https://github.com/gnikyt/http_shopify_webhook
A middleware for Go's net/http package for validating incoming Shopify webhooks
https://github.com/gnikyt/http_shopify_webhook
echo-middleware gin-gonic golang middleware shopify webhook
Last synced: 5 months ago
JSON representation
A middleware for Go's net/http package for validating incoming Shopify webhooks
- Host: GitHub
- URL: https://github.com/gnikyt/http_shopify_webhook
- Owner: gnikyt
- License: mit
- Created: 2019-03-28T01:15:16.000Z (about 7 years ago)
- Default Branch: master
- Last Pushed: 2022-12-06T18:52:39.000Z (over 3 years ago)
- Last Synced: 2025-02-01T02:33:48.608Z (over 1 year ago)
- Topics: echo-middleware, gin-gonic, golang, middleware, shopify, webhook
- Language: Go
- Homepage:
- Size: 29.3 KB
- Stars: 6
- Watchers: 1
- Forks: 2
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
README
# http_shopify_webhook
[](https://coveralls.io/github/gnikyt/http_shopify_webhook?branch=master)
A middleware for validating incoming Shopify webhooks.
It can be used with any framework which speaks to `http.http.ResponseWriter`, `http.Request`, and `http.HandlerFunc`. Can be used with Go's `net/http`, `echo`, `gin, and others.
## Usage
This package provides ability to grab the shop's domain, the request HMAC, and POST body of a webhook request. Then, it will reproduce the HMAC locally with the POST body and the app's secret key to see if the data matches. Essentially (in pseudo code): `base64(hmac("secret", body)) == req_hmac`.
For more information [see Shopify's article](https://help.shopify.com/en/api/getting-started/webhooks).
### net/http
```go
package main
import (
"fmt"
"log"
"net/http"
hsw "github.com/gnikyt/http_shopify_webhook"
)
// Handler. Handle your webhook here.
func handler(w http.ResponseWriter, r *http.Request) {
fmt.Fprintf(w, "Ok")
}
func main() {
secret := "key" // Your secret key for the app.
http.HandleFunc("/webhook/order-create", hsw.WebhookVerify(key, handler))
log.Fatal(http.ListenAndServe(":8080", nil))
}
```
### Echo
```go
package main
import (
"net/http"
"github.com/labstack/echo/v4"
"github.com/labstack/echo/v4/middleware"
hsw "github.com/gnikyt/http_shopify_webhook/wrapper/echo"
)
// Handler. Handle your webhook here.
func hello(c echo.Context) error {
return c.String(http.StatusOK, "Ok")
}
func main() {
secret := "key" // Your secret key for the app.
e := echo.New()
e.Use(middleware.Logger())
e.Use(middleware.Recover())
e.Use(hsw.WebhookVerify(secret))
e.POST("/webhook/order-create", handler)
e.Logger.Fatal(e.Start(":1323"))
}
```
### Gin
```go
package main
import (
"github.com/gin-gonic/gin"
hsw "github.com/gnikyt/http_shopify_webhook/wrapper/gin"
)
func main() {
secret := "key" // Your secret key for the app.
r := gin.Default()
r.Use(hsw.WebhookVerify(secret))
r.POST("/webhook/order-create", func(c *gin.Context) {
// Handle your webhook here.
c.Data(http.StatusOK, "text/plain", "Ok")
})
r.Run()
}
```
## Testing
`go test ./...`, fully tested.
## Documentation
// go doc -all
package http_shopify_webhook // import "github.com/gnikyt/http_shopify_webhook"
FUNCTIONS
func WebhookVerify(key string, fn http.HandlerFunc) http.HandlerFunc
Public webhook verify wrapper. Can be used with any framework tapping into
net/http. Simply pass in the secret key for the Shopify app. Example:
`WebhookVerify("abc123", anotherHandler)`.
func WebhookVerifyRequest(key string, w http.ResponseWriter, r *http.Request) bool
Webhook verify request from HTTP. Returns a usable handler. Pass in the
secret key for the Shopify app and the next handler.`
Also available through [godoc.org](https://godoc.org/github.com/gnikyt/http_shopify_webhook).
## LICENSE
This project is released under the MIT [license](https://github.com/gnikyt/http_shopify_webhook/blob/master/LICENSE).