initial commit 2

portal/api-sandbox/v1/webhooks/.htaccess

@@ -0,0 +1,123 @@
+########## BEGIN RECOMMENDED RULES (COMMENT OUT OR UNCOMMENT AS NEEDED) ##########
+
+### htaccess (https://github.com/delight-im/htaccess)
+### Copyright (c) delight.im (https://www.delight.im/)
+### Licensed under the MIT License (https://opensource.org/licenses/MIT)
+
+
+
+<ifModule mod_headers.c>
+
+	# Prevent clickjacking (forbids framing by third-party sites)
+	Header set X-Frame-Options sameorigin
+
+	# Prevent content sniffing (MIME sniffing)
+	Header set X-Content-Type-Options nosniff
+
+	# Attempt to enable XSS filters in browsers, if available, and block reflected XSS
+	Header set X-XSS-Protection "1; mode=block"
+
+	# Cache media files for a month
+	<FilesMatch "\.(js|css|jpg|jpeg|png|svg|webp|gif|ico|ogg|mp4|webm)$">
+		Header set Cache-Control max-age=2629800
+	</FilesMatch>
+
+	# Remove response headers that provide no value but leak information
+	Header unset X-Powered-By
+
+	# Disable "ETag" headers so that browsers rely on the "Cache-Control" and "Expires" headers
+	Header unset ETag
+
+</ifModule> 
+
+<IfModule mod_autoindex.c>
+
+	# Turn off directory listings for folders without default documents
+	Options -Indexes
+
+</IfModule>
+
+<IfModule mod_negotiation.c>
+
+	# Disable 'MultiViews' implicit filename pattern matches
+	Options -MultiViews
+
+</IfModule>
+
+# Serve "text/plain" and "text/html" documents as UTF-8 by default
+AddDefaultCharset utf-8
+
+# Disable "ETag" headers so that browsers rely on the "Cache-Control" and "Expires" headers
+FileETag None
+
+<ifModule mod_headers.c>
+
+	# Enable HTTP Strict Transport Security (HSTS) with a duration of six months (Uncomment 1 line below)
+	# Header set Strict-Transport-Security max-age=15778800
+
+</ifModule>
+
+
+<ifModule mod_rewrite.c>
+	RewriteEngine On
+	RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
+	RewriteBase /
+	RewriteRule ^index\.php$ - [L]
+	RewriteCond %{REQUEST_FILENAME} !-f
+	RewriteCond %{REQUEST_FILENAME} !-d
+	RewriteRule . /v1/webhooks/index.php [L]
+
+	# Force 'www' (i.e. prefix the "bare" domain and all subdomains with 'www' through permanent redirects) (Uncomment 6 lines below)
+	# RewriteCond %{HTTP_HOST} !^$
+	# RewriteCond %{HTTP_HOST} !^www\. [NC]
+	# RewriteCond %{HTTPS}s ^on(s)|
+	# # RewriteCond %{REQUEST_SCHEME} ^http(s)|
+	# # RewriteCond %{SERVER_PORT}s ^443(s)|
+	# RewriteRule ^ http%1://www.%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
+
+	# Force HTTPS (Uncomment 4 lines below)
+	# RewriteCond %{HTTPS} off
+	# # RewriteCond %{REQUEST_SCHEME} http
+	# # RewriteCond %{SERVER_PORT} !443
+	# RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
+
+</IfModule>
+
+# Prevent access to non-minified CSS and JS (Uncomment 3 lines below)
+# <FilesMatch "(?<!.min)\.(css|js)$">
+#     Require all denied
+# </FilesMatch>
+
+# Show a custom error document for "404 Not Found" errors (Uncomment 1 line below)
+# ErrorDocument 404 /notFound.html
+
+# Announce contact information for security issues (Uncomment 2 lines below)
+# Header set X-Vulnerability-Disclosure "https://www.example.com/security"
+# Header set X-Security-Contact "security@example.com"
+
+########## END RECOMMENDED RULES ##########
+
+########## BEGIN CUSTOM RULES (YOUR OWN RULES GO HERE) ##########
+
+# Add your rules here ...
+
+########## END CUSTOM RULES ##########
+
+
+#<ifModule mod_rewrite.c>
+#	RewriteEngine On
+#	RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
+#	RewriteBase /
+#	RewriteRule ^index\.php$ - [L]
+#	RewriteCond %{REQUEST_FILENAME} !-f
+#	RewriteCond %{REQUEST_FILENAME} !-d
+#	RewriteRule . /v1/payments/index.php [L]
+
+#</IfModule>
+
+
+Header set Access-Control-Allow-Origin "*" 
+Header set Access-Control-Allow-Headers "Origin, X-Requested-With, Content-Type, Accept, Authorization" 
+Header set Access-Control-Allow-Methods "GET, POST, PUT, DELETE, OPTIONS"
+Header set timing-allow-origin "*"
+# content-security-policy:

portal/api-sandbox/v1/webhooks/index.php

@@ -0,0 +1,17 @@
+<?php
+$dir = dirname( __DIR__, 3 ); 
+require $dir . "/admin/core/api/php/includes/init.php";
+$router = new AppfactoryStudio\Core\Router(); 
+
+
+
+$router->post('/stripe',[AppfactoryStudio\Plugins\Payments::class, 'webhook_stripe']);
+$router->post('/paypal',[AppfactoryStudio\Plugins\Payments::class, 'webhook_paypal']);
+
+
+
+// https://api.appfactory.studio/v1/webhooks/stripe
+// https://api-sandbox.appfactory.studio/v1/webhooks/stripe
+
+echo $router->UrlResolve("/v1/webhooks", $_SERVER['REQUEST_URI'], strtolower($_SERVER['REQUEST_METHOD']));
+