Last active
August 29, 2015 14:04
-
-
Save matsubo/4a71d8d5a4adf7571b09 to your computer and use it in GitHub Desktop.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| diff --git a/composer.json b/composer.json | |
| index 239a542..c697dad 100644 | |
| --- a/composer.json | |
| +++ b/composer.json | |
| @@ -1,5 +1,6 @@ | |
| { | |
| "require": { | |
| + "php": ">=5.4.0", | |
| "curl/curl": "dev-master", | |
| "phpunit/phpunit": "4.1.*", | |
| "squizlabs/php_codesniffer": "1.*", | |
| diff --git a/index.php b/index.php | |
| index 57b8a3f..3ea1002 100644 | |
| --- a/index.php | |
| +++ b/index.php | |
| @@ -32,8 +32,8 @@ if ($_SERVER['HTTP_X_FORWARDED_PROTO'] != 'https') { | |
| <div class="row"> | |
| +<p>Copy and paste your <strong>sandbox</strong> keys.</p> | |
| <form action="save_keys.php" method="post"> | |
| - | |
| <dl> | |
| <dt>Secret key</dt> | |
| <dd><input type="text" name="secret_key" value="<?php print $_SESSION['secret_key'] ?>" size="50" placeholder="Paste your key"></dd> | |
| @@ -41,14 +41,16 @@ if ($_SERVER['HTTP_X_FORWARDED_PROTO'] != 'https') { | |
| <dd><input type="text" name="publishable_key" value="<?php print $_SESSION['publishable_key'] ?>" size="50" placeholder="Paste your key"></dd> | |
| </dl> | |
| - <input type="submit" value="Show SPIKE Checkout demo" class="button success"> | |
| + <input type="submit" value="Go to SPIKE Checkout demo" class="button"> | |
| </form> | |
| </div> | |
| <hr> | |
| <footer> | |
| - version:1.1.0 | |
| + <div class="row"> | |
| + <a href="https://github.com/metaps/spike-checkout-demo" target="_blank">spike-checkout-demo</a> version:1.1.0 | |
| + </div> | |
| </footer> | |
| <script src="//cdn.jsdelivr.net/foundation/5.3.1/js/vendor/jquery.js"></script> | |
| diff --git a/menu.php b/menu.php | |
| index 76c41fd..28d4af8 100644 | |
| --- a/menu.php | |
| +++ b/menu.php | |
| @@ -43,8 +43,8 @@ if (empty($_SESSION['secret_key']) || empty($_SESSION['publishable_key'])) { | |
| ?> | |
| <div class="row"> | |
| - <ul class="button-group"> | |
| - <li><a href="payment_form.php" class="button">Checkout</a></li> | |
| + <ul style="list-style: none"> | |
| + <li><a href="payment_form.php" class="button">SPIKE Checkout</a></li> | |
| <li><a href="webhook.php" class="button">Webhook</a></li> | |
| </ul> | |
| </div> | |
| diff --git a/payment_form.php b/payment_form.php | |
| index e79a14a..e3adb2b 100644 | |
| --- a/payment_form.php | |
| +++ b/payment_form.php | |
| @@ -15,13 +15,20 @@ | |
| <meta charset="utf-8"> | |
| <title>SPIKE Checkout demo program (1/2)</title> | |
| <meta name="viewport" content="width=device-width, initial-scale=1.0, user-scalable=yes" /> | |
| + <link rel="stylesheet" href="//cdnjs.cloudflare.com/ajax/libs/foundation/5.3.1/css/normalize.css"> | |
| + <link rel="stylesheet" href="//cdn.jsdelivr.net/foundation/5.3.1/css/foundation.min.css"> | |
| + <script src="//cdn.jsdelivr.net/foundation/5.3.1/js/vendor/modernizr.js"></script> | |
| </head> | |
| <body> | |
| - <form action="payment_finish.php" method="post"> | |
| - <input id="token" type="hidden" name="token" value=""> | |
| - <button id="customButton">Purchase</button> | |
| - </form> | |
| +<h1>SPIKE Checkout demo</h1> | |
| + | |
| + <div class="row"> | |
| + <form action="payment_finish.php" method="post"> | |
| + <input id="token" type="hidden" name="token" value=""> | |
| + <button id="customButton">Purchase</button> | |
| + </form> | |
| + </div> | |
| <script src="https://checkout.spike.cc/v1/checkout.js"></script> | |
| diff --git a/webhook.php b/webhook.php | |
| index f61b505..5516742 100644 | |
| --- a/webhook.php | |
| +++ b/webhook.php | |
| @@ -13,7 +13,7 @@ | |
| <html class="no-js" lang="ja"> | |
| <head> | |
| <meta charset="utf-8"> | |
| - <title>SPIKE Checkout demo webhook</title> | |
| + <title>SPIKE demo webhook</title> | |
| <meta name="viewport" content="width=device-width, initial-scale=1.0, user-scalable=yes" /> | |
| <link rel="stylesheet" href="//cdnjs.cloudflare.com/ajax/libs/foundation/5.3.1/css/normalize.css"> | |
| <link rel="stylesheet" href="//cdn.jsdelivr.net/foundation/5.3.1/css/foundation.min.css"> | |
| @@ -41,7 +41,7 @@ | |
| </head> | |
| <body> | |
| - <h1>SPIKE Checkout demo webhook</h1> | |
| + <h1>SPIKE webhook demo</h1> | |
| <?php | |
| if (empty($_SESSION['secret_key'])) { | |
| @@ -68,7 +68,7 @@ if (empty($_SESSION['secret_key'])) { | |
| $value = $redis->get($storeKey); | |
| if (empty($value)) { | |
| $data = array('secret_key' => $_SESSION['secret_key']); | |
| - $redis->setex($storeKey, 60 * 30, serialize($data)); | |
| + $redis->setex($storeKey, 60 * 60 * 12, serialize($data)); | |
| } else { | |
| $data = unserialize($value); | |
| } | |
| @@ -82,28 +82,32 @@ if (empty($_SESSION['secret_key'])) { | |
| <div class="row"> | |
| <dl> | |
| - <dt>Your endpoint</dt> | |
| + <dt>Your endpoint URL</dt> | |
| <dd><textarea rows="4" onclick="$(this).select()" readonly="readonly"><?php print $url ?></textarea></dd> | |
| </dl> | |
| </div> | |
| <div class="row"> | |
| - <p>Please set your endpoint on SPIKE Developer Dashboard.<br>After sending webhook requests, please reload this page.</p> | |
| - <a href="https://spike.cc/dashboard/developer/webhook/urls" target="_blank" class="button">SPIKE Developer Dashboard</a> | |
| + <p>Copy the endpoint URL and paste in <a href="https://spike.cc/dashboard/developer/webhook/urls" target="_blank">SPIKE Developer Dashboard's webhook page</a>.<br>After sending webhook requests, please reload this page.</p> | |
| </div> | |
| - <?php if (!empty($value)) { ?> | |
| + <?php if ($value) { ?> | |
| <div class="row"> | |
| <h3>Request Data</h3> | |
| <?php if (empty($data) || empty($data['body'])) { ?> | |
| - <p>Data is empty.</p> | |
| + <p>Data will be shown here if there is notification to the endpoint.</p> | |
| <?php } else { ?> | |
| <pre><code class="language-json"><?php $jsonPretty = new Camspiers\JsonPretty\JsonPretty; echo $jsonPretty->prettify(json_decode($data['body'])); ?></code></pre> | |
| + <ul> | |
| + <li>Endpoint URL is valid for 12 hours for security reason.</li> | |
| + <li>Data will be deleted after 12 hours receiving webhook request.</li> | |
| + </ul> | |
| + | |
| <?php } ?> | |
| </div> | |
| diff --git a/webhook_endpoint.php b/webhook_endpoint.php | |
| index 5fcaa9b..84a13fb 100644 | |
| --- a/webhook_endpoint.php | |
| +++ b/webhook_endpoint.php | |
| @@ -46,7 +46,9 @@ $json = urldecode(file_get_contents('php://input')); | |
| // signature check | |
| $signature = base64_encode(hash_hmac('sha256', json_decode($json), $data['secret_key'], true)); | |
| -if ($signature != $_SERVER['HTTP_X_SPIKE_WEBHOOKS_SIGNATURE']) { | |
| + | |
| +$headers = getallheaders(); | |
| +if ($signature != $headers['X-Spike-Webhooks-Signature']) { | |
| header('HTTP/1.0 400 Bad Request'); | |
| print 'signature is invalid.'; | |
| exit; | |
| @@ -54,7 +56,7 @@ if ($signature != $_SERVER['HTTP_X_SPIKE_WEBHOOKS_SIGNATURE']) { | |
| $data['body'] = $json; | |
| -$redis->setex($storeKey, 60 * 30, serialize($data)); | |
| +$redis->setex($storeKey, 60 * 60 * 12, serialize($data)); | |
| header('HTTP/1.0 200 OK'); |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment