siftsciex_plug v0.3.0 Siftsciex.HookValidator

The SigPlug is responsible for checking for a Sift Science signature header and if present verifying that the body is valid.

If you are using Plug.Parsers then you should add this module to the opts for :body_reader. This will ensure that the signature can be calculated on the raw body before the Parser consumes it.

plug Plug.Parsers,
  parsers: [:urlencoded, :multipart, :json],
  pass: ["*/*"],
  body_reader: {Siftsciex.HookValidator, :validate, []},
  json_decoder: Poison

Link to this section Summary

Functions

Validates a Sift Science Web Hook request against the provided signature. The result of the validation is stored on the Plug.Conn.t/0 struct in assigns -> :siftsciex_plug. In the case where the request did not have a signature value then assigns -> :siftsciex_plug will be nil

Link to this section Functions

Link to this function get_sig(headers)
get_sig([{binary(), binary()}]) :: binary() | nil
Link to this function valid?(arg, conn, body)
valid?(
  {:ok, Siftsciex.HookSig.t()} | {:error, String.t(), String.t()},
  Plug.Conn.t(),
  String.t()
) :: {:ok, String.t(), Plug.Conn.t()}
Link to this function validate(conn, opts)
validate(Plug.Conn.t(), Keyword.t()) :: {:ok, String.t(), Plug.Conn.t()}

Validates a Sift Science Web Hook request against the provided signature. The result of the validation is stored on the Plug.Conn.t/0 struct in assigns -> :siftsciex_plug. In the case where the request did not have a signature value then assigns -> :siftsciex_plug will be nil.

Parameters

  • conn: The Plug connection which should be checked and validated
  • opts: Any options for the read_body call
Link to this function verify(sig, conn, body)
verify(nil | Siftsciex.HookSig.t(), Plug.Conn.t(), String.t()) ::
  {:ok, String.t(), Plug.Conn.t()}