Proxy Operator/Client Developer Rejects Unsigned Incoming Stripe Webhooks Events

[jalcine]

Stripe, by design, has a method for signing and verifying messages sent to its API. This kind of security should be applied to the proxy when receiving messages and (perhaps also sending messages to the forwarded event listener endpoint).

Feature Definition

There are two scenarios in play here, one is for the Operator of the Compensated Proxy, and the other is for a Client Developer.

Here's the one for the Proxy

Scenario:  Proxy Rejects Unsigned Incoming Stripe Webhooks Events
  Given the Compensated Proxy is configured to validate Stripe events
  And the Compensated Proxy is forwarding events to a Downstream Listener
  When the proxy receives an Unsigned Stripe Event shaped like Stripe's payment events
  Then the proxy responds with an Unauthorized status code
  And the proxy does not forward the response to the Downstream Listener

And here's one for the Core library:

Scenario: Event Handler rejects Unsigned Stripe Webhook Events
  Given the Compensated Gem is configured to validate Stripe Events
  When an Unsigned Stripe Event is passed to the Request Handler
  Then the Request Handler raises an UnsignedEventError

We may want to split this into two issues; so that it's easier to close; or we can leave it as one big issue with as many patches as it takes to get this across the finish line.

This Issue May Be Closed When

• [ ] The compensated-ruby library can verify incoming Stripe Event's Signature
  • [ ] There is a feature test with reasonable scenarios in place
  • [x] The feature file exists
  • [ ] The steps are wired in
  • [ ] The feature passes in CI
  • [ ] And the compensated-ruby/CHANGELOG.md indicates that this feature exists
  • [ ] And it has been tested by a maintainer in a production-like capacity
  • [ ] And there has been a release of the compensated-ruby library.
• [ ] The compensated-proxy application can verify incoming Stripe Event's signature
  • [ ] There is a feature test with reasonable scenarios in place
  • [ ] And the compensated-proxy/CHANGELOG.md indicates that this feature exists
  • [ ] And it has been tested by a maintainer in a production-like capacity
  • [ ] And there has been a release of the compensated-proxy application

[zspencer]

Thanks @jalcine! This is a great issue!

I've taken some time to flesh out the acceptance criteria; feel free to edit it as you see fit!

I've also transferred you 20 patronage points as a way to say thank you for your contribution.

Feel free to pass them on to other folks who are doing work you appreciate, or hold on to them! Once Zinc starts generating revenue in excess of our operating costs, Contributors will be able to redeem them for cash.

[zspencer]

OK, feature tests are starting to be framed in. Would appreciate any feedback or commits from other people.