var crypto = require('crypto')

const IPN_HMAC_SECRET = "7c28eb2f82cbf601510c1dc4eef7753d0a3994320d0c21e4a011ce38da5efed1"

exports.handler = async (event) => {
    const hmac = crypto.createHmac('sha512', IPN_HMAC_SECRET);
    const body = JSON.parse(event.body);
    hmac.update(JSON.stringify(body, Object.keys(body).sort()))
    const signature = hmac.digest('hex')
  
    if (signature === event.headers['x-keagate-sig']) {
        // We're good to go
        const id = body.id
        const status = body.status
        if (status !== "CONFIRMED") {
            console.log("Not ready yet...")
            return;
        } else {
            // Someone just paid
            console.log("CONFIRMED!!!");
        }
        
    } else {
        // Could be spoofed
        console.log("Spoofed maybe...")
    }
  
    const response = {
        statusCode: 200,
        body: JSON.stringify({
            headers: event.headers,
            body: JSON.parse(event.body)
        }),
    };

    return response;
};