2024-03-01 13:04:29 +00:00
|
|
|
<?php
|
|
|
|
|
|
|
|
|
|
namespace App\Http\Controllers\Webhook;
|
|
|
|
|
|
|
|
|
|
use App\Http\Controllers\Controller;
|
2024-11-22 13:42:10 +00:00
|
|
|
use App\Jobs\StripeProcessJob;
|
2024-03-01 13:04:29 +00:00
|
|
|
use Exception;
|
|
|
|
|
use Illuminate\Http\Request;
|
feat(observability): add structured audit log channel for API and webhook events
Introduce a dedicated `audit` log channel (daily rotation, configurable retention via
LOG_AUDIT_DAYS) and a small `auditLog()` / `auditLogWebhookFailure()` helper used to
record state-changing API operations and webhook events.
Instrumented:
- API mutation endpoints (create / update / delete / start / stop / restart) across
applications, services, databases (incl. backups, env vars, storage), servers,
projects + environments, scheduled tasks, private keys, GitHub apps, cloud provider
tokens, Hetzner server provisioning, instance enable/disable.
- Webhook signature verification outcomes for GitHub, GitLab, Bitbucket, Gitea and
Stripe, plus the Sentinel push endpoint.
- Authentication and authorization outcomes via the global exception handler and
the `ApiAbility` middleware (unauthenticated, ability-denied, policy-denied).
The helper is wrapped in try/catch so logging failures never affect the request
path. Successful operations log at `info`; suspicious/denied requests log at
`warning`. Operators wanting a failures-only feed can set `LOG_AUDIT_LEVEL=warning`.
Includes a feature test suite covering the helper, the webhook providers and the
new auth/authorization log paths.
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
2026-04-28 12:50:37 +00:00
|
|
|
use Stripe\Exception\SignatureVerificationException;
|
|
|
|
|
use Stripe\Webhook;
|
2024-03-01 13:04:29 +00:00
|
|
|
|
|
|
|
|
class Stripe extends Controller
|
|
|
|
|
{
|
|
|
|
|
public function events(Request $request)
|
|
|
|
|
{
|
|
|
|
|
try {
|
2024-11-22 13:42:10 +00:00
|
|
|
$webhookSecret = config('subscription.stripe_webhook_secret');
|
|
|
|
|
$signature = $request->header('Stripe-Signature');
|
feat(observability): add structured audit log channel for API and webhook events
Introduce a dedicated `audit` log channel (daily rotation, configurable retention via
LOG_AUDIT_DAYS) and a small `auditLog()` / `auditLogWebhookFailure()` helper used to
record state-changing API operations and webhook events.
Instrumented:
- API mutation endpoints (create / update / delete / start / stop / restart) across
applications, services, databases (incl. backups, env vars, storage), servers,
projects + environments, scheduled tasks, private keys, GitHub apps, cloud provider
tokens, Hetzner server provisioning, instance enable/disable.
- Webhook signature verification outcomes for GitHub, GitLab, Bitbucket, Gitea and
Stripe, plus the Sentinel push endpoint.
- Authentication and authorization outcomes via the global exception handler and
the `ApiAbility` middleware (unauthenticated, ability-denied, policy-denied).
The helper is wrapped in try/catch so logging failures never affect the request
path. Successful operations log at `info`; suspicious/denied requests log at
`warning`. Operators wanting a failures-only feed can set `LOG_AUDIT_LEVEL=warning`.
Includes a feature test suite covering the helper, the webhook providers and the
new auth/authorization log paths.
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
2026-04-28 12:50:37 +00:00
|
|
|
$event = Webhook::constructEvent(
|
2024-11-22 13:42:10 +00:00
|
|
|
$request->getContent(),
|
|
|
|
|
$signature,
|
|
|
|
|
$webhookSecret
|
|
|
|
|
);
|
|
|
|
|
StripeProcessJob::dispatch($event);
|
2024-06-10 20:43:34 +00:00
|
|
|
|
2024-11-22 13:42:10 +00:00
|
|
|
return response('Webhook received. Cool cool cool cool cool.', 200);
|
feat(observability): add structured audit log channel for API and webhook events
Introduce a dedicated `audit` log channel (daily rotation, configurable retention via
LOG_AUDIT_DAYS) and a small `auditLog()` / `auditLogWebhookFailure()` helper used to
record state-changing API operations and webhook events.
Instrumented:
- API mutation endpoints (create / update / delete / start / stop / restart) across
applications, services, databases (incl. backups, env vars, storage), servers,
projects + environments, scheduled tasks, private keys, GitHub apps, cloud provider
tokens, Hetzner server provisioning, instance enable/disable.
- Webhook signature verification outcomes for GitHub, GitLab, Bitbucket, Gitea and
Stripe, plus the Sentinel push endpoint.
- Authentication and authorization outcomes via the global exception handler and
the `ApiAbility` middleware (unauthenticated, ability-denied, policy-denied).
The helper is wrapped in try/catch so logging failures never affect the request
path. Successful operations log at `info`; suspicious/denied requests log at
`warning`. Operators wanting a failures-only feed can set `LOG_AUDIT_LEVEL=warning`.
Includes a feature test suite covering the helper, the webhook providers and the
new auth/authorization log paths.
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
2026-04-28 12:50:37 +00:00
|
|
|
} catch (SignatureVerificationException $e) {
|
|
|
|
|
auditLogWebhookFailure('stripe', 'invalid_signature', [
|
|
|
|
|
'error' => $e->getMessage(),
|
|
|
|
|
]);
|
|
|
|
|
|
|
|
|
|
return response($e->getMessage(), 400);
|
2024-03-01 13:04:29 +00:00
|
|
|
} catch (Exception $e) {
|
|
|
|
|
return response($e->getMessage(), 400);
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|