alamin
/
textbee
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
Browse Source

fix(api): fix polar webhook signature verification issue

pull/52/head
isra el 1 year ago
parent
2e924f277a
commit
c572070270
4 changed files with 66 additions and 19 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 1
      api/package.json
  2. 78
      api/pnpm-lock.yaml
  3. 4
      api/src/billing/billing.service.ts
  4. 2
      api/src/main.ts

1
api/package.json
View File

@ -34,6 +34,7 @@
"axios": "^1.7.7", "axios": "^1.7.7",
"bcryptjs": "^2.4.3", "bcryptjs": "^2.4.3",
"dotenv": "^16.4.5", "dotenv": "^16.4.5",
"express": "^4.21.2",
"firebase-admin": "^12.6.0", "firebase-admin": "^12.6.0",
"handlebars": "^4.7.8", "handlebars": "^4.7.8",
"mongoose": "^8.7.2", "mongoose": "^8.7.2",

78
api/pnpm-lock.yaml
View File

@ -10,7 +10,7 @@ importers:
dependencies: dependencies:
'@nest-modules/mailer': '@nest-modules/mailer':
specifier: ^1.3.22 specifier: ^1.3.22
version: 1.3.22(@nestjs/common@10.4.5(reflect-metadata@0.2.2)(rxjs@7.8.1))(@nestjs/core@10.4.5(@nestjs/common@10.4.5(reflect-metadata@0.2.2)(rxjs@7.8.1))(@nestjs/platform-express@10.4.5)(reflect-metadata@0.2.2)(rxjs@7.8.1))(nodemailer@6.9.15)
version: 1.3.22(@nestjs/common@10.4.5(reflect-metadata@0.2.2)(rxjs@7.8.1))(@nestjs/core@10.4.5)(nodemailer@6.9.15)
'@nestjs/common': '@nestjs/common':
specifier: ^10.4.5 specifier: ^10.4.5
version: 10.4.5(reflect-metadata@0.2.2)(rxjs@7.8.1) version: 10.4.5(reflect-metadata@0.2.2)(rxjs@7.8.1)
@ -22,7 +22,7 @@ importers:
version: 10.2.0(@nestjs/common@10.4.5(reflect-metadata@0.2.2)(rxjs@7.8.1)) version: 10.2.0(@nestjs/common@10.4.5(reflect-metadata@0.2.2)(rxjs@7.8.1))
'@nestjs/mongoose': '@nestjs/mongoose':
specifier: ^10.0.10 specifier: ^10.0.10
version: 10.0.10(@nestjs/common@10.4.5(reflect-metadata@0.2.2)(rxjs@7.8.1))(@nestjs/core@10.4.5(@nestjs/common@10.4.5(reflect-metadata@0.2.2)(rxjs@7.8.1))(@nestjs/platform-express@10.4.5)(reflect-metadata@0.2.2)(rxjs@7.8.1))(mongoose@8.7.2(@aws-sdk/credential-providers@3.675.0(@aws-sdk/client-sso-oidc@3.675.0(@aws-sdk/client-sts@3.675.0)))(socks@2.8.3))(rxjs@7.8.1)
version: 10.0.10(@nestjs/common@10.4.5(reflect-metadata@0.2.2)(rxjs@7.8.1))(@nestjs/core@10.4.5)(mongoose@8.7.2(@aws-sdk/credential-providers@3.675.0(@aws-sdk/client-sso-oidc@3.675.0(@aws-sdk/client-sts@3.675.0)))(socks@2.8.3))(rxjs@7.8.1)
'@nestjs/passport': '@nestjs/passport':
specifier: ^10.0.3 specifier: ^10.0.3
version: 10.0.3(@nestjs/common@10.4.5(reflect-metadata@0.2.2)(rxjs@7.8.1))(passport@0.7.0) version: 10.0.3(@nestjs/common@10.4.5(reflect-metadata@0.2.2)(rxjs@7.8.1))(passport@0.7.0)
@ -31,13 +31,13 @@ importers:
version: 10.4.5(@nestjs/common@10.4.5(reflect-metadata@0.2.2)(rxjs@7.8.1))(@nestjs/core@10.4.5) version: 10.4.5(@nestjs/common@10.4.5(reflect-metadata@0.2.2)(rxjs@7.8.1))(@nestjs/core@10.4.5)
'@nestjs/schedule': '@nestjs/schedule':
specifier: ^4.1.1 specifier: ^4.1.1
version: 4.1.1(@nestjs/common@10.4.5(reflect-metadata@0.2.2)(rxjs@7.8.1))(@nestjs/core@10.4.5(@nestjs/common@10.4.5(reflect-metadata@0.2.2)(rxjs@7.8.1))(@nestjs/platform-express@10.4.5)(reflect-metadata@0.2.2)(rxjs@7.8.1))
version: 4.1.1(@nestjs/common@10.4.5(reflect-metadata@0.2.2)(rxjs@7.8.1))(@nestjs/core@10.4.5)
'@nestjs/swagger': '@nestjs/swagger':
specifier: ^7.4.2 specifier: ^7.4.2
version: 7.4.2(@nestjs/common@10.4.5(reflect-metadata@0.2.2)(rxjs@7.8.1))(@nestjs/core@10.4.5(@nestjs/common@10.4.5(reflect-metadata@0.2.2)(rxjs@7.8.1))(@nestjs/platform-express@10.4.5)(reflect-metadata@0.2.2)(rxjs@7.8.1))(reflect-metadata@0.2.2)
version: 7.4.2(@nestjs/common@10.4.5(reflect-metadata@0.2.2)(rxjs@7.8.1))(@nestjs/core@10.4.5)(reflect-metadata@0.2.2)
'@nestjs/throttler': '@nestjs/throttler':
specifier: ^6.2.1 specifier: ^6.2.1
version: 6.2.1(@nestjs/common@10.4.5(reflect-metadata@0.2.2)(rxjs@7.8.1))(@nestjs/core@10.4.5(@nestjs/common@10.4.5(reflect-metadata@0.2.2)(rxjs@7.8.1))(@nestjs/platform-express@10.4.5)(reflect-metadata@0.2.2)(rxjs@7.8.1))(reflect-metadata@0.2.2)
version: 6.2.1(@nestjs/common@10.4.5(reflect-metadata@0.2.2)(rxjs@7.8.1))(@nestjs/core@10.4.5)(reflect-metadata@0.2.2)
'@polar-sh/sdk': '@polar-sh/sdk':
specifier: ^0.19.2 specifier: ^0.19.2
version: 0.19.2(zod@3.24.1) version: 0.19.2(zod@3.24.1)
@ -50,6 +50,9 @@ importers:
dotenv: dotenv:
specifier: ^16.4.5 specifier: ^16.4.5
version: 16.4.5 version: 16.4.5
express:
specifier: ^4.21.2
version: 4.21.2
firebase-admin: firebase-admin:
specifier: ^12.6.0 specifier: ^12.6.0
version: 12.6.0 version: 12.6.0
@ -79,7 +82,7 @@ importers:
version: 7.8.1 version: 7.8.1
swagger-ui-express: swagger-ui-express:
specifier: ^5.0.1 specifier: ^5.0.1
version: 5.0.1(express@4.21.1)
version: 5.0.1(express@4.21.2)
uuid: uuid:
specifier: ^10.0.0 specifier: ^10.0.0
version: 10.0.0 version: 10.0.0
@ -92,7 +95,7 @@ importers:
version: 10.2.2(chokidar@3.6.0)(typescript@5.6.3) version: 10.2.2(chokidar@3.6.0)(typescript@5.6.3)
'@nestjs/testing': '@nestjs/testing':
specifier: ^10.4.5 specifier: ^10.4.5
version: 10.4.5(@nestjs/common@10.4.5(reflect-metadata@0.2.2)(rxjs@7.8.1))(@nestjs/core@10.4.5(@nestjs/common@10.4.5(reflect-metadata@0.2.2)(rxjs@7.8.1))(@nestjs/platform-express@10.4.5)(reflect-metadata@0.2.2)(rxjs@7.8.1))(@nestjs/platform-express@10.4.5(@nestjs/common@10.4.5(reflect-metadata@0.2.2)(rxjs@7.8.1))(@nestjs/core@10.4.5))
version: 10.4.5(@nestjs/common@10.4.5(reflect-metadata@0.2.2)(rxjs@7.8.1))(@nestjs/core@10.4.5)(@nestjs/platform-express@10.4.5)
'@types/express': '@types/express':
specifier: ^5.0.0 specifier: ^5.0.0
version: 5.0.0 version: 5.0.0
@ -2146,6 +2149,10 @@ packages:
resolution: {integrity: sha512-YSFlK1Ee0/GC8QaO91tHcDxJiE/X4FbpAyQWkxAvG6AXCuR65YzK8ua6D9hvi/TzUfZMpc+BwuM1IPw8fmQBiQ==} resolution: {integrity: sha512-YSFlK1Ee0/GC8QaO91tHcDxJiE/X4FbpAyQWkxAvG6AXCuR65YzK8ua6D9hvi/TzUfZMpc+BwuM1IPw8fmQBiQ==}
engines: {node: '>= 0.10.0'} engines: {node: '>= 0.10.0'}
express@4.21.2:
resolution: {integrity: sha512-28HqgMZAmih1Czt9ny7qr6ek2qddF4FclbMzwhCREB6OFfH+rXAnuNCwo1/wFvrtbgsQDb4kSbX9de9lFbrXnA==}
engines: {node: '>= 0.10.0'}
extend@3.0.2: extend@3.0.2:
resolution: {integrity: sha512-fjquC59cD7CyW6urNXK0FBufkZcoiGG80wTuPujX590cB5Ttln20E2UB4S/WARVqhXffZl2LNgS+gQdPIIim/g==} resolution: {integrity: sha512-fjquC59cD7CyW6urNXK0FBufkZcoiGG80wTuPujX590cB5Ttln20E2UB4S/WARVqhXffZl2LNgS+gQdPIIim/g==}
@ -3349,6 +3356,9 @@ packages:
path-to-regexp@0.1.10: path-to-regexp@0.1.10:
resolution: {integrity: sha512-7lf7qcQidTku0Gu3YDPc8DJ1q7OOucfa/BSsIwjuh56VU7katFvuM8hULfkwB3Fns/rsVF7PwPKVw1sl5KQS9w==} resolution: {integrity: sha512-7lf7qcQidTku0Gu3YDPc8DJ1q7OOucfa/BSsIwjuh56VU7katFvuM8hULfkwB3Fns/rsVF7PwPKVw1sl5KQS9w==}
path-to-regexp@0.1.12:
resolution: {integrity: sha512-RA1GjUVMnvYFxuqovrEqZoxxW5NUZqbwKtYz/Tt7nXerk0LbLblQmrsgdeOxV5SFHf0UDggjS/bSeOZwt1pmEQ==}
path-to-regexp@3.3.0: path-to-regexp@3.3.0:
resolution: {integrity: sha512-qyCH421YQPS2WFDxDjftfc1ZR5WKQzVzqsp4n9M2kQhVOo/ByahFoUNJfl58kOcEGfQ//7weFTDhm+ss8Ecxgw==} resolution: {integrity: sha512-qyCH421YQPS2WFDxDjftfc1ZR5WKQzVzqsp4n9M2kQhVOo/ByahFoUNJfl58kOcEGfQ//7weFTDhm+ss8Ecxgw==}
@ -5314,7 +5324,7 @@ snapshots:
dependencies: dependencies:
sparse-bitfield: 3.0.3 sparse-bitfield: 3.0.3
'@nest-modules/mailer@1.3.22(@nestjs/common@10.4.5(reflect-metadata@0.2.2)(rxjs@7.8.1))(@nestjs/core@10.4.5(@nestjs/common@10.4.5(reflect-metadata@0.2.2)(rxjs@7.8.1))(@nestjs/platform-express@10.4.5)(reflect-metadata@0.2.2)(rxjs@7.8.1))(nodemailer@6.9.15)':
'@nest-modules/mailer@1.3.22(@nestjs/common@10.4.5(reflect-metadata@0.2.2)(rxjs@7.8.1))(@nestjs/core@10.4.5)(nodemailer@6.9.15)':
dependencies: dependencies:
'@nestjs/common': 10.4.5(reflect-metadata@0.2.2)(rxjs@7.8.1) '@nestjs/common': 10.4.5(reflect-metadata@0.2.2)(rxjs@7.8.1)
'@nestjs/core': 10.4.5(@nestjs/common@10.4.5(reflect-metadata@0.2.2)(rxjs@7.8.1))(@nestjs/platform-express@10.4.5)(reflect-metadata@0.2.2)(rxjs@7.8.1) '@nestjs/core': 10.4.5(@nestjs/common@10.4.5(reflect-metadata@0.2.2)(rxjs@7.8.1))(@nestjs/platform-express@10.4.5)(reflect-metadata@0.2.2)(rxjs@7.8.1)
@ -5388,7 +5398,7 @@ snapshots:
'@nestjs/common': 10.4.5(reflect-metadata@0.2.2)(rxjs@7.8.1) '@nestjs/common': 10.4.5(reflect-metadata@0.2.2)(rxjs@7.8.1)
reflect-metadata: 0.2.2 reflect-metadata: 0.2.2
'@nestjs/mongoose@10.0.10(@nestjs/common@10.4.5(reflect-metadata@0.2.2)(rxjs@7.8.1))(@nestjs/core@10.4.5(@nestjs/common@10.4.5(reflect-metadata@0.2.2)(rxjs@7.8.1))(@nestjs/platform-express@10.4.5)(reflect-metadata@0.2.2)(rxjs@7.8.1))(mongoose@8.7.2(@aws-sdk/credential-providers@3.675.0(@aws-sdk/client-sso-oidc@3.675.0(@aws-sdk/client-sts@3.675.0)))(socks@2.8.3))(rxjs@7.8.1)':
'@nestjs/mongoose@10.0.10(@nestjs/common@10.4.5(reflect-metadata@0.2.2)(rxjs@7.8.1))(@nestjs/core@10.4.5)(mongoose@8.7.2(@aws-sdk/credential-providers@3.675.0(@aws-sdk/client-sso-oidc@3.675.0(@aws-sdk/client-sts@3.675.0)))(socks@2.8.3))(rxjs@7.8.1)':
dependencies: dependencies:
'@nestjs/common': 10.4.5(reflect-metadata@0.2.2)(rxjs@7.8.1) '@nestjs/common': 10.4.5(reflect-metadata@0.2.2)(rxjs@7.8.1)
'@nestjs/core': 10.4.5(@nestjs/common@10.4.5(reflect-metadata@0.2.2)(rxjs@7.8.1))(@nestjs/platform-express@10.4.5)(reflect-metadata@0.2.2)(rxjs@7.8.1) '@nestjs/core': 10.4.5(@nestjs/common@10.4.5(reflect-metadata@0.2.2)(rxjs@7.8.1))(@nestjs/platform-express@10.4.5)(reflect-metadata@0.2.2)(rxjs@7.8.1)
@ -5412,7 +5422,7 @@ snapshots:
transitivePeerDependencies: transitivePeerDependencies:
- supports-color - supports-color
'@nestjs/schedule@4.1.1(@nestjs/common@10.4.5(reflect-metadata@0.2.2)(rxjs@7.8.1))(@nestjs/core@10.4.5(@nestjs/common@10.4.5(reflect-metadata@0.2.2)(rxjs@7.8.1))(@nestjs/platform-express@10.4.5)(reflect-metadata@0.2.2)(rxjs@7.8.1))':
'@nestjs/schedule@4.1.1(@nestjs/common@10.4.5(reflect-metadata@0.2.2)(rxjs@7.8.1))(@nestjs/core@10.4.5)':
dependencies: dependencies:
'@nestjs/common': 10.4.5(reflect-metadata@0.2.2)(rxjs@7.8.1) '@nestjs/common': 10.4.5(reflect-metadata@0.2.2)(rxjs@7.8.1)
'@nestjs/core': 10.4.5(@nestjs/common@10.4.5(reflect-metadata@0.2.2)(rxjs@7.8.1))(@nestjs/platform-express@10.4.5)(reflect-metadata@0.2.2)(rxjs@7.8.1) '@nestjs/core': 10.4.5(@nestjs/common@10.4.5(reflect-metadata@0.2.2)(rxjs@7.8.1))(@nestjs/platform-express@10.4.5)(reflect-metadata@0.2.2)(rxjs@7.8.1)
@ -5441,7 +5451,7 @@ snapshots:
transitivePeerDependencies: transitivePeerDependencies:
- chokidar - chokidar
'@nestjs/swagger@7.4.2(@nestjs/common@10.4.5(reflect-metadata@0.2.2)(rxjs@7.8.1))(@nestjs/core@10.4.5(@nestjs/common@10.4.5(reflect-metadata@0.2.2)(rxjs@7.8.1))(@nestjs/platform-express@10.4.5)(reflect-metadata@0.2.2)(rxjs@7.8.1))(reflect-metadata@0.2.2)':
'@nestjs/swagger@7.4.2(@nestjs/common@10.4.5(reflect-metadata@0.2.2)(rxjs@7.8.1))(@nestjs/core@10.4.5)(reflect-metadata@0.2.2)':
dependencies: dependencies:
'@microsoft/tsdoc': 0.15.0 '@microsoft/tsdoc': 0.15.0
'@nestjs/common': 10.4.5(reflect-metadata@0.2.2)(rxjs@7.8.1) '@nestjs/common': 10.4.5(reflect-metadata@0.2.2)(rxjs@7.8.1)
@ -5453,7 +5463,7 @@ snapshots:
reflect-metadata: 0.2.2 reflect-metadata: 0.2.2
swagger-ui-dist: 5.17.14 swagger-ui-dist: 5.17.14
'@nestjs/testing@10.4.5(@nestjs/common@10.4.5(reflect-metadata@0.2.2)(rxjs@7.8.1))(@nestjs/core@10.4.5(@nestjs/common@10.4.5(reflect-metadata@0.2.2)(rxjs@7.8.1))(@nestjs/platform-express@10.4.5)(reflect-metadata@0.2.2)(rxjs@7.8.1))(@nestjs/platform-express@10.4.5(@nestjs/common@10.4.5(reflect-metadata@0.2.2)(rxjs@7.8.1))(@nestjs/core@10.4.5))':
'@nestjs/testing@10.4.5(@nestjs/common@10.4.5(reflect-metadata@0.2.2)(rxjs@7.8.1))(@nestjs/core@10.4.5)(@nestjs/platform-express@10.4.5)':
dependencies: dependencies:
'@nestjs/common': 10.4.5(reflect-metadata@0.2.2)(rxjs@7.8.1) '@nestjs/common': 10.4.5(reflect-metadata@0.2.2)(rxjs@7.8.1)
'@nestjs/core': 10.4.5(@nestjs/common@10.4.5(reflect-metadata@0.2.2)(rxjs@7.8.1))(@nestjs/platform-express@10.4.5)(reflect-metadata@0.2.2)(rxjs@7.8.1) '@nestjs/core': 10.4.5(@nestjs/common@10.4.5(reflect-metadata@0.2.2)(rxjs@7.8.1))(@nestjs/platform-express@10.4.5)(reflect-metadata@0.2.2)(rxjs@7.8.1)
@ -5461,7 +5471,7 @@ snapshots:
optionalDependencies: optionalDependencies:
'@nestjs/platform-express': 10.4.5(@nestjs/common@10.4.5(reflect-metadata@0.2.2)(rxjs@7.8.1))(@nestjs/core@10.4.5) '@nestjs/platform-express': 10.4.5(@nestjs/common@10.4.5(reflect-metadata@0.2.2)(rxjs@7.8.1))(@nestjs/core@10.4.5)
'@nestjs/throttler@6.2.1(@nestjs/common@10.4.5(reflect-metadata@0.2.2)(rxjs@7.8.1))(@nestjs/core@10.4.5(@nestjs/common@10.4.5(reflect-metadata@0.2.2)(rxjs@7.8.1))(@nestjs/platform-express@10.4.5)(reflect-metadata@0.2.2)(rxjs@7.8.1))(reflect-metadata@0.2.2)':
'@nestjs/throttler@6.2.1(@nestjs/common@10.4.5(reflect-metadata@0.2.2)(rxjs@7.8.1))(@nestjs/core@10.4.5)(reflect-metadata@0.2.2)':
dependencies: dependencies:
'@nestjs/common': 10.4.5(reflect-metadata@0.2.2)(rxjs@7.8.1) '@nestjs/common': 10.4.5(reflect-metadata@0.2.2)(rxjs@7.8.1)
'@nestjs/core': 10.4.5(@nestjs/common@10.4.5(reflect-metadata@0.2.2)(rxjs@7.8.1))(@nestjs/platform-express@10.4.5)(reflect-metadata@0.2.2)(rxjs@7.8.1) '@nestjs/core': 10.4.5(@nestjs/common@10.4.5(reflect-metadata@0.2.2)(rxjs@7.8.1))(@nestjs/platform-express@10.4.5)(reflect-metadata@0.2.2)(rxjs@7.8.1)
@ -7084,6 +7094,42 @@ snapshots:
transitivePeerDependencies: transitivePeerDependencies:
- supports-color - supports-color
express@4.21.2:
dependencies:
accepts: 1.3.8
array-flatten: 1.1.1
body-parser: 1.20.3
content-disposition: 0.5.4
content-type: 1.0.5
cookie: 0.7.1
cookie-signature: 1.0.6
debug: 2.6.9
depd: 2.0.0
encodeurl: 2.0.0
escape-html: 1.0.3
etag: 1.8.1
finalhandler: 1.3.1
fresh: 0.5.2
http-errors: 2.0.0
merge-descriptors: 1.0.3
methods: 1.1.2
on-finished: 2.4.1
parseurl: 1.3.3
path-to-regexp: 0.1.12
proxy-addr: 2.0.7
qs: 6.13.0
range-parser: 1.2.1
safe-buffer: 5.2.1
send: 0.19.0
serve-static: 1.16.2
setprototypeof: 1.2.0
statuses: 2.0.1
type-is: 1.6.18
utils-merge: 1.0.1
vary: 1.1.2
transitivePeerDependencies:
- supports-color
extend@3.0.2: extend@3.0.2:
optional: true optional: true
@ -8593,6 +8639,8 @@ snapshots:
path-to-regexp@0.1.10: {} path-to-regexp@0.1.10: {}
path-to-regexp@0.1.12: {}
path-to-regexp@3.3.0: {} path-to-regexp@3.3.0: {}
path-type@4.0.0: {} path-type@4.0.0: {}
@ -9158,9 +9206,9 @@ snapshots:
swagger-ui-dist@5.17.14: {} swagger-ui-dist@5.17.14: {}
swagger-ui-express@5.0.1(express@4.21.1):
swagger-ui-express@5.0.1(express@4.21.2):
dependencies: dependencies:
express: 4.21.1
express: 4.21.2
swagger-ui-dist: 5.17.14 swagger-ui-dist: 5.17.14
symbol-observable@4.0.0: {} symbol-observable@4.0.0: {}

4
api/src/billing/billing.service.ts
View File

@ -413,10 +413,6 @@ export class BillingService {
'webhook-timestamp': headers['webhook-timestamp'] ?? '', 'webhook-timestamp': headers['webhook-timestamp'] ?? '',
'webhook-signature': headers['webhook-signature'] ?? '', 'webhook-signature': headers['webhook-signature'] ?? '',
} }
console.log('webhookHeaders')
console.log(webhookHeaders)
try { try {
const webhookPayload = validateEvent( const webhookPayload = validateEvent(
payload, payload,

2
api/src/main.ts
View File

@ -4,6 +4,7 @@ import { NestFactory } from '@nestjs/core'
import { AppModule } from './app.module' import { AppModule } from './app.module'
import * as firebase from 'firebase-admin' import * as firebase from 'firebase-admin'
import { DocumentBuilder, SwaggerModule } from '@nestjs/swagger' import { DocumentBuilder, SwaggerModule } from '@nestjs/swagger'
import * as express from 'express';
async function bootstrap() { async function bootstrap() {
const app = await NestFactory.create(AppModule) const app = await NestFactory.create(AppModule)
@ -50,6 +51,7 @@ async function bootstrap() {
credential: firebase.credential.cert(firebaseConfig), credential: firebase.credential.cert(firebaseConfig),
}) })
app.use('/api/v1/billing/webhook/polar', express.raw({ type: 'application/json' }));
app.enableCors() app.enableCors()
await app.listen(PORT) await app.listen(PORT)
} }

Write Preview
Loading…
Cancel
Save