297 lines
7.9 KiB
Python
297 lines
7.9 KiB
Python
"""
|
|
Example: Webhook receiver pattern.
|
|
|
|
This demonstrates:
|
|
- Processing external service callbacks
|
|
- Signature verification
|
|
- Event type handling
|
|
- Idempotency checks
|
|
- Async processing patterns
|
|
"""
|
|
|
|
import hashlib
|
|
import hmac
|
|
from flask import request
|
|
from helpers import init_db_connection, get_secret
|
|
from exceptions import ValidationError, DatabaseError
|
|
|
|
# For signed webhooks, you'll need a secret
|
|
WEBHOOK_SECRET = get_secret("WEBHOOK_SECRET", "")
|
|
|
|
|
|
def verify_signature(payload: bytes, signature: str) -> bool:
|
|
"""
|
|
Verify HMAC-SHA256 webhook signature.
|
|
|
|
Args:
|
|
payload: Raw request body bytes
|
|
signature: Signature header value (format: "sha256=<hex>")
|
|
|
|
Returns:
|
|
True if signature is valid, False otherwise
|
|
"""
|
|
if not WEBHOOK_SECRET:
|
|
return True # Skip verification if no secret configured (for dev)
|
|
|
|
expected = hmac.new(
|
|
WEBHOOK_SECRET.encode(),
|
|
payload,
|
|
hashlib.sha256
|
|
).hexdigest()
|
|
|
|
# Signature header format: "sha256=abcdef..."
|
|
received = signature.split("=", 1)[1] if "=" in signature else signature
|
|
return hmac.compare_digest(expected, received)
|
|
|
|
|
|
def webhook_receiver(event, context):
|
|
"""
|
|
```fission
|
|
{
|
|
"name": "webhook-receiver",
|
|
"http_triggers": {
|
|
"webhook": {
|
|
"url": "/webhooks/external-service",
|
|
"methods": ["POST"]
|
|
}
|
|
}
|
|
}
|
|
```
|
|
Receive and process webhook from external service.
|
|
|
|
**Request:**
|
|
- Raw JSON payload in body
|
|
- Signature header: `X-Webhook-Signature: sha256=<hmac>`
|
|
|
|
**Response:**
|
|
- 200: Webhook accepted for processing
|
|
- 400: Invalid signature or payload
|
|
- 500: Processing error
|
|
|
|
**Idempotency:**
|
|
This function is idempotent - duplicate webhooks with same
|
|
event ID will not be processed twice.
|
|
"""
|
|
# Get raw body for signature verification
|
|
payload = request.get_data()
|
|
signature = request.headers.get("X-Webhook-Signature", "")
|
|
|
|
# Verify signature
|
|
if not verify_signature(payload, signature):
|
|
raise ValidationError("Invalid webhook signature")
|
|
|
|
# Parse payload
|
|
try:
|
|
data = request.get_json()
|
|
except Exception as e:
|
|
raise ValidationError(f"Invalid JSON payload: {str(e)}")
|
|
|
|
# Validate required fields
|
|
event_id = data.get("event_id") or data.get("id")
|
|
event_type = data.get("event_type") or data.get("type")
|
|
|
|
if not event_id:
|
|
raise ValidationError("Missing event_id in webhook payload")
|
|
|
|
if not event_type:
|
|
raise ValidationError("Missing event_type in webhook payload")
|
|
|
|
# Idempotency check: have we already processed this event?
|
|
conn = None
|
|
try:
|
|
conn = init_db_connection()
|
|
cursor = conn.cursor()
|
|
|
|
# Check if event already processed
|
|
cursor.execute(
|
|
"SELECT id FROM webhook_events WHERE event_id = %s",
|
|
(event_id,)
|
|
)
|
|
if cursor.fetchone():
|
|
# Already processed - return success (idempotent)
|
|
return {"status": "already_processed", "event_id": event_id}
|
|
|
|
# Record webhook event (for idempotency)
|
|
cursor.execute(
|
|
"""
|
|
INSERT INTO webhook_events (event_id, event_type, payload, received_at)
|
|
VALUES (%s, %s, %s, NOW())
|
|
""",
|
|
(event_id, event_type, payload.decode('utf-8'))
|
|
)
|
|
|
|
# Process based on event type
|
|
result = process_event(cursor, event_type, data)
|
|
|
|
conn.commit()
|
|
return {"status": "processed", "event_id": event_id, "result": result}
|
|
|
|
except Exception as e:
|
|
if conn:
|
|
conn.rollback()
|
|
raise DatabaseError(f"Failed to process webhook: {str(e)}")
|
|
finally:
|
|
if conn:
|
|
conn.close()
|
|
|
|
|
|
def process_event(cursor, event_type: str, data: dict):
|
|
"""
|
|
Route event to appropriate handler.
|
|
|
|
Args:
|
|
cursor: Database cursor
|
|
event_type: Type of event (e.g., "user.created", "order.updated")
|
|
data: Event payload
|
|
|
|
Returns:
|
|
Handler result
|
|
"""
|
|
handlers = {
|
|
"user.created": handle_user_created,
|
|
"user.updated": handle_user_updated,
|
|
"user.deleted": handle_user_deleted,
|
|
"order.created": handle_order_created,
|
|
"order.paid": handle_order_paid,
|
|
"order.shipped": handle_order_shipped,
|
|
}
|
|
|
|
handler = handlers.get(event_type)
|
|
if not handler:
|
|
# Log unknown event type but don't fail
|
|
logger = get_logger()
|
|
logger.warning(f"Unhandled webhook event type: {event_type}")
|
|
return {"skipped": True, "reason": "unknown_event_type"}
|
|
|
|
return handler(cursor, data)
|
|
|
|
|
|
def handle_user_created(cursor, data: dict):
|
|
"""Handle user creation event."""
|
|
user_id = data.get("user_id") or data.get("id")
|
|
email = data.get("email")
|
|
name = data.get("name")
|
|
|
|
# Create user record
|
|
cursor.execute(
|
|
"""
|
|
INSERT INTO users (id, email, name, created_at)
|
|
VALUES (%s, %s, %s, NOW())
|
|
ON CONFLICT (id) DO UPDATE SET
|
|
email = EXCLUDED.email,
|
|
name = EXCLUDED.name,
|
|
updated_at = NOW()
|
|
""",
|
|
(user_id, email, name)
|
|
)
|
|
|
|
# Send welcome email (async via message queue, etc.)
|
|
# enqueue_welcome_email(user_id, email)
|
|
|
|
return {"action": "user_created", "user_id": user_id}
|
|
|
|
|
|
def handle_user_updated(cursor, data: dict):
|
|
"""Handle user update event."""
|
|
user_id = data.get("user_id") or data.get("id")
|
|
updates = data.get("updates", {})
|
|
|
|
# Build dynamic update
|
|
set_clauses = []
|
|
params = []
|
|
for key, value in updates.items():
|
|
set_clauses.append(f"{key} = %s")
|
|
params.append(value)
|
|
params.append(user_id)
|
|
|
|
cursor.execute(
|
|
f"UPDATE users SET {', '.join(set_clauses)}, updated_at = NOW() WHERE id = %s",
|
|
params
|
|
)
|
|
|
|
return {"action": "user_updated", "user_id": user_id}
|
|
|
|
|
|
def handle_user_deleted(cursor, data: dict):
|
|
"""Handle user deletion event."""
|
|
user_id = data.get("user_id") or data.get("id")
|
|
|
|
# Soft delete (mark as inactive)
|
|
cursor.execute(
|
|
"UPDATE users SET status = 'deleted', deleted_at = NOW() WHERE id = %s",
|
|
(user_id,)
|
|
)
|
|
|
|
return {"action": "user_deleted", "user_id": user_id}
|
|
|
|
|
|
def handle_order_created(cursor, data: dict):
|
|
"""Handle order creation event."""
|
|
order_id = data.get("order_id") or data.get("id")
|
|
user_id = data.get("user_id")
|
|
total = data.get("total")
|
|
|
|
cursor.execute(
|
|
"""
|
|
INSERT INTO orders (id, user_id, total, status, created_at)
|
|
VALUES (%s, %s, %s, 'pending', NOW())
|
|
""",
|
|
(order_id, user_id, total)
|
|
)
|
|
|
|
return {"action": "order_created", "order_id": order_id}
|
|
|
|
|
|
def handle_order_paid(cursor, data: dict):
|
|
"""Handle order payment event."""
|
|
order_id = data.get("order_id") or data.get("id")
|
|
payment_id = data.get("payment_id")
|
|
amount = data.get("amount")
|
|
|
|
cursor.execute(
|
|
"""
|
|
UPDATE orders
|
|
SET status = 'paid',
|
|
paid_amount = %s,
|
|
payment_id = %s,
|
|
paid_at = NOW()
|
|
WHERE id = %s
|
|
""",
|
|
(amount, payment_id, order_id)
|
|
)
|
|
|
|
# Trigger fulfillment
|
|
# enqueue_fulfillment(order_id)
|
|
|
|
return {"action": "order_paid", "order_id": order_id}
|
|
|
|
|
|
def handle_order_shipped(cursor, data: dict):
|
|
"""Handle order shipment event."""
|
|
order_id = data.get("order_id") or data.get("id")
|
|
tracking_number = data.get("tracking_number")
|
|
carrier = data.get("carrier")
|
|
|
|
cursor.execute(
|
|
"""
|
|
UPDATE orders
|
|
SET status = 'shipped',
|
|
tracking_number = %s,
|
|
carrier = %s,
|
|
shipped_at = NOW()
|
|
WHERE id = %s
|
|
""",
|
|
(tracking_number, carrier, order_id)
|
|
)
|
|
|
|
# Send shipping notification
|
|
# send_shipping_email(order_id)
|
|
|
|
return {"action": "order_shipped", "order_id": order_id}
|
|
|
|
|
|
def get_logger():
|
|
"""Get logger instance."""
|
|
import logging
|
|
return logging.getLogger(__name__)
|