43 lines
1.5 KiB
PHP
43 lines
1.5 KiB
PHP
|
<?php
|
||
|
|
|
||
|
|
namespace Stripe;
|
||
|
|
|
||
|
|
abstract class Webhook
|
||
|
|
{
|
||
|
|
const DEFAULT_TOLERANCE = 300;
|
||
|
|
|
||
|
|
/**
|
||
|
|
* Returns an Event instance using the provided JSON payload. Throws an
|
||
|
|
* Exception\UnexpectedValueException if the payload is not valid JSON, and
|
||
|
|
* an Exception\SignatureVerificationException if the signature
|
||
|
|
* verification fails for any reason.
|
||
|
|
*
|
||
|
|
* @param string $payload the payload sent by Stripe
|
||
|
|
* @param string $sigHeader the contents of the signature header sent by
|
||
|
|
* Stripe
|
||
|
|
* @param string $secret secret used to generate the signature
|
||
|
|
* @param int $tolerance maximum difference allowed between the header's
|
||
|
|
* timestamp and the current time
|
||
|
|
*
|
||
|
|
* @throws Exception\UnexpectedValueException if the payload is not valid JSON,
|
||
|
|
* @throws Exception\SignatureVerificationException if the verification fails
|
||
|
|
*
|
||
|
|
* @return Event the Event instance
|
||
|
|
*/
|
||
|
|
public static function constructEvent($payload, $sigHeader, $secret, $tolerance = self::DEFAULT_TOLERANCE)
|
||
|
|
{
|
||
|
|
WebhookSignature::verifyHeader($payload, $sigHeader, $secret, $tolerance);
|
||
|
|
|
||
|
|
$data = \json_decode($payload, true);
|
||
|
|
$jsonError = \json_last_error();
|
||
|
|
if (null === $data && \JSON_ERROR_NONE !== $jsonError) {
|
||
|
|
$msg = "Invalid payload: {$payload} "
|
||
|
|
. "(json_last_error() was {$jsonError})";
|
||
|
|
|
||
|
|
throw new Exception\UnexpectedValueException($msg);
|
||
|
|
}
|
||
|
|
|
||
|
|
return Event::constructFrom($data);
|
||
|
|
}
|
||
|
|
}
|