stripe-signature

Verification of Stripe webhook signatures

Version on this page:	1.0.0.16
LTS Haskell 22.43:	1.0.0.16
Stackage Nightly 2023-12-26:	1.0.0.16
Latest on Hackage:	1.0.0.17

See all snapshots stripe-signature appears in

MIT licensed by Chris Martin

Maintained by Chris Martin, Julie Moronuki

This version can be pinned in stack with:stripe-signature-1.0.0.16@sha256:06470a77b5b6bcfb940280a6a1632f0fefb473be2a12f07dfff049de6a4c63b8,1269

Module documentation for 1.0.0.16

Stripe
- Stripe.Signature

Depends on 6 packages(full list with versions):

base, base16-bytestring, bytestring, cryptohash-sha256, stripe-concepts, text

When Stripe sends an event to your webhook, it includes an HTTP header named Stripe-Signature. You should use this to verify the authenticity of the request to ensure that you are not acting upon forged events originating from some source other than Stripe.

Changes

Changelog

1.0.0.16 - 2023-06-26

Update stuff

1.0.0.15 - 2023-02-01

Support GHC 9.4

1.0.0.14 - 2022-01-09

Support GHC 9.2

1.0.0.12 - 2022-01-08

Drop cryptonite and memory dependencies; HMAC is now done using the cryptohash-sha256 package instead

Add some tests for the isSigValid function

1.0.0.10 - 2021-06-05

Support GHC 9.0, cryptonite 0.29, bytestring 0.11, memory 0.16

Switch base16-bytestring version from 0.1 to 1.0

1.0.0.8 - 2021-03-08

Support cryptonite 0.28

1.0.0.6 - 2020-09-02

Support cryptonite 0.27

1.0.0.4 - 2020-05-20

Support GHC 8.10

1.0.0.2 - 2020-04-18

Tightened dependency version bounds

1.0.0.1 - 2019-05-18

Replace hex-text package dependency with slightly smaller base16-bytestring dependency

1.0.0.0 - 2018-12-20

Initial release