alexpgates · October 5, 2017 13:55
diff --git a/validate-stripe-webhook-laravel5.5.php b/validate-stripe-webhook-laravel5.5.php
 <?php

 public function isValid(\Illuminate\Http\Request $request){

    // Grab the Stripe-Signature header
    $header_signature = $request->header('Stripe-Signature');

    // sets variables $t and $v1 with their values, (and any other elements that stripe may pass along that we'll ignore)
    foreach(explode(',', $header_signature) as $key => $val){
        $prefix = str_before($val, '=');
        $$prefix = str_after($val, '=');
    }

    // Prepare the signed_payload string
    $signed_payload = $t.'.'.$request->getContent();

    // Determine the expected signature
    // webook_secret obtained on the webhooks settings screen in stripe account
    $expected_signature = hash_hmac('sha256', $signed_payload, config('services.stripe.webhook_secret'));

    if($expected_signature == $v1){
        // Good to go!
        return true;
    }
    Log::warning('Webhook request determined to be invalid: '.print_r($request->all(), true));
    return false;
 }
	<?php

	public function isValid(\Illuminate\Http\Request $request){

	// Grab the Stripe-Signature header
	$header_signature = $request->header('Stripe-Signature');

	// sets variables $t and $v1 with their values, (and any other elements that stripe may pass along that we'll ignore)
	foreach(explode(',', $header_signature) as $key => $val){
	$prefix = str_before($val, '=');
	$$prefix = str_after($val, '=');
	}

	// Prepare the signed_payload string
	$signed_payload = $t.'.'.$request->getContent();

	// Determine the expected signature
	// webook_secret obtained on the webhooks settings screen in stripe account
	$expected_signature = hash_hmac('sha256', $signed_payload, config('services.stripe.webhook_secret'));

	if($expected_signature == $v1){
	// Good to go!
	return true;
	}
	Log::warning('Webhook request determined to be invalid: '.print_r($request->all(), true));
	return false;
	}