Documentation
¶
Overview ¶
Package webhook implements unauthenticated inbound webhook handlers.
The Stripe webhook verifies the Stripe-Signature header on the raw request body before dispatching events. It is mounted outside the authenticated route group because Stripe will retry any non-2xx response — after a signature check passes, the handler must always return 200 even when it decides to ignore the event.
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type EventVerifier ¶
type EventVerifier interface {
Verify(payload []byte, signatureHeader string) (stripe.Event, error)
}
EventVerifier validates the Stripe-Signature header against the raw payload and returns the decoded event. It exists as an interface so tests can bypass signature verification while still exercising the dispatch logic.
func NewSDKVerifier ¶
func NewSDKVerifier(secret string) EventVerifier
NewSDKVerifier returns the production EventVerifier backed by stripe-go.
type Handler ¶
type Handler struct {
// contains filtered or unexported fields
}
Handler processes Stripe webhook events.
func NewHandler ¶
func NewHandler(billingEnabled bool, verifier EventVerifier, usersRepo UsersRepository) *Handler
NewHandler constructs a webhook handler. verifier may be nil when billing is disabled — in that case HandleStripe short-circuits to 200 without attempting signature verification.
type UserRecord ¶
UserRecord is the minimal projection of the user row the webhook needs.
type UsersRepository ¶
type UsersRepository interface {
FindByStripeCustomerID(ctx context.Context, stripeCustomerID string) (UserRecord, error)
UpdatePlan(ctx context.Context, id uuid.UUID, plan string) error
UpdateStripeSubscriptionID(ctx context.Context, id uuid.UUID, subID *string) error
}
UsersRepository captures the user operations needed by the webhook handler. It is deliberately narrow so handler tests can mock it in-memory.
Source Files