Overview

EkaCare Webhook SDK on GitHub

The EkaCare Webhook SDK enables secure processing of webhook events from EkaCare. It validates webhook signatures, manages sensitive data, and ensures only authorized requests are processed.

Deployment is automated using the deploy.sh script, which performs the following steps:

  • Creates an ECR repository, builds the Docker image using the Dockerfile, and pushes it to ECR.
  • Uses AWS CloudFormation to provision all required resources, including:
  • A Lambda function (using the Docker image) with a new IAM role.
  • VPC attachment for the Lambda function.
  • A REST API Gateway for the Lambda, with a custom domain name (as specified in config.env).
  • A Route 53 DNS entry pointing to the API Gateway for the custom domain.
  • Registers the webhook endpoint with EkaCare using the provided URL.

This setup ensures a secure, scalable, and automated deployment of the webhook handler in your AWS environment.

Environment Variables

Set the following environment variables for proper application functionality:

Mandatory Variables

  • CLIENT_ID: Your client ID for authentication (required)
  • CLIENT_SECRET: Your client secret for authentication (required)

Conditional Variables

SIGNING_KEY:

  • Required when IS_SIGNING_KEY_IMPLEMENTED is set to True in constants.py
  • Used for verifying webhook signatures

API_KEY:

  • Required for business use cases
  • Used for making authorized API calls to EkaCare services

Configuration

To disable signature verification, set IS_SIGNING_KEY_IMPLEMENTED = False in the constants.py file.

Ensure all required environment variables are set before deploying or running the application.

Example: constants.py

Sample: https://github.com/eka-care/ekapython-webhook-sdk/blob/main/constants.py

import os

# Set to True to enable signature verification (recommended for production)
IS_SIGNING_KEY_IMPLEMENTED = True

# Provide signing key here
SIGNING_KEY = os.getenv("SIGNING_KEY")

# Client ID (Mandatory)
CLIENT_ID = os.getenv("CLIENT_ID")

# Client Secret (Mandatory)
CLIENT_SECRET = os.getenv("CLIENT_SECRET")

# API Key (Optional, required for business use cases)
API_KEY = os.getenv("API_KEY")

Signature Verification

  • Set IS_SIGNING_KEY_IMPLEMENTED in constants.py:
  • True: Enable signature verification (recommended for production)
  • False: Disable signature verification (use only for testing)

How to Deploy eka-webhook Python Lambda in an AWS Environment

Repository: https://github.com/eka-care/ekapython-webhook-sdk

Prerequisites

  • AWS CLI installed and configured
  • curl and unzip installed
  • Docker installed and running
  • AWS credentials and permissions for deploying resources (API Gateway, CloudFormation, Lambda, ECR, etc.)

Resources Created

  • ECR repository
  • Lambda function (Docker image)
  • API Gateway
  • Custom domain name
  • Route 53 entry
  • IAM role
  • Security group (optional)

Step-by-Step Setup

  1. Fork and Clone the Project
git clone https://github.com/eka-care/ekapython-webhook-sdk.git
  1. Configure AWS Credentials
aws configure

Or export your AWS credentials if using IAM Identity Center.

  1. Configure Environment Variables Edit the config.env file with the necessary configuration values.

Sample: https://github.com/eka-care/ekapython-webhook-sdk/blob/main/config.env

vim config.env

For more details, refer to detailed.md.

  1. Make the Deployment Script Executable
chmod +x deploy.sh

Deployment Commands

Deploy:

  ./deploy.sh deploy --version <version-tag>

Delete:

    ./deploy.sh delete

Upgrade:

  ./deploy.sh update --version <version-tag>

Help:

  ./deploy.sh help