我的代码:
StripeStripe::setApiKey( env('STRIPE_SECRET_KEY') );
// This is your Stripe CLI webhook secret for testing your endpoint locally.
$endpoint_secret = 'whsec_xxxxxxxxxxxxxxxxxxxx';
$payload = @file_get_contents('php://input');
$sig_header = $_SERVER['HTTP_STRIPE_SIGNATURE'];
$event = null;
try {
$event = StripeWebhook::constructEvent(
$payload, $sig_header, $endpoint_secret
);
} catch(UnexpectedValueException $e) {
// Invalid payload
http_response_code(400);
exit();
} catch(StripeExceptionSignatureVerificationException $e) {
// Invalid signature
http_response_code(400);
exit();
}
// Handle the event
switch ($event->type) {
case 'payment_intent.canceled':
$paymentIntent = $event->data->object;
dd($paymentIntent);
case 'payment_intent.payment_failed':
$paymentIntent = $event->data->object;
case 'payment_intent.requires_action':
$paymentIntent = $event->data->object;
case 'payment_intent.succeeded':
$paymentIntent = $event->data->object;
// ... handle other event types
default:
echo 'Received unknown event type ' . $event->type;
}
http_response_code(200);
我正在测试它在本地和触发事件从条纹cli,然而,laravel抛出302错误。我已经将其置于公共路由中,并且可以通过incongito访问轻松命中端点。我也从邮递员那里测试了它,从那里也没有到达端点的问题。
您需要将webhook从CSRF验证中排除。
应该看起来像
class VerifyCsrfToken extends Middleware
{
/**
* Indicates whether the XSRF-TOKEN cookie should be set on the response.
*
* @var bool
*/
protected $addHttpCookie = true;
/**
* The URIs that should be excluded from CSRF verification.
*
* @var array
*/
protected $except = [
'stripe/*'
];
}
和你的web路由看起来像
Route::post('stripe/webhook', [StripeWebhookController::class, 'handleWebhook'])->name('cashier.webhook');