@goweekdays/core 2.6.0 → 2.6.1

package/dist/index.mjs

@@ -6414,7 +6414,7 @@ function usePaypalService() {
     certCache.set(url, certPem);
     return certPem;
   }
-  async function verifyWebhook(rawBody, headers, webhookId = PAYPAL_WEBHOOK_ID) {
+  async function verifySignature(rawBody, headers, webhookId = PAYPAL_WEBHOOK_ID) {
     const transmissionId = headers["paypal-transmission-id"];
     const timeStamp = headers["paypal-transmission-time"];
     const certUrl = headers["paypal-cert-url"];
@@ -6439,7 +6439,7 @@ function usePaypalService() {
   return {
     addOrder,
     captureOrder,
-    verifyWebhook
+    verifySignature
   };
 }
 
@@ -9857,20 +9857,34 @@ function useUtilController() {
       }
     }
   }
-  const { verifyWebhook } = usePaypalService();
+  const { verifySignature } = usePaypalService();
   async function paypalWebhook(req, res, next) {
-    console.log(req);
     try {
-      await verifyWebhook(req.body, req.headers, PAYPAL_WEBHOOK_ID);
-      res.status(200).send("OK");
-      return;
+      const headers = req.headers;
+      const event = req.body;
+      const data = JSON.parse(event);
+      console.log(`headers`, headers);
+      console.log(`parsed json`, JSON.stringify(data, null, 2));
+      console.log(`raw event: ${event}`);
+      const isSignatureValid = await verifySignature(
+        event,
+        headers,
+        PAYPAL_WEBHOOK_ID
+      );
+      if (isSignatureValid) {
+        console.log("Signature is valid.");
+        console.log(`Received event`, JSON.stringify(data, null, 2));
+      } else {
+        console.log(
+          `Signature is not valid for ${data?.id} ${headers?.["correlation-id"]}`
+        );
+      }
+      res.sendStatus(200);
     } catch (error) {
       logger28.log({
         level: "error",
-        message: "PayPal webhook verification failed"
+        message: `${error}`
       });
-      res.status(400).send("Invalid webhook");
-      return;
     }
   }
   return {