1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
|
/*
* Copyright (C) 2008-2023, Juick
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as
* published by the Free Software Foundation, either version 3 of the
* License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package com.juick.www.api.webhooks;
import com.fasterxml.jackson.databind.ObjectMapper;
import com.juick.service.PatreonService;
import com.juick.service.UserService;
import com.juick.util.HttpForbiddenException;
import org.apache.commons.codec.digest.HmacUtils;
import org.apache.commons.io.IOUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.http.HttpStatus;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestHeader;
import org.springframework.web.bind.annotation.ResponseStatus;
import org.springframework.web.bind.annotation.RestController;
import javax.inject.Inject;
import java.io.InputStream;
import java.nio.charset.StandardCharsets;
import java.util.ArrayList;
import java.util.List;
import java.util.stream.StreamSupport;
@RestController
public class PatreonWebhook {
private static final Logger logger = LoggerFactory.getLogger("Patreon");
@Value("${patreon_secret:}")
private String secretKey;
@Inject
private PatreonService patreonService;
@Inject
private ObjectMapper jsonMapper;
@Inject
private UserService userService;
@PostMapping(value = "/api/_patreon")
@ResponseStatus(value = HttpStatus.OK)
public void processUpdate(
@RequestHeader(name = "X-Patreon-Event") String event,
@RequestHeader(name = "X-Patreon-Signature") String signature,
InputStream body) throws Exception {
String data = IOUtils.toString(body, StandardCharsets.UTF_8);
var actualSignature = HmacUtils.hmacMd5Hex(secretKey, data);
logger.info("Event: {}, signature: {}, actual: {}", event, signature, actualSignature);
if (!actualSignature.equals(signature)) {
throw new HttpForbiddenException();
}
var json = jsonMapper.readTree(data);
var updatedEmails = StreamSupport.stream(json.get("included").spliterator(), false)
.filter(node -> node.get("type").textValue().equals("user"))
.map(node -> node.get("attributes").get("email").textValue()).toList();
var campainsResponse = patreonService.fetchCampaigns();
List<String> activeEmails = new ArrayList<>();
campainsResponse.forEach(campaign -> {
var pledgesResponse = patreonService.fetchPledges(campaign);
pledgesResponse.forEach(pledge -> {
logger.info("Pledge email: {}", pledge);
activeEmails.add(pledge);
});
});
activeEmails.forEach(email -> {
var user = userService.getUserByEmail(email);
if (!user.isAnonymous()) {
userService.setPremium(user.getUid(), true);
}
});
updatedEmails.stream().filter(email -> !activeEmails.contains(email))
.forEach(deleted -> {
var user = userService.getUserByEmail(deleted);
if (!user.isAnonymous()) {
logger.info("User is not a patron anymore: {}", deleted);
userService.setPremium(user.getUid(), false);
}
});
}
}
|
