import hashlib, hmac

class CoinifyCallback:
    """
    Class to validate callbacks from Coinfy
    """

    ipn_secret = None
    """Coinify IPN callback secret. Get yours at https://www.coinify.com/merchant/ipn"""

    def __init__( self, ipn_secret ):
        self.ipn_secret = ipn_secret

    def validate_callback( self, callback_raw, signature ):
        """
        Validates a callback and it's signature based on the IPN secret given in the constructor.

        callback_raw must contain the raw JSON POST data sent with the callback (before any JSON decoding)
        signature must contain the signature as extracted from the 'X-Coinify-Callback-Signature' header,
            which should be a 64-byte hexadecimal string
        """
        return signature == hmac.new(self.ipn_secret, msg=callback_raw, digestmod=hashlib.sha256).hexdigest()