vendor/stripe/stripe-php/lib/Webhook.php

   1 <?php
   2
   3 namespace Stripe;
   4
   5 abstract class Webhook
   6 {
   7     const DEFAULT_TOLERANCE = 300;
   8
   9     /**
  10      * Returns an Event instance using the provided JSON payload. Throws a
  11      * \UnexpectedValueException if the payload is not valid JSON, and a
  12      * \Stripe\SignatureVerificationException if the signature verification
  13      * fails for any reason.
  14      *
  15      * @param string $payload the payload sent by Stripe.
  16      * @param string $sigHeader the contents of the signature header sent by
  17      *  Stripe.
  18      * @param string $secret secret used to generate the signature.
  19      * @param int $tolerance maximum difference allowed between the header's
  20      *  timestamp and the current time
  21      * @return \Stripe\Event the Event instance
  22      * @throws \UnexpectedValueException if the payload is not valid JSON,
  23      *  \Stripe\SignatureVerification if the verification fails.
  24      */
  25     public static function constructEvent($payload, $sigHeader, $secret, $tolerance = self::DEFAULT_TOLERANCE)
  26     {
  27         $data = json_decode($payload, true);
  28         $jsonError = json_last_error();
  29         if ($data === null && $jsonError !== JSON_ERROR_NONE) {
  30             $msg = "Invalid payload: $payload "
  31               . "(json_last_error() was $jsonError)";
  32             throw new \UnexpectedValueException($msg);
  33         }
  34         $event = Event::constructFrom($data, null);
  35
  36         WebhookSignature::verifyHeader($payload, $sigHeader, $secret, $tolerance);
  37
  38         return $event;
  39     }
  40 }