Skip to content

Commit

Permalink
Remove HMAC validation from Giving webhook and added documentation links
Browse files Browse the repository at this point in the history
  • Loading branch information
Kwok He Chu committed Sep 20, 2023
1 parent e8e500d commit f8db3c0
Show file tree
Hide file tree
Showing 2 changed files with 38 additions and 18 deletions.
4 changes: 1 addition & 3 deletions checkout-example-advanced/Controllers/HomeController.cs
View file
Original file line number Diff line number Diff line change
@@ -1,8 +1,6 @@
using Adyen.Model.Checkout;
using adyen_dotnet_checkout_example_advanced.Options;
using adyen_dotnet_checkout_example_advanced.Options;
using Microsoft.AspNetCore.Mvc;
using Microsoft.Extensions.Options;
using System.Threading;

namespace adyen_dotnet_checkout_example_advanced.Controllers
{
Expand Down
52 changes: 37 additions & 15 deletions giving-example/Controllers/WebhookController.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -27,6 +27,7 @@ public WebhookController(ILogger<WebhookController> logger, IOptions<AdyenOption
[HttpPost("api/webhooks/notifications")]
public async Task<ActionResult<string>> Webhooks(NotificationRequest notificationRequest)
{
// Process the payment (AUTHORISATION) webhook.
_logger.LogInformation($"Webhook received::\n{notificationRequest.ToJson()}");

try
Expand Down Expand Up @@ -61,10 +62,36 @@ public async Task<ActionResult<string>> Webhooks(NotificationRequest notificatio
}


private Task ProcessNotificationAsync(NotificationRequestItem notification)
{
// Regardless of a success or not, you'd probably want to update your backend/database or (preferably) send the event to a queue for further processing.

if (!notification.Success)
{
// Perform your business logic here, process the success:false event to update your backend. We log it for now.
_logger.LogInformation($"Webhook unsuccessful: {notification.Reason} \n" +
$"EventCode: {notification.EventCode} \n" +
$"Merchant Reference ::{notification.MerchantReference} \n" +
$"PSP Reference ::{notification.PspReference} \n");

return Task.CompletedTask;
}

// Perform your business logic here, process the success:true event to update your backend. We log it for now.
_logger.LogInformation($"Received successful Webhook with event::\n" +
$"EventCode: {notification.EventCode} \n" +
$"Merchant Reference ::{notification.MerchantReference} \n" +
$"PSP Reference ::{notification.PspReference} \n");

return Task.CompletedTask;
}

[HttpPost("api/webhooks/giving")]
public async Task<ActionResult<string>> GivingWebhooks(NotificationRequest notificationRequest)
{
/// You need to enable the "DONATION" (eventCode) webhook: https://docs.adyen.com/online-payments/donations/web-component/#get-the-donation-outcome.
/// Use the originalReference to associate the donation to the shopper's original transaction.
/// See other eventCodes for webhooks here: https://docs.adyen.com/development-resources/webhooks/webhook-types/#other-webhooks.
_logger.LogInformation($"Giving Webhook received::\n{notificationRequest.ToJson()}");

try
Expand All @@ -78,16 +105,8 @@ public async Task<ActionResult<string>> GivingWebhooks(NotificationRequest notif
return BadRequest("Container has no notification items.");
}

// We always recommend to activate HMAC validation in the webhooks for security reasons.
// Read more here: https://docs.adyen.com/development-resources/webhooks/verify-hmac-signatures & https://docs.adyen.com/development-resources/webhooks#accept-notifications.
if (!_hmacValidator.IsValidHmac(container.NotificationItem, _hmacKey))
{
_logger.LogError($"Error while validating HMAC Key");
return BadRequest("[not accepted invalid hmac key]");
}

// Process notification asynchronously.
await ProcessNotificationAsync(container.NotificationItem);
await ProcessGivingNotificationAsync(container.NotificationItem);

return Ok("[accepted]");
}
Expand All @@ -98,26 +117,29 @@ public async Task<ActionResult<string>> GivingWebhooks(NotificationRequest notif
}
}

private Task ProcessNotificationAsync(NotificationRequestItem notification)
private Task ProcessGivingNotificationAsync(NotificationRequestItem notification)
{
// Regardless of a success or not, you would probably want to update your backend/database or (preferably) send the event to a queue.
// Regardless of a success or not, you'd probably want to update your backend/database or (preferably) send the event to a queue for further processing.

if (!notification.Success)
{
// Perform your business logic here, you would probably want to process the success:false event to update your backend. We log it for now.
_logger.LogInformation($"Webhook unsuccessful: {notification.Reason} \n" +
// Perform your business logic here, process the success:false event to update your backend. We log it for now.
_logger.LogInformation($"Giving Webhook unsuccessful: {notification.Reason} \n" +
$"EventCode: {notification.EventCode} \n" +
$"Merchant Reference ::{notification.MerchantReference} \n" +
$"PSP Reference ::{notification.PspReference} \n");

return Task.CompletedTask;
}

// Perform your business logic here, you would probably want to process the success:true event to update your backend. We log it for now.
_logger.LogInformation($"Received successful webhook with event::\n" +
// Perform your business logic here, process the success:true event to update your backend. We log it for now.
_logger.LogInformation($"Received successful Giving Webhook with event::\n" +
$"EventCode: {notification.EventCode} \n" +
$"Merchant Reference ::{notification.MerchantReference} \n" +
$"PSP Reference ::{notification.PspReference} \n");

return Task.CompletedTask;
}

}
}

0 comments on commit f8db3c0

Please sign in to comment.