From 0d4ebf42acd91f5d7692afe145d4b50452e73929 Mon Sep 17 00:00:00 2001
From: Kyle Drake <kyle@kyledrake.net>
Date: Mon, 3 Sep 2018 12:51:13 -0700
Subject: [PATCH] include new /24 for paypal notify hook ip sources

---
 app/webhooks.rb | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/app/webhooks.rb b/app/webhooks.rb
index 27892dab..5d11c7f5 100644
--- a/app/webhooks.rb
+++ b/app/webhooks.rb
@@ -11,8 +11,11 @@ post '/webhooks/paypal' do
 end
 
 def valid_paypal_webhook_source?
-  # https://www.paypal-knowledge.com/infocenter/index?page=content&widgetview=true&id=FAQ1465&viewlocale=en_US&direct=en
-  return true if ['127.0.0.1', '173.0.81.1', '173.0.81.33', '66.211.170.66'].include?(request.ip)
+  # https://www.paypal.com/us/smarthelp/article/what-are-the-ip-addresses-for-live-paypal-servers-ts1056
+  request_ip = IPAddress::IPv4.new request.ip
+  ['127.0.0.1', '66.211.170.66', '173.0.81.0/24'].each do |ip|
+    return true if IPAddress::IPv4.new(ip).include? request_ip
+  end
   false
 end