ahmedengu · March 10, 2017 03:26
diff --git a/index.js b/index.js
 /*
 1- Install(using npm): Express, body-parser, php-serialize, crypto
    * npm install --save express body-parser php-serialize crypto
 2- read Paddle docs: https://paddle.com/docs/reference-verifying-webhooks
 3- GoTo line 32 to set your public key, available here: https://vendors.paddle.com/account
 4- Run it
 5- Send post request to http://localhost:8080/paddleWebhook
    * you can use https://requestb.in to get the payload from paddle request simulator
    * paddle simulator (Webhook Alert Testing) : https://vendors.paddle.com/webhook-alert-test
 6- Testing result should be like this:
    * valid payload: result: ok , status code 200
    * else: error: invalid signature , status code 500
 7- GoTo line 44 to write your business logic
 */

 express = require('express');
 app = express();
 app.use(require('body-parser').urlencoded({extended: true}));
 Serialize = require('php-serialize');
 crypto = require('crypto');

 app.post('/paddleWebhook', function (req, res) {
    let params = req.body;
    let signature = params.p_signature;
    delete params.p_signature;
    let serialize = Serialize.serialize(Object.keys(params).sort().reduce((r, k) => (r[k] = params[k], r), {}));
    let verify = crypto.createVerify('RSA-SHA1');
    verify.write(serialize);
    verify.end();

    // YOUR public key here
    let publicKey = `-----BEGIN PUBLIC KEY-----
 -----END PUBLIC KEY-----`;

    if (!verify.verify(publicKey, signature, 'base64')) {
        // in case of invalid signature return a 500 status code
        res.status(500).send({
            "error": "invalid signature"
        });
        return;
    }

    /*
     * Your Logic
     */

    // return ok , status code 200
    res.send({result: 'ok'});
 });

 app.get('/', function (req, res) {
    res.status(200).send(`
 <ol>
 <li>Install(using npm): Express, body-parser, php-serialize, crypto


 <ul>
 <li>npm install --save express body-parser php-serialize crypto</li></ul>
 </li>

 <li>read Paddle docs: https://paddle.com/docs/reference-verifying-webhooks</li>

 <li>GoTo line 32 to set your public key, available here: https://vendors.paddle.com/account</li>

 <li>Run it</li>

 <li>Send post request to http://localhost:8080/paddleWebhook


 <ul>
 <li>you can use https://requestb.in to get the payload from paddle request simulator</li>

 <li>paddle simulator (Webhook Alert Testing) : https://vendors.paddle.com/webhook-alert-test</li></ul>
 </li>

 <li>Testing result should be like this:


 <ul>
 <li>valid payload: result: ok , status code 200</li>

 <li>else: error: invalid signature , status code 500</li></ul>
 </li>

 <li>GoTo line 44 to write your business logic</li>
 </ol>
 `);
 });

 port = 8080;
 app.listen(port, function () {
    console.log('Your app listening to port: ' + port);
 });
	/*
	1- Install(using npm): Express, body-parser, php-serialize, crypto
	* npm install --save express body-parser php-serialize crypto
	2- read Paddle docs: https://paddle.com/docs/reference-verifying-webhooks
	3- GoTo line 32 to set your public key, available here: https://vendors.paddle.com/account
	4- Run it
	5- Send post request to http://localhost:8080/paddleWebhook
	* you can use https://requestb.in to get the payload from paddle request simulator
	* paddle simulator (Webhook Alert Testing) : https://vendors.paddle.com/webhook-alert-test
	6- Testing result should be like this:
	* valid payload: result: ok , status code 200
	* else: error: invalid signature , status code 500
	7- GoTo line 44 to write your business logic
	*/

	express = require('express');
	app = express();
	app.use(require('body-parser').urlencoded({extended: true}));
	Serialize = require('php-serialize');
	crypto = require('crypto');

	app.post('/paddleWebhook', function (req, res) {
	let params = req.body;
	let signature = params.p_signature;
	delete params.p_signature;
	let serialize = Serialize.serialize(Object.keys(params).sort().reduce((r, k) => (r[k] = params[k], r), {}));
	let verify = crypto.createVerify('RSA-SHA1');
	verify.write(serialize);
	verify.end();

	// YOUR public key here
	let publicKey = `-----BEGIN PUBLIC KEY-----
	-----END PUBLIC KEY-----`;

	if (!verify.verify(publicKey, signature, 'base64')) {
	// in case of invalid signature return a 500 status code
	res.status(500).send({
	"error": "invalid signature"
	});
	return;
	}

	/*
	* Your Logic
	*/

	// return ok , status code 200
	res.send({result: 'ok'});
	});

	app.get('/', function (req, res) {
	res.status(200).send(`
	<ol>
	<li>Install(using npm): Express, body-parser, php-serialize, crypto


	<ul>
	<li>npm install --save express body-parser php-serialize crypto</li></ul>
	</li>

	<li>read Paddle docs: https://paddle.com/docs/reference-verifying-webhooks</li>

	<li>GoTo line 32 to set your public key, available here: https://vendors.paddle.com/account</li>

	<li>Run it</li>

	<li>Send post request to http://localhost:8080/paddleWebhook


	<ul>
	<li>you can use https://requestb.in to get the payload from paddle request simulator</li>

	<li>paddle simulator (Webhook Alert Testing) : https://vendors.paddle.com/webhook-alert-test</li></ul>
	</li>

	<li>Testing result should be like this:


	<ul>
	<li>valid payload: result: ok , status code 200</li>

	<li>else: error: invalid signature , status code 500</li></ul>
	</li>

	<li>GoTo line 44 to write your business logic</li>
	</ol>
	`);
	});

	port = 8080;
	app.listen(port, function () {
	console.log('Your app listening to port: ' + port);
	});