chore: complete update
This commit is contained in:
103
src/Application/Shopify/ShopifyWebhookHandler.php
Normal file
103
src/Application/Shopify/ShopifyWebhookHandler.php
Normal file
@@ -0,0 +1,103 @@
|
||||
<?php
|
||||
declare(strict_types=1);
|
||||
|
||||
namespace App\Application\Shopify;
|
||||
|
||||
use App\Framework\Attributes\Route;
|
||||
use App\Framework\Http\Method;
|
||||
use App\Framework\Http\Request;
|
||||
use App\Framework\Http\Status;
|
||||
use App\Framework\Router\Result\JsonResult;
|
||||
|
||||
final class ShopifyWebhookHandler
|
||||
{
|
||||
/**
|
||||
* Verarbeitet eingehende Shopify-Webhooks
|
||||
*
|
||||
* Hinweis: Shopify überprüft die Authentizität von Webhooks mit dem X-Shopify-Hmac-Sha256 Header
|
||||
*/
|
||||
#[Route(path: '/webhook/shopify', method: Method::POST)]
|
||||
public function handleWebhook(Request $request): JsonResult
|
||||
{
|
||||
// Webhook-Thema aus dem Header lesen
|
||||
$topic = $request->headers->get('X-Shopify-Topic')[0] ?? null;
|
||||
$shopDomain = $request->headers->get('X-Shopify-Shop-Domain')[0] ?? null;
|
||||
$hmac = $request->headers->get('X-Shopify-Hmac-Sha256')[0] ?? null;
|
||||
|
||||
// Validiere den HMAC, um sicherzustellen, dass der Request von Shopify kommt
|
||||
$rawData = $request->body;
|
||||
|
||||
if (!$this->validateWebhookHmac($hmac, $rawData)) {
|
||||
$result = new JsonResult(['error' => 'Ungültiger HMAC']);
|
||||
$result->status = Status::UNAUTHORIZED;
|
||||
return $result;
|
||||
}
|
||||
|
||||
// Daten verarbeiten
|
||||
$data = json_decode($rawData, true);
|
||||
|
||||
// Je nach Topic unterschiedlich verarbeiten
|
||||
switch ($topic) {
|
||||
case 'orders/create':
|
||||
$this->processOrderCreated($data);
|
||||
break;
|
||||
case 'products/create':
|
||||
case 'products/update':
|
||||
$this->processProductUpdate($data);
|
||||
break;
|
||||
case 'customers/create':
|
||||
$this->processCustomerCreated($data);
|
||||
break;
|
||||
// Weitere Webhook-Themen...
|
||||
default:
|
||||
// Unbekanntes Thema, loggen oder ignorieren
|
||||
break;
|
||||
}
|
||||
|
||||
// Shopify erwartet eine erfolgreiche Antwort (2xx)
|
||||
return new JsonResult(['success' => true]);
|
||||
}
|
||||
|
||||
/**
|
||||
* Validiert den HMAC-Header
|
||||
*/
|
||||
private function validateWebhookHmac(?string $hmac, string $data): bool
|
||||
{
|
||||
if (!$hmac) {
|
||||
return false;
|
||||
}
|
||||
|
||||
// Das Shared Secret sollte eigentlich in ApiConfig sein
|
||||
$secret = 'dein_webhook_shared_secret'; // ODER aus ApiConfig holen
|
||||
$calculatedHmac = base64_encode(hash_hmac('sha256', $data, $secret, true));
|
||||
|
||||
return hash_equals($calculatedHmac, $hmac);
|
||||
}
|
||||
|
||||
/**
|
||||
* Verarbeitet eine neu erstellte Bestellung
|
||||
*/
|
||||
private function processOrderCreated(array $orderData): void
|
||||
{
|
||||
// Hier die Logik für neue Bestellungen implementieren
|
||||
// z.B. in eigenes System übertragen, E-Mails versenden, etc.
|
||||
}
|
||||
|
||||
/**
|
||||
* Verarbeitet Produkt-Updates
|
||||
*/
|
||||
private function processProductUpdate(array $productData): void
|
||||
{
|
||||
// Hier die Logik für Produkt-Updates implementieren
|
||||
// z.B. Lagerbestand in eigenem System aktualisieren
|
||||
}
|
||||
|
||||
/**
|
||||
* Verarbeitet einen neu erstellten Kunden
|
||||
*/
|
||||
private function processCustomerCreated(array $customerData): void
|
||||
{
|
||||
// Hier die Logik für neue Kunden implementieren
|
||||
// z.B. in CRM-System übertragen, Newsletter-Anmeldung
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user