Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- public function webHookReceiver ($request, $response, $args)
- {
- $endpoint_secret = $config['stripe.webhook_key'];
- $payload = $request->getBody();
- $sig_header = $request->getHeaderLine('Stripe-Signature');
- $data = json_decode($payload, true);
- $jsonError = json_last_error();
- if ($data === null && $jsonError !== JSON_ERROR_NONE) {
- $msg = "Invalid payload: $payload "
- . "(json_last_error() was $jsonError)";
- throw new \UnexpectedValueException($msg);
- }
- $event = Event::constructFrom($data);
- $items = explode(",", $sig_header);
- $timestamps = explode("=", $item[0]);
- $timestamp = $timestamps[1];
- $itemParts = explode("=", $items[1], 2);
- if(!($itemParts[0] === "v1")){
- return $response->withStatus(400);
- }
- $signature = $itemParts[1];
- $expectedSignature = hash_hmac("sha256", "$timestamp.$payload", $endpoint_secret);
- if (!hash_equals($expectedSignature, $signature)) {
- return $response->write("Invalid signature \n$signature\n$expectedSignature");
- }
- else {
- return $response->write('success');
- }
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement