care about kind_of? vs is_a?
+
+Style/StringLiterals:
+  Enabled: false
+
+Style/FileName:
+  Enabled: false
+
+Style/RedundantException:
+  Enabled: false
+
+Style/SignalException:
+  Enabled: false
+
+Style/BlockDelimiters:
+  Enabled: false
+
+Style/CollectionMethods:
+  PreferredMethods:
+    detect: find
+
+# Github's PR width is 120 characters
+Metrics/LineLength:
+  Max: 120
+  AllowURI: true
+
+# Align with the style guide, we don't prefer anything
+Style/CollectionMethods:
+  Enabled: false
+
+Metrics/AbcSize:
+  Description: A calculated magnitude based on number of assignments, branches, and
+    conditions.
+  Enabled: true
+  Max: 30

data/.travis.yml

@@ -0,0 +1,7 @@
+language: ruby
+rvm:
+  - 2.1.8
+  - 2.2.4
+  - 2.3.0
+
+script: "bundle exec rspec"

data/DEPLOYING.md

@@ -0,0 +1,25 @@
+## Setup
+
+In order to deploy a new version of the gem into the wild ...
+
+You will need to configure your github api token for the changelog.
+
+Generate a new token for changelogs [here](https://github.com/settings/tokens/new).
+
+add:
+
+```bash
+export CHANGELOG_GITHUB_TOKEN=YOUR_CHANGELOG_API_TOKEN
+```
+
+somewhere in your shell init. (ie .zshrc or simillar)
+
+## Deploying
+
+1. Update `lib/webhook_system/version.rb`
+2. Commit the changed files with the version number eg: `1.8.0`
+3. Push this to git
+4. Run `rake release`
+5. Run `rake changelog` (has to be ran after release since its based on github tagging)
+6. Commit the changed changelog named something like `changelog for 1.8.0`
+7. Push this to git

data/Gemfile

@@ -0,0 +1,3 @@
+source 'https://rubygems.org'
+
+gemspec

data/LICENSE.txt

@@ -0,0 +1,12 @@
+Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated
+documentation files (the "Software"), to deal in the Software without restriction, including without limitation
+the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software,
+and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all copies or substantial portions of
+the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO
+THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS
+OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR
+OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/README.md

@@ -0,0 +1,155 @@
+# webhook_system
+
+* [Homepage](https://rubygems.org/gems/webhook_system)
+* [Documentation](http://rubydoc.info/gems/webhook_system/frames)
+* [Email](mailto:piotr.banasik at gmail.com)
+
+## Description
+
+[![Build Status](https://travis-ci.org/payrollhero/webhook_engine.svg?branch=master)](https://travis-ci.org/payrollhero/webhook_engine)
+[![Code Climate](https://codeclimate.com/github/payrollhero/webhook_system/badges/gpa.svg)](https://codeclimate.com/github/payrollhero/webhook_system)
+[![Issue Count](https://codeclimate.com/github/payrollhero/webhook_system/badges/issue_count.svg)](https://codeclimate.com/github/payrollhero/webhook_system)
+[![Dependency Status](https://gemnasium.com/payrollhero/webhook_system.svg)](https://gemnasium.com/payrollhero/webhook_system)
+
+## Overview
+
+Few Main points ..
+
+1. The "server" holds on to a record of subscriptions
+2. Each subscription has a secret attached to it
+3. This secret is used to encrypt the entire payload of the webhook using AES-256
+4. The webhook is delivered to the recipient as a JSON payload with a base64 encoded data component
+5. The recipient is meant to use their copy of this secret to decode that payload, and then action it as needed.
+
+## Setup
+
+The webhook integration code runs on two tables. You need to create a new migration that adds these
+tables first:
+
+```ruby
+create_table :webhook_subscriptions do |t|
+  t.string :url
+  t.boolean :active
+  t.text :secret
+
+  t.index :active
+end
+
+create_table :webhook_subscription_topics do |t|
+  t.string :name
+  t.belongs_to :subscription
+
+  t.index :subscription_id
+  t.index :name
+end
+```
+
+## Building Events
+
+Each event type should be a discrete class inheriting from `WebhookSystem::BaseEvent`.
+
+Each class should define `event_name` and `payload_attributes` to set up the serializer properly.
+
+### Payload Attributes
+
+It seems worth mentioning a bit more about these. This whole system in the event is an abstraction system around
+cleanly serializing these objects. The attribute list can take two forms:
+
+Either as a simple array:
+
+```ruby
+  def payload_attributes
+    [
+      :widget,
+      :name,
+    ]
+  end
+```
+
+This version just maps 1:1 the attribute to a method on the event. This means that in this example it'd expect
+`widget` and `name` to be public methods on the event.
+
+The alternate form is to use a Hash.
+
+eg:
+```ruby
+  def payload_attributes
+    {
+      widget: :get_widget,
+      name: :get_name,
+    }
+  end
+```
+
+This version makes the keys the attributes in the JSON, and the values the method names to call to get the value.
+
+### Working with Events
+
+The general idea is that Events are ActiveModel objects using the PhModel system, so the same APIs apply.
+
+You'd build them with `.build`. Eg:
+
+```ruby
+event_object = SomeEvent.build(name: 'John', age: 21)
+```
+
+These attributes shouldn't necessarily be already the direct data hashes, let the Event do its own presentation.
+Its perfectly OK to send these events with ActiveRecord parameters, and internally translate out of them to something
+more suitable for the actual notification payload.
+
+## Dispatching Events
+
+The general API for this is via:
+
+```ruby
+WebhookSystem.dispatch(event_object)
+```
+
+This is meant to be fairly fire and forget. Internally this will create an ActiveJob for each subscription
+interested in the event.
+
+## Payload Encryption
+
+The payload is encrypted using AES-256. Each subscription is meant to have the recipient's shared secret on it.
+This secret is then used to encrypt the payload, so the other side needs that same secret again to open it.
+
+The payload then will be a json post body, with the Base64 encoded payload inside it.
+
+## Payload Decryption
+
+There is a utility function available to decode the entire POST body of the webhook that can be used by clients.
+
+Example use would be:
+
+```ruby
+payload = WebhookSystem::Encoder.decode(secret_string, request.body)
+```
+
+You will need your webhook secret, and you get back a Hash of the event's data.
+All events are guaranteed to have a key called `event` with the event's name, everything other than that is
+custom to each individual event type.
+
+Some more specifics around the format for the benefit of non-ruby implementations:
+
+The payload looks like this:
+
+```json
+{
+  "format": "base64+aes256",
+  "payload": "{Base64 String}",
+  "iv": "{Base64 String}"
+}
+```
+
+The format is just a flag incase there ever is multiple formats, currently this is the only one.
+
+The encryption used is AES256-CBC
+
+The AES key is a PBKDF2 (Password-Based Key Derivation Function 2) as part of PKCS#5 function on the secret using
+SHA256 HMAC. The IV is used as the salt, 100_000 iterations, and a key length of 32 bytes (or 256 bits).
+
+The IV is used both for initializing the cipher, and also for salting the password PBKDF2 function.
+
+## Copyright
+
+Copyright (c) 2015 PayrollHero

data/Rakefile

@@ -0,0 +1,46 @@
+require 'bundler/gem_tasks'
+
+require 'rubygems/tasks'
+Gem::Tasks.new(release: false)
+
+require 'rspec/core/rake_task'
+RSpec::Core::RakeTask.new
+
+task :test do
+  sh "rspec"
+  sh "reek"
+  sh "rubocop"
+end
+
+task default: :spec
+
+desc "copy in PayrollHero's current style config files"
+task :styleguide do
+  require 'faraday'
+  require 'pry'
+  base = "https://raw.githubusercontent.com/payrollhero/styleguide/master/"
+  files = %w{
+    .rubocop.hound.yml
+    .rubocop.yml
+    .reek
+    .codeclimate.yml
+  }
+  files.each do |file|
+    puts "Fetching #{file} ..."
+    url = "#{base}#{file}"
+    rsp = Faraday.get(url)
+    unless rsp.status == 200
+      $stderr.puts "failing fetching: #{url}"
+      $stderr.puts "  response: #{rsp.status}: #{rsp.body}"
+      exit 1
+    end
+    File.open(file, "w") do |fh|
+      fh.write(rsp.body)
+    end
+  end
+end
+
+desc "Updates the changelog"
+task :changelog do
+  sh "github_changelog_generator payrollhero/ph_utility --simple-list"
+end

data/lib/webhook_system.rb

@@ -0,0 +1,23 @@
+require 'active_support/all'
+require 'active_record'
+require 'active_job'
+require 'ph_model'
+
+module WebhookSystem
+  extend ActiveSupport::Autoload
+
+  autoload :Subscription
+  autoload :Dispatcher
+  autoload :SubscriptionTopic
+  autoload :Job
+  autoload :Encoder
+  autoload :BaseEvent
+
+  # Error raised when there is an issue with decoding the payload
+  class DecodingError < RuntimeError
+  end
+
+  class << self
+    delegate :dispatch, to: :'WebhookSystem::Dispatcher'
+  end
+end

data/lib/webhook_system/base_event.rb

@@ -0,0 +1,40 @@
+module WebhookSystem
+
+  # This is the class meant to be used as the base class for any Events sent through the Webhook system
+  class BaseEvent
+    include PhModel
+
+    def event_name
+      mesg = "class #{self.class.name} must implement abstract method `#{self.class.name}#event_name()'."
+      raise RuntimeError.new(mesg).tap { |err| err.backtrace = caller }
+    end
+
+    def payload_attributes
+      mesg = "class #{self.class.name} must implement abstract method `#{self.class.name}#payload_attributes()'."
+      raise RuntimeError.new(mesg).tap { |err| err.backtrace = caller }
+    end
+
+    def as_json
+      result = { 'event' => event_name }
+      each_attribute do |attribute_name, attribute_method|
+        result[attribute_name.to_s] = public_send(attribute_method).as_json
+      end
+      result
+    end
+
+    private
+
+    def each_attribute
+      case payload_attributes
+      when Array
+        payload_attributes.each do |attribute_name|
+          yield(attribute_name, attribute_name)
+        end
+      when Hash
+        payload_attributes.each
+      else
+        raise ArgumetError, "don't know how to deal with payload_attributes: #{payload_attributes.inspect}"
+      end
+    end
+  end
+end

data/lib/webhook_system/dispatcher.rb

@@ -0,0 +1,16 @@
+module WebhookSystem
+
+  # Main code that handles dispatching of events out to subscribers
+  class Dispatcher
+    class << self
+
+      # @param [WebhookSystem::BaseEvent] event The Event Object
+      def dispatch(event)
+        WebhookSystem::Subscription.interested_in_topic(event.event_name).each do |subscription|
+          WebhookSystem::Job.perform_later subscription, event.as_json
+        end
+      end
+
+    end
+  end
+end

data/lib/webhook_system/encoder.rb

@@ -0,0 +1,69 @@
+module WebhookSystem
+
+  # Class in charge of encoding and decoding encrypted payload
+  module Encoder
+    class << self
+      # Given a secret string, encode the passed payload to json
+      # encrypt it, base64 encode that, and wrap it in its own json wrapper
+      #
+      # @param [String] secret_string some secret string
+      # @param [Object#to_json] payload Any object that responds to to_json
+      # @return [String] The encoded string payload (its a JSON string)
+      def encode(secret_string, payload)
+        cipher = OpenSSL::Cipher::AES256.new(:CBC)
+        cipher.encrypt
+        iv = cipher.random_iv
+        cipher.key = key_from_secret(iv, secret_string)
+        encoded = cipher.update(payload.to_json) + cipher.final
+        Payload.encode(encoded, iv)
+      end
+
+      # Given a secret string, and an encrypted payload, unwrap it, bas64 decode it
+      # decrypt it, and JSON decode it
+      #
+      # @param [String] secret_string some secret string
+      # @param [String] payload String as returned from #encode
+      # @return [Object] return the JSON decode of the encrypted payload
+      def decode(secret_string, payload)
+        encoded, iv = Payload.decode(payload)
+        cipher = OpenSSL::Cipher::AES256.new(:CBC)
+        cipher.decrypt
+        cipher.iv = iv
+        cipher.key = key_from_secret(iv, secret_string)
+        decoded = cipher.update(encoded) + cipher.final
+        JSON.load(decoded)
+      rescue OpenSSL::Cipher::CipherError
+        raise DecodingError, 'Decoding Failed, probably mismatched secret'
+      end
+
+      private
+
+      def key_from_secret(iv, secret_string)
+        OpenSSL::PKCS5.pbkdf2_hmac(secret_string, iv, 100_000, 256 / 8, 'SHA256')
+      end
+    end
+  end
+
+  # private class to just wrap the outer wrapping of the response format
+  # not exposed to the outside
+  # :nodoc:
+  module Payload
+    class << self
+      def encode(raw_encrypted_data, iv)
+        JSON.dump(
+          'format' => 'base64+aes256',
+          'payload' => Base64.encode64(raw_encrypted_data),
+          'iv' => Base64.encode64(iv)
+        )
+      end
+
+      def decode(payload_string)
+        payload = JSON.load(payload_string)
+        unless payload['format'] == 'base64+aes256'
+          raise ArgumentError, 'only know how to handle base64+aes256 payloads'
+        end
+        [Base64.decode64(payload['payload']), Base64.decode64(payload['iv'])]
+      end
+    end
+  end
+end

data/lib/webhook_system/job.rb

@@ -0,0 +1,39 @@
+module WebhookSystem
+
+  # This is the ActiveJob in charge of actually sending each event
+  class Job < ActiveJob::Base
+
+    def perform(subscription, event)
+      payload = Encoder.encode(subscription.secret, event)
+      client = HttpClient.new(subscription.url)
+      client.post(payload)
+    end
+
+  end
+
+  # Just a simple internal class to wrap around the http requests to the endpoints
+  class HttpClient
+    def initialize(endpoint)
+      @endpoint = endpoint
+    end
+
+    def post(payload)
+      client.post do |req|
+        req.headers['Content-Type'] = 'application/json; base64+aes256'
+        req.body = payload.to_s
+      end
+    end
+
+    private
+
+    attr_reader :endpoint, :client
+
+    def client
+      @client ||= Faraday.new(url: endpoint) do |faraday|
+        # faraday.request :url_encoded # form-encode POST params
+        faraday.response :logger # log requests to STDOUT
+        faraday.adapter Faraday.default_adapter
+      end
+    end
+  end
+end

data/lib/webhook_system/subscription.rb

@@ -0,0 +1,17 @@
+module WebhookSystem
+  class Subscription < ActiveRecord::Base
+    self.table_name = 'webhook_subscriptions'
+
+    validates :url, presence: true
+    validates :secret, presence: true
+
+    has_many :topics, class_name: 'WebhookSystem::SubscriptionTopic', dependent: :destroy
+
+    scope :active, -> { where(active: true) }
+    scope :for_topic, -> (topic) {
+      joins(:topics).where(WebhookSystem::SubscriptionTopic.table_name => { name: topic })
+    }
+
+    scope :interested_in_topic, -> (topic) { active.for_topic(topic) }
+  end
+end

data/lib/webhook_system/subscription_topic.rb

@@ -0,0 +1,9 @@
+module WebhookSystem
+  class SubscriptionTopic < ActiveRecord::Base
+    self.table_name = 'webhook_subscription_topics'
+
+    validates :name, presence: true
+
+    belongs_to :subscription, class_name: 'WebhookSystem::Subscription'
+  end
+end

data/lib/webhook_system/version.rb

@@ -0,0 +1,4 @@
+# frozen_string_literal: true
+module WebhookSystem
+  VERSION = '0.0.1'.freeze
+end

data/webhook_system.gemspec

@@ -0,0 +1,40 @@
+# -*- encoding: utf-8 -*-
+
+require File.expand_path('../lib/webhook_system/version', __FILE__)
+
+Gem::Specification.new do |gem|
+  gem.name = 'webhook_system'
+  gem.version = WebhookSystem::VERSION
+  gem.authors = ['Piotr Banasik']
+  gem.email = 'piotr@payrollhero.com'
+
+  gem.summary = 'Webhook system'
+  gem.description = 'A pluggable webhook subscription system'
+  gem.homepage = 'https://github.com/payrollhero/webhook_system'
+  gem.license = 'MIT'
+
+  gem.files = `git ls-files -z`.split("\x0").reject { |f| f.match(%r{^(test|spec|features)/}) }
+  gem.bindir = 'exe'
+  gem.executables = gem.files.grep(%r{^bin/}).map { |f| File.basename(f) }
+  gem.require_paths = ['lib']
+
+  gem.add_runtime_dependency 'activesupport', '> 3.2'
+  gem.add_runtime_dependency 'activerecord', '> 3.2'
+  gem.add_runtime_dependency 'activejob'
+  gem.add_runtime_dependency 'faraday'
+  gem.add_runtime_dependency 'ph_model'
+
+  gem.add_development_dependency 'bundler', '~> 1.0'
+  gem.add_development_dependency 'rake'
+  gem.add_development_dependency 'rspec', '~> 3.0'
+  gem.add_development_dependency 'rubygems-tasks', '~> 0.2'
+  gem.add_development_dependency 'pry'
+  gem.add_development_dependency 'sqlite3'
+  gem.add_development_dependency 'github_changelog_generator', '~> 1.6'
+  gem.add_development_dependency 'factory_girl'
+  gem.add_development_dependency 'webmock'
+
+  # static analysis gems
+  gem.add_development_dependency 'rubocop', '~> 0.36.0'
+  gem.add_development_dependency 'reek', '~> 3.7'
+end

metadata

@@ -0,0 +1,289 @@
+--- !ruby/object:Gem::Specification
+name: webhook_system
+version: !ruby/object:Gem::Version
+  version: 0.0.1
+platform: ruby
+authors:
+- Piotr Banasik
+autorequire: 
+bindir: exe
+cert_chain: []
+date: 2016-02-05 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: activesupport
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">"
+      - !ruby/object:Gem::Version
+        version: '3.2'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">"
+      - !ruby/object:Gem::Version
+        version: '3.2'
+- !ruby/object:Gem::Dependency
+  name: activerecord
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">"
+      - !ruby/object:Gem::Version
+        version: '3.2'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">"
+      - !ruby/object:Gem::Version
+        version: '3.2'
+- !ruby/object:Gem::Dependency
+  name: activejob
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: faraday
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: ph_model
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: bundler
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.0'
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: rspec
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.0'
+- !ruby/object:Gem::Dependency
+  name: rubygems-tasks
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.2'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.2'
+- !ruby/object:Gem::Dependency
+  name: pry
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: sqlite3
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: github_changelog_generator
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.6'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.6'
+- !ruby/object:Gem::Dependency
+  name: factory_girl
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: webmock
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: rubocop
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 0.36.0
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 0.36.0
+- !ruby/object:Gem::Dependency
+  name: reek
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.7'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.7'
+description: A pluggable webhook subscription system
+email: piotr@payrollhero.com
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- ".codeclimate.yml"
+- ".gitignore"
+- ".hound.yml"
+- ".reek"
+- ".rubocop.hound.yml"
+- ".rubocop.yml"
+- ".travis.yml"
+- CHANGELOG.md
+- DEPLOYING.md
+- Gemfile
+- LICENSE.txt
+- README.md
+- Rakefile
+- lib/webhook_system.rb
+- lib/webhook_system/base_event.rb
+- lib/webhook_system/dispatcher.rb
+- lib/webhook_system/encoder.rb
+- lib/webhook_system/job.rb
+- lib/webhook_system/subscription.rb
+- lib/webhook_system/subscription_topic.rb
+- lib/webhook_system/version.rb
+- webhook_system.gemspec
+homepage: https://github.com/payrollhero/webhook_system
+licenses:
+- MIT
+metadata: {}
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: 
+rubygems_version: 2.4.5.1
+signing_key: 
+specification_version: 4
+summary: Webhook system
+test_files: []