validatePaymentVerification function
Validates the payment verification signature.
@param params - A map containing order_id/subscription_id/payment_link_id and payment_id. @param signature - The signature from the checkout response or webhook. @param secret - Your API key secret. @returns True if the signature is valid, false otherwise.
Implementation
bool validatePaymentVerification({
required Map<String, String> params,
required String signature,
required String secret,
}) {
final paymentId = params['payment_id'];
if (paymentId == null || paymentId.isEmpty) {
throw ArgumentError('payment_id is mandatory');
}
if (secret.isEmpty) {
throw ArgumentError('secret is mandatory');
}
String payload;
if (params.containsKey('order_id')) {
final orderId = params['order_id'];
if (orderId == null || orderId.isEmpty) {
throw ArgumentError('order_id is mandatory when present');
}
payload = '$orderId|$paymentId';
} else if (params.containsKey('subscription_id')) {
final subscriptionId = params['subscription_id'];
if (subscriptionId == null || subscriptionId.isEmpty) {
throw ArgumentError('subscription_id is mandatory when present');
}
payload = '$paymentId|$subscriptionId'; // Order is different in JS vs docs
} else if (params.containsKey('payment_link_id')) {
final paymentLinkId = params['payment_link_id'];
final paymentLinkRefId = params['payment_link_reference_id'];
final paymentLinkStatus = params['payment_link_status'];
if (paymentLinkId == null ||
paymentLinkId.isEmpty ||
paymentLinkRefId ==
null || // Ref ID can be empty if not set by user, but key should exist? Check API behavior.
paymentLinkStatus == null ||
paymentLinkStatus.isEmpty) {
throw ArgumentError(
'payment_link_id, payment_link_reference_id, and payment_link_status are mandatory for payment link verification',
);
}
payload = '$paymentLinkId|$paymentLinkRefId|$paymentLinkStatus|$paymentId';
} else {
throw ArgumentError(
'Either order_id, subscription_id, or payment_link_id is mandatory',
);
}
return validateWebhookSignature(payload, signature, secret);
}