ExStoneOpenbank v0.1.2 ExStoneOpenbank.Webhooks View Source

Handles incoming webhooks.

A webhook is a JSON object with only the key encrypted_body and a JWE as its value.

The algorithm used is RSA-OAEP-256 of the JWA specification.

Link to this section Summary

Functions

Validate and open the webhook payload.

Link to this section Functions

Link to this function

incoming(config_name, map)

View Source
incoming(config_name :: atom(), webhook :: map()) ::
  {:ok, map()} | {:error, reason :: atom()}

Validate and open the webhook payload.

First, it decrypts using our private key. Then, we validate the contents with a known public key (see ExStoneOpenbank.Webhooks.StoneJWKS). If all is valid, we return the contents.

This function needs a recent OTP version compiled with a recent OpenSSL library version.