Business-TrueLayer
view release on metacpan or search on metacpan
lib/Business/TrueLayer/Webhook.pm view on Meta::CPAN
package Business::TrueLayer::Webhook;
=head1 NAME
Business::TrueLayer::Webhook
=head1 SYNOPSIS
my $Webhook = Business::TrueLayer::Webhook->new({
jwt => $jwt,
jwks => $jwkset, # optional
});
=head1 DESCRIPTION
A class for TrueLayer webhooks
For more details see the TreuLayer API documentation specific to webhooks:
https://docs.truelayer.com/docs/mandate-webhooks
=cut
use strict;
use warnings;
use feature qw/ signatures postderef /;
use Moose;
extends 'Business::TrueLayer::Request';
no warnings qw/ experimental::signatures experimental::postderef /;
use Business::TrueLayer::Webhook::Mandate;
use namespace::autoclean;
use JSON;
use Mojo::JWT;
use Mojo::UserAgent;
use Carp qw/ croak /;
=head1 ATTRIBUTES
=head2 jwt
The JWT as sent in the webhook by TrueLayer - this is required in the object
constructor as its signature will be validated and the payload will be used
to populate more data on the object.
=head2 jwkset
A JWKS used to validate the signature of the JWT. This can be provided as an
array reference of keys, however if not provide the jku in the JWT will be used
to download the JWKS.
=head2 jku_accept_list
A hashref of acceptable URLs that can provide the JWKS. Keyed by URL:
{
$url => 1,
$alternative_url => 1,
}
If the jku in the JWT is not amongst the keys of the jku_accept_list then an
exception will be thrown.
=cut
has jku_accept_list => (
is => 'ro',
isa => 'HashRef',
required => 0,
default => sub {
return {
'https://webhooks.truelayer-sandbox.com/.well-known/jwks' => 1,
'https://webhooks.truelayer.com/.well-known/jwks' => 1,
};
},
);
has jwks => (
is => 'ro',
isa => 'ArrayRef',
);
has jwt => (
is => 'rw',
isa => 'Str',
required => 1,
trigger => sub {
my ( $self,$jwt ) = @_;
# we need to peek into the JWT to get the jku to:
# a) check it is limited to those on our accept list
( run in 0.515 second using v1.01-cache-2.11-cpan-75ffa21a3d4 )