forked from alexmorrisnz/moodle-paygw_stripe
-
Notifications
You must be signed in to change notification settings - Fork 0
/
webhook.php
80 lines (69 loc) · 2.54 KB
/
webhook.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
<?php
// This file is part of Moodle - http://moodle.org/
//
// Moodle is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// Moodle is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
/**
* Webhook for receiving events from Stripe.
*
* @package paygw_stripe
* @copyright 2023 Alex Morris <alex@navra.nz>
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
define('NO_MOODLE_COOKIES', true);
use core_payment\helper;
use paygw_stripe\stripe_helper;
use Stripe\Exception\SignatureVerificationException;
use Stripe\Webhook;
require_once(__DIR__ . '/../../../config.php');
require_once(__DIR__ . '/.extlib/stripe-php/init.php');
$payload = @file_get_contents('php://input');
// Fetch gateway configuration using metadata values we set in the payment intent data.
$jsonpayload = json_decode($payload, true);
if ($jsonpayload == null) {
http_response_code(400);
exit();
}
$metadata = $jsonpayload['data']['object']['metadata'];
$config =
(object) helper::get_gateway_configuration($metadata['component'], $metadata['paymentarea'], $metadata['itemid'], 'stripe');
$stripehelper = new stripe_helper($config->apikey, $config->secretkey);
// Validate payload using secret retrieved from webhook table.
$sigheader = $_SERVER['HTTP_STRIPE_SIGNATURE'];
$event = null;
$payable = helper::get_payable($metadata['component'], $metadata['paymentarea'], $metadata['itemid']);
$webhook = $stripehelper->get_webhook($payable->get_account_id());
if ($webhook == null) {
http_response_code(500);
exit();
}
$endpointsecret = $webhook->secret;
try {
$event = Webhook::constructEvent(
$payload, $sigheader, $endpointsecret
);
if (!$stripehelper->process_stripe_event($event, $metadata)) {
// Payload accepted but nothing to act upon.
http_response_code(202);
exit();
}
} catch (UnexpectedValueException $e) {
// Invalid payload.
http_response_code(400);
exit();
} catch (SignatureVerificationException $e) {
// Invalid signature.
http_response_code(400);
exit();
}
http_response_code(200);