defmodule GlificWeb.StripeWebhook do
  @moduledoc """
  Simple plug to handle and authenticate incoming webhook calls from Stripe
  """

  @behaviour Plug

  alias Plug.Conn

  @doc false
  def init(config), do: config

  @doc false
  def call(%{request_path: "/webhook/stripe"} = conn, _) do
    signing_secret = Application.fetch_env!(:stripity_stripe, :signing_secret)
    [stripe_signature] = Conn.get_req_header(conn, "stripe-signature")

    # using the raw body which we've cached in the endpoint for all webhook urls
    body = conn.assigns[:raw_body]

    case Stripe.Webhook.construct_event(body, stripe_signature, signing_secret) do
      {:ok, stripe_event} ->
        conn
        |> Plug.Conn.assign(:stripe_event, stripe_event)

      {:error, error} ->
        conn
        |> Conn.send_resp(:bad_request, inspect(error))
        |> Conn.halt()
    end
  end

  @doc false
  def call(conn, _), do: conn
end