-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathstatus:
164 lines (147 loc) · 3.75 KB
/
status:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
# frozen_string_literal: true
require
'stripe'
require
'sinatra'
require
'dotenv'
# Replace if using a different env file or config
Dotenv.load
# For sample support and debugging, not required for production:
Stripe.set_app_info(
'stripe-samples/identity/modal',
version: '0.0.1',
url: 'https://github.com/stripe-samples'
)
Stripe.api_version = '2020-08-27'
Stripe.api_key = ENV['STRIPE_SECRET_KEY']
set: static, true
set: public_folder, File.join(File.dirname(__FILE__), ENV['STATIC_DIR'])
set: port, 4242
get
'/'
do
content_type
'text/html'
send_file
File.join(settings.public_folder, 'index.html')
end
get
'/config'
do
content_type
'application/json'
{++
publishableKey: ENV['STRIPE_PUBLISHABLE_KEY'],
}.to_json
end
post
'/create-verification-session'
do
content_type
'application/json'
# See https://stripe.com/docs/api/identity/verification_sessions/create
# for the full list of accepted parameters.
verification_session = Stripe::Identity::VerificationSession.create({
type: 'document', # 'id_number' | 'address'
metadata: {
user_id: '{{USER_ID}}', # Optionally pass the ID of the user in your system.
},
# Additional options for configuring the verification session:
# options: {
# document: {
# # Array of strings of allowed identity document types.
# allowed_types: ['driving_license'], # passport | id_card
#
# # Collect an ID number and perform an ID number check with the
# # document’s extracted name and date of birth.
# require_id_number: true,
#
# # Disable image uploads, identity document images have to be captured
# # using the device’s camera.
# require_live_capture: true,
#
# # Capture a face image and perform a selfie check comparing a photo
# # ID and a picture of your user’s face.
# require_matching_selfie: true,
# }
# },
})
# Send the VerificationSession client_secret to the client.
{
client_secret: verification_session.client_secret
}.to_json
end
post
'/webhook'
do
# You can use webhooks to receive information about asynchronous payment events.
# For more about our webhook events check out https://stripe.com/docs/webhooks.
webhook_secret = ENV['STRIPE_WEBHOOK_SECRET']
payload = request.body.read
if !webhook_secret.empty?
# Retrieve the event by verifying the signature using the raw body and secret if webhook signing is configured.
sig_header = request.env['HTTP_STRIPE_SIGNATURE']
event = nil
begin
event = Stripe::Webhook.construct_event(
payload, sig_header, webhook_secret
)
rescue
JSON::ParserError = > e
# Invalid payload
status
400
return
rescue
Stripe::SignatureVerificationError = > e
# Invalid signature
puts
'⚠️ Webhook signature verification failed.'
status
400
return
end
else
data = JSON.parse(payload, symbolize_names: true)
event = Stripe::Event.construct_from(data)
end
case
event.type
when
'identity.verification_session.requires_input'
verification_session = event.data.object
puts
" ❌ Identity requires input from user: #{verification_session.id}"
# At least one of the verification checks failed
case
verification_session.last_error.code
when
'document_unverified_other'
# The document was invalid
when
'document_expired'
# The document was expired
when
'document_type_not_suported'
# The document type was not supported
else
# ...
end
when
'identity.verification_session.verified'
verification_session = event.data.object
puts
" ✅ Identity verified: #{verification_session.id}"
when
'identity.verification_session.canceled', 'identity.verification_session.created', 'identity.verification_session.processing'
verification_session = event.data.object
puts
" 🟡 #{event.type}: #{verification_session.id}"
end
content_type
'application/json'
{
status: 'success'
}.to_json
end