Server : Apache System : Linux server2.corals.io 4.18.0-348.2.1.el8_5.x86_64 #1 SMP Mon Nov 15 09:17:08 EST 2021 x86_64 User : corals ( 1002) PHP Version : 7.4.33 Disable Function : exec,passthru,shell_exec,system Directory : /home/corals/job-board.corals.io/Corals/modules/Payment/Stripe/Middleware/ |
<?php
namespace Corals\Modules\Payment\Stripe\Middleware;
use Closure;
use Corals\Modules\Subscriptions\Classes\Subscription;
use Corals\Modules\Payment\Stripe\Exception\StripeWebhookFailed;
use Exception;
use Stripe\Webhook;
class StripeVerifySignature
{
/**
* @param $request
* @param Closure $next
* @return mixed
* @throws Exception
*/
public function handle($request, Closure $next)
{
$signature = $request->header('Stripe-Signature');
if (!$signature) {
throw StripeWebhookFailed::missingSignature();
}
if (!$this->isValid($signature, $request->getContent())) {
throw StripeWebhookFailed::invalidSignature($signature);
}
return $next($request);
}
/**
* @param string $signature
* @param string $payload
* @return bool
* @throws Exception
*/
protected function isValid(string $signature, string $payload): bool
{
$subscription = new Subscription('Stripe');
$webhook_secret = $subscription->gateway->getApiWebhookKey();
if (empty($webhook_secret)) {
throw StripeWebhookFailed::signingSecretNotSet();
}
try {
Webhook::constructEvent($payload, $signature, $webhook_secret);
} catch (Exception $exception) {
return false;
}
return true;
}
}