Develop Reference

Stripe PHP Best way to debug an SignatureVerificationException with Stripe-cli - laravel

I created a webhook to get informations about checkout sessions :
public function stripeWebhookCheckout(Request $request)
{
\Stripe\Stripe::setApiKey(env("STRIPE_SECRET"));
// You can find your endpoint's secret in your webhook settings
$endpoint_secret = 'whsec_fVBkAmCztUTacQKZiyjmcq6QQrl8lKL1';
$payload = #file_get_contents('php://input');
$sig_header = $_SERVER['HTTP_STRIPE_SIGNATURE'];
$event = null;
try {
$event = \Stripe\Webhook::constructEvent(
$payload,
$sig_header,
$endpoint_secret
);
} catch (\UnexpectedValueException $e) {
// Invalid payload
http_response_code(400);
exit();
} catch (\Stripe\Exception\SignatureVerificationException $e) {
// Invalid signature
http_response_code(400);
exit();
}
// Handle the checkout.session.completed event
if ($event->type == 'checkout.session.completed') {
$session = $event->data->object;
// Fulfill the purchase...
handle_checkout_session($session);
$stripeSessionId = $session['id'];
if (isset($stripeSessionId)) {
$payment = Payment::where('stripe_sessioncheckout_id', '=', $stripeSessionId)->first();
$payment->status = "success";
$payment->data = $session;
$payment->save();
}
}
http_response_code(200);
}
I use stripe-cli to test my webhook in local. And i have this kind of result
$ stripe listen --forward-to jvlb.test/api/stripe/webhook/checkout
> Ready! Your webhook signing secret is whsec_sc9Gh9A6zx3IOfBpH62F9DdPYIhSUYtw (^C to quit)
2019-11-28 16:19:06 --> charge.succeeded [evt_1FjsW5FIYszmshR0eGSB9GDo]
2019-11-28 16:19:06 <-- [400] GET https://jvlb.test/api/stripe/webhook/checkout [evt_1FjsW5FIYszmshR0eGSB9GDo]
To debug it i changes the http_response_code(400) and I realised it generate a SignatureVerificationException.
My question is, how can i debug this ? Is it the $_SERVER['HTTP_STRIPE_SIGNATURE'] who is wrong ?
Thanks

i found a solution, if it can help people in the future :
I made a mistake in the way i use stripe-cli, i forgot "https://".
The good way is :
stripe listen --forward-to https://jvlb.test/api/stripe/webhook/checkout
And then i had few error of code to manage. I just used the tail command on my log file
tail -f storage/logs/laravel-2019-11-29.log

Related

How can i send Firebase cloud token to my android app to open my app deeplink?
I implemented deeplink and its worked
Then config my firebase FCM and my laravel send notification to my android device. with this library
https://github.com/brozot/Laravel-FCM
i cant find any method to send link but
function sendNotification($user_id, $type)
{
$message = getNotificationMessage($type);
try {
$fcm_tokens = ClientInfo::where('user_id', $user_id)->all();
foreach ($fcm_tokens as $key => $fcm_token) {
$optionBuilder = new OptionsBuilder();
$optionBuilder->setTimeToLive(60 * 20);
$notificationBuilder = new PayloadNotificationBuilder();
$notificationBuilder->setBody($message)
->setSound('default')
->setClickAction('bazarshahr://customer.app/order');
$dataBuilder = new PayloadDataBuilder();
$dataBuilder->addData(['deeplink' => 'bazarshahr://customer.app/product/39']);
$option = $optionBuilder->build();
$notification = $notificationBuilder->build();
$data = $dataBuilder->build();
$token = $fcm_token['firebase_token'];
$downstreamResponse = FCM::sendTo($token, $option, $notification, $data);
$downstreamResponse->numberSuccess();
$downstreamResponse->numberFailure();
$downstreamResponse->numberModification();
// return Array - you must remove all this tokens in your database
$downstreamResponse->tokensToDelete();
// return Array (key : oldToken, value : new token - you must change the token in your database)
$downstreamResponse->tokensToModify();
// return Array - you should try to resend the message to the tokens in the array
$downstreamResponse->tokensToRetry();
// return Array (key:token, value:error) - in production you should remove from your database the tokens
$downstreamResponse->tokensWithError();
}
} catch (Exception $e) {
SystemLog::error(sprintf("[helpers.sendNotif] Can't send Nofication: %s (%d)", $e->getMessage(), $e->getCode()));
return false;
}
return true;
}

This feature is not mentioned in Fcm documentation but i tried some sort of tests on my own and figured out the solution: as we replied here
Instead of click_action we need to put link:
https://fcm.googleapis.com/fcm/send
Content-Type: application/json
Authorization: key={SERVER_KEY}
{
"to" : "{Firebase client token}",
"collapse_key" : "type_a",
"notification" : {
"body" : "Body of Your Notification",
"title": "Title of Your Notification"
"link": "example://my.app/products" <<-- Here is the solution
}
}

I'm trying to redirect after executing some code with flash message then apache hang and sent error
Connot modify header information - headers already sent
public function convert_to_invoice($id)
{
if (!has_permission('invoices', '', 'create')) {
access_denied('invoices');
}
if (!$id) {
die('No estimate found');
}
$draft_invoice = false;
if ($this->input->get('save_as_draft')) {
$draft_invoice = true;
}
$invoiceid = $this->estimates_model->convert_to_invoice($id, false, $draft_invoice);
if ($invoiceid) {
$this->session->set_flashdata('message-success','estimate_convert_to_invoice_successfully');
redirect('invoices/list_invoices/' . $invoiceid);
} else {
if ($this->session->has_userdata('estimate_pipeline') && $this->session->userdata('estimate_pipeline') == 'true') {
$this->session->set_flashdata('estimateid', $id);
}
if ($this->set_estimate_pipeline_autoload($id)) {
redirect($_SERVER['HTTP_REFERER']);
} else {
redirect(admin_url('estimates/list_estimates/' . $id));
}
}
}

As redirect uses headers to perform its task nothing can be outputted before it is called. I don't see anything that would cause output except:
if (!has_permission('invoices', '', 'create')) {
access_denied('invoices'); // exits?
}
if (!$id) {
die('No estimate found');
}
However both seem to exit so the redirect stage shouldn't be reached.
I would suggest removing the redirects temporarily, running the script, and seeing what is outputting. You can then remove/silence those offending pieces of code and re-institute the redirects. It might be as simple as an error outputting.

I have this code
function checkIBAN($iban)
{
$iban = strtolower(str_replace(' ','',$iban));
$Countries = array('al'=>28,'ad'=>24,'at'=>20,'az'=>28,'bh'=>22,'be'=>16,'ba'=>20,'br'=>29,'bg'=>22,'cr'=>21,'hr'=>21,'cy'=>28,'cz'=>24,'dk'=>18,'do'=>28,'ee'=>20,'fo'=>18,'fi'=>18,'fr'=>27,'ge'=>22,'de'=>22,'gi'=>23,'gr'=>27,'gl'=>18,'gt'=>28,'hu'=>28,'is'=>26,'ie'=>22,'il'=>23,'it'=>27,'jo'=>30,'kz'=>20,'kw'=>30,'lv'=>21,'lb'=>28,'li'=>21,'lt'=>20,'lu'=>20,'mk'=>19,'mt'=>31,'mr'=>27,'mu'=>30,'mc'=>27,'md'=>24,'me'=>22,'nl'=>18,'no'=>15,'pk'=>24,'ps'=>29,'pl'=>28,'pt'=>25,'qa'=>29,'ro'=>24,'sm'=>27,'sa'=>24,'rs'=>22,'sk'=>24,'si'=>19,'es'=>24,'se'=>24,'ch'=>21,'tn'=>24,'tr'=>26,'ae'=>23,'gb'=>22,'vg'=>24);
$Chars = array('a'=>10,'b'=>11,'c'=>12,'d'=>13,'e'=>14,'f'=>15,'g'=>16,'h'=>17,'i'=>18,'j'=>19,'k'=>20,'l'=>21,'m'=>22,'n'=>23,'o'=>24,'p'=>25,'q'=>26,'r'=>27,'s'=>28,'t'=>29,'u'=>30,'v'=>31,'w'=>32,'x'=>33,'y'=>34,'z'=>35);
try{
$cntr=(in_array(substr($iban,0,2),$Countries)) ? $Countries[substr($iban,0,2)] : false;
if(strlen($iban) == $cntr){
$MovedChar = substr($iban, 4).substr($iban,0,4);
$MovedCharArray = str_split($MovedChar);
$NewString = "";
foreach($MovedCharArray AS $key => $value){
if(!is_numeric($MovedCharArray[$key])){
$MovedCharArray[$key] = $Chars[$MovedCharArray[$key]];
}
$NewString .= $MovedCharArray[$key];
}
if(bcmod($NewString, '97') == 1)
{
return TRUE;
}
else{
return FALSE;
}
}
else{
return FALSE;
}
}catch (Exception $e) {
report($e);
return false;
}
}
And I receive this exception in Laravel
{message: "Undefined offset: 21", exception: "ErrorException",…}
exception
:
"ErrorException"
"Undefined offset: 21" in this string $Countries[substr($iban,0,2)]
How can I run from Exception and receive just a false in this case? Because of that fact that my function which is checking iban must receive only true or false not an Exception. If I receive an Exception that is 500error in Ajax

There are quite a few tested iban validation libraries on the packagist.
https://packagist.org/?q=iban&p=0
I'd use one of these instead.
Much better than some crusty code copied off another stackoverflow question.
A "ErrorException" is laravel's error handler turning a php error into an exception. You can avoid the error by adding checks before doing array access.
Consider this example:
$MovedCharArray[$key] = $Chars[$MovedCharArray[$key]];
It assumes that $MovedCharArray has an index of $key and assumes that $Chars has an index of $MovedCharArray[$key]. If any of those don't exist, you'll get that error.
Add some checks before attempting to access those array elements and you can avoid the error.
if(isset($MovedCharArray[$key]) && isset($Chars[$MovedCharArray[$key]])){
$MovedCharArray[$key] = $Chars[$MovedCharArray[$key]];
}else{
//Some error condition you'll need to deal with.
}

Below is the function to receive all incoming calls in my Controller
public function call_incoming()
{
$blocklist = $this->call_log_model->get_blocklist($_REQUEST['From']);
$tenantNum = $this->call_log_model->get_called_tenant($_REQUEST['From']);
$tenantInfoByNumber = $this->account_model->getTenantInfoByNumber($tenantNum->to_tenant);
$officeStatus = $this->check_office_hours($tenantInfoByNumber->start_office_hours, $tenantInfoByNumber->end_office_hours);
$calldisposition = $this->calldisp_model->get_call_disposition($tenantInfoByNumber->user_id);
$response = new Services_Twilio_Twiml;
if($blocklist == 0)
{
if($officeStatus == "open")
{
if($_POST['Called'] != AGENTPOOL_NUM)
{
$data = array(
'caller'=>$_REQUEST['From'],
'to_tenant'=>$_POST['Called'],
'date_created'=>date('Y-m-d H:i:s')
);
$this->call_log_model->insert_caller_to_tenant($data);
$dial = $response->dial(NULL, array('callerId' => $_REQUEST['From']));
$dial->number(AGENTPOOL_NUM);
print $response;
}
else
{
$gather = $response->gather(array('numDigits' => 1, 'action'=>HTTP_BASE_URL.'agent/call_controls/call_incoming_pressed', 'timeout'=>'5' , 'method'=>'POST'));
$ctr = 1;
foreach($calldisposition as $val )
{
$gather->say('To go to '.$val->disposition_name.', press '.$ctr, array('voice' => 'alice'));
$gather->pause("");
$ctr++;
}
print $response;
}
}
else
{
$response->say('Thank you for calling. Please be advise that our office hours is from '.$tenantInfoByNumber->start_office_hours.' to '.$tenantInfoByNumber->end_office_hours);
$response->hangup();
print $response;
}
}
else
{
$response->say('This number is blocked. Goodbye!');
$response->hangup();
print $response;
}
}
Please advise if I need to post the model...
Here is whats happening everytime an unknown number calls in, the caller will hear an application error has occurred error message and when checking the Twilio console the error it is giving me is
A PHP Error was encountered
Severity: Notice
Message: Trying to get property of non-object
Filename: agent/Call_controls.php
Line Number: 357
Please be advised that this error only occurs when the caller is a number not in our database yet. When the call comes from a number already saved in our databse, this codes works...
Thank you for the help...

if($tenantNum) {
$tenantInfoByNumber = $this->account_model->getTenantInfoByNumber($tenantNum->to_t‌​enant);
} else {
$tenantInfoByNumber = ""; // fill this in with relevant fill data
}
This should fix your issue, as there is no TenantNum returned, there is no data, so make it yourself for unknown numbers.

I have just made a chat hello world for the Ratchet WAMP + autobahn version 1.
full source code here if you want to see
The JavaScript client send chat message:
function click_send_btn() {
var json_data = {
"message": $.trim($("#input_message").val())
};
sess.publish("send_message", json_data, true);
}
The PHP Ratchet server publish the message:
public function onPublish(\Ratchet\ConnectionInterface $conn, $topic, $event, array $exclude, array $eligible) {
switch ($topic) {
case 'http://localhost/enter_room':
$foundChater = $this->allChater[$conn];
$newChaterName = $event['username'];
$foundChater->setChatName($newChaterName);
break;
case 'send_message':
$foundChater = $this->allChater[$conn];
$event['username']=$foundChater->getChatName();
break;
}
$topic->broadcast($event);
echo "onPublish {$conn->resourceId}\n";
}
I don't understand why publish with excludeme not working.
In the above 2 firefox, right firefox said: I am bar. The message should not display at himself, but it is.
doc ref: autobahn version 1 javascript publish with excludeme
doc ref: ratchet onpublish
doc ref: ratchet topic broadcast

I have just fix it.
What a fool I am. I had not handle the parameter "array $exclude"
and I also used the $topic->broadcast($event) to force broadcast to all.
Now I create a function
/**
* check whitelist and blacklist
*
* #param array of sessionId $exclude -- blacklist
* #param array of sessionId $eligible -- whitelist
* #return array of \Ratchet\ConnectionInterface
*/
private function getPublishFinalList(array $exclude, array $eligible) {
//array of sessionId
$allSessionId = array();
$this->allChater->rewind();
while ($this->allChater->valid()) {
array_push($allSessionId, $this->allChater->current()->WAMP->sessionId);
$this->allChater->next();
}
//if whitelist exist, use whitelist to filter
if (count($eligible) > 0) {
$allSessionId = array_intersect($allSessionId, $eligible);
}
//then if blacklist exist, use blacklist to filter
if (count($exclude) > 0) {
$allSessionId = array_diff($allSessionId, $exclude);
}
//return array of connection
$result = array();
$this->allChater->rewind();
while ($this->allChater->valid()) {
$currentConn = $this->allChater->current();
if (in_array($currentConn->WAMP->sessionId, $allSessionId)) {
array_push($result, $currentConn);
}
$this->allChater->next();
}
return $result;
}
in the onPublish, I not use the $topic->broadcast($event) anymore.
$conn2PublishArray = $this->getPublishFinalList($exclude, $eligible);
foreach ($conn2PublishArray as $conn2Publish) {
$conn2Publish->event($topic, $new_event);
}
connection class has a method 'even', which can send message to the 'subscriber' directly.
Ratchet.Wamp.WampConnection event method