aboutsummaryrefslogtreecommitdiff
path: root/src/main/java/com/juick/www/api/webhooks/PatreonWebhook.java
blob: d8467ff040c6e6b946fb771e9db589bb18a452ad (plain) (blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
/*
 * Copyright (C) 2008-2023, Juick
 *
 * This program is free software: you can redistribute it and/or modify
 * it under the terms of the GNU Affero General Public License as
 * published by the Free Software Foundation, either version 3 of the
 * License, or (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU Affero General Public License for more details.
 *
 * You should have received a copy of the GNU Affero General Public License
 * along with this program.  If not, see <http://www.gnu.org/licenses/>.
 */

package com.juick.www.api.webhooks;

import com.fasterxml.jackson.databind.ObjectMapper;
import com.juick.service.PatreonService;
import com.juick.service.UserService;
import com.juick.util.HttpForbiddenException;
import org.apache.commons.codec.digest.HmacUtils;
import org.apache.commons.io.IOUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.http.HttpStatus;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestHeader;
import org.springframework.web.bind.annotation.ResponseStatus;
import org.springframework.web.bind.annotation.RestController;

import jakarta.inject.Inject;
import java.io.InputStream;
import java.nio.charset.StandardCharsets;
import java.util.ArrayList;
import java.util.List;
import java.util.stream.StreamSupport;

@RestController
public class PatreonWebhook {
    private static final Logger logger = LoggerFactory.getLogger("Patreon");
    @Value("${patreon_secret:}")
    private String secretKey;
    @Inject
    private PatreonService patreonService;
    @Inject
    private ObjectMapper jsonMapper;
    @Inject
    private UserService userService;

    @PostMapping(value = "/api/_patreon")
    @ResponseStatus(value = HttpStatus.OK)
    public void processUpdate(
            @RequestHeader(name = "X-Patreon-Event") String event,
            @RequestHeader(name = "X-Patreon-Signature") String signature,
            InputStream body) throws Exception {
        String data = IOUtils.toString(body, StandardCharsets.UTF_8);
        var actualSignature = HmacUtils.hmacMd5Hex(secretKey, data);
        logger.info("Event: {}, signature: {}, actual: {}", event, signature, actualSignature);
        if (!actualSignature.equals(signature)) {
            throw new HttpForbiddenException();
        }
        var json = jsonMapper.readTree(data);
        var updatedEmails = StreamSupport.stream(json.get("included").spliterator(), false)
                .filter(node -> node.get("type").textValue().equals("user"))
                .map(node -> node.get("attributes").get("email").textValue()).toList();
        var campainsResponse = patreonService.fetchCampaigns();
        List<String> activeEmails = new ArrayList<>();
        campainsResponse.forEach(campaign -> {
            var pledgesResponse = patreonService.fetchPledges(campaign);
            pledgesResponse.forEach(pledge -> {
                logger.info("Pledge email: {}", pledge);
                activeEmails.add(pledge);
            });
        });
        activeEmails.forEach(email -> {
            var user = userService.getUserByEmail(email);
            if (!user.isAnonymous()) {
                userService.setPremium(user.getUid(), true);
            }
        });
        updatedEmails.stream().filter(email -> !activeEmails.contains(email))
                .forEach(deleted -> {
                    var user = userService.getUserByEmail(deleted);
                    if (!user.isAnonymous()) {
                        logger.info("User is not a patron anymore: {}", deleted);
                        userService.setPremium(user.getUid(), false);
                    }
                });
    }
}