Stefan Schmidt-Egermann
fa81aba944
- Installierbares Package mit pyproject.toml - Client-Klasse mit Sync, Async (mit Polling), Webhook, Verify, Download - Typisierte Exception-Hierarchie - Webhook-Signatur-Verifikation (HMAC-SHA-256) - Pytest-Suite + Quickstart und Webhook-Receiver-Beispiel
60 lines
1.6 KiB
Python
60 lines
1.6 KiB
Python
"""Webhook-Empfänger für hightrusted CAPTURE — minimaler Flask-Server.
|
|
|
|
Voraussetzung:
|
|
pip install hightrusted-capture flask
|
|
|
|
Lauf:
|
|
export HIGHTRUSTED_WEBHOOK_SECRET=wh_secret_...
|
|
python examples/webhook_receiver.py
|
|
|
|
Capture mit Webhook anlegen:
|
|
client.capture_webhook(
|
|
url="https://example.com",
|
|
webhook_url="https://your-domain.tld/webhooks/capture",
|
|
reference="case-001",
|
|
)
|
|
"""
|
|
|
|
import json
|
|
import os
|
|
|
|
from flask import Flask, request
|
|
|
|
from hightrusted_capture import verify_webhook_signature
|
|
|
|
WEBHOOK_SECRET = os.environ["HIGHTRUSTED_WEBHOOK_SECRET"]
|
|
|
|
app = Flask(__name__)
|
|
|
|
|
|
@app.post("/webhooks/capture")
|
|
def capture_webhook():
|
|
body = request.get_data() # raw bytes — wichtig für HMAC!
|
|
signature = request.headers.get("X-Hightrusted-Signature", "")
|
|
|
|
if not verify_webhook_signature(body, signature, WEBHOOK_SECRET):
|
|
app.logger.warning("Webhook signature mismatch")
|
|
return {"error": "invalid_signature"}, 401
|
|
|
|
payload = json.loads(body)
|
|
event = payload["event"]
|
|
capture = payload["capture"]
|
|
|
|
if event == "capture.ready":
|
|
capture_id = capture["id"]
|
|
verify_url = capture["verify_url"]
|
|
reference = capture.get("reference", "")
|
|
app.logger.info(
|
|
"Capture %s ready (ref=%s, verify=%s)",
|
|
capture_id, reference, verify_url,
|
|
)
|
|
# → hier: PDF herunterladen, ins Archiv legen, Mandant benachrichtigen, ...
|
|
|
|
elif event == "capture.failed":
|
|
app.logger.error("Capture failed: %s", payload.get("error"))
|
|
|
|
return {"ok": True}, 200
|
|
|
|
|
|
if __name__ == "__main__":
|
|
app.run(host="0.0.0.0", port=8000)
|