Task #796
openEpic #786: Square Payment Gateway Integration
Feature #793: Core Payment Processing
Webhook Integration
0%
Description
Create a webhook endpoint to receive events from Square (e.g., payment.updated, payment.created). Validate webhook signatures to ensure authenticity. Parse event payloads and update internal transaction status accordingly. Maintain event logs for debugging and traceability.
Updated by Deeksha Singh about 1 month ago
TC_ID_WEBHOOK_01
Title: Verify webhook is received on successful payment
Preconditions: Webhook URL configured in Square dashboard
Steps:
Perform a successful payment
Monitor webhook endpoint
Test Data: Valid payment
Expected Result: Webhook received with event type payment.created/payment.updated
TC_ID_WEBHOOK_02
Title: Verify webhook signature validation
Preconditions: Signature validation implemented
Steps:
Send webhook request with valid signature
Send webhook request with invalid signature
Test Data: Valid/invalid signature
Expected Result:
Valid signature → accepted
Invalid signature → rejected
TC_ID_WEBHOOK_03
Title: Verify webhook updates payment status in database
Preconditions: Payment already created
Steps:
Trigger payment
Wait for webhook
Check DB
Test Data: Payment ID
Expected Result: Payment status updated correctly (SUCCESS/FAILED)
TC_ID_WEBHOOK_04
Title: Verify handling of unknown or unsupported webhook events
Preconditions: Webhook endpoint active
Steps:
Send webhook with unknown event type
Test Data: Random event type
Expected Result: Event ignored or logged without breaking system
TC_ID_WEBHOOK_05
Title: Verify webhook payload parsing
Preconditions: Webhook received
Steps:
Capture webhook payload
Check extracted fields
Test Data: Payment event payload
Expected Result: Correct parsing of payment ID, amount, status
TC_ID_WEBHOOK_06
Title: Verify duplicate webhook handling
Preconditions: Same webhook sent multiple times
Steps:
Send same webhook event twice
Test Data: Same event ID
Expected Result: No duplicate DB update, idempotent handling
TC_ID_WEBHOOK_07
Title: Verify logging of webhook events
Preconditions: Logging enabled
Steps:
Trigger webhook
Check logs
Test Data: Any webhook event
Expected Result: Event logged with details, no sensitive data exposed
TC_ID_WEBHOOK_08
Title: Verify system handles webhook processing failure
Preconditions: Simulate DB/API failure
Steps:
Trigger webhook
Test Data: Failure scenario
Expected Result: Error logged, system does not crash, retry or fallback handled