Warm tip: This article is reproduced from serverfault.com, please click
http-status-code-404 laravel webhooks ngrok spatie

I keep getting 404 not found while testing webhook with spatie webhook client and ngrok

发布于 2020-12-02 21:54:44

I am testing webhook with payment gateway Paystack with ngrok and spatie webhook-client, with my route in the route/api.php. and I keep getting 404 not found at the status response when the event is triggered. But if the webhook route is moved to web.php route I get response 419 unknown state. don't know why. Please I am new to all these just following to learn.

**Route in api.php**

Route::webhooks('paystack-webhook');

and VerifyCsrfToken.php

protected $except = [
    'https://17c5dbf1bd87.ngrok.io/paystack/webhook',
];

From my Paytack Dashboard

webhook-client.php

  <?php

  return [
      'configs' => [
      [
            /*
             * This package supports multiple webhook receiving endpoints. If you only have
             * one endpoint receiving webhooks, you can use 'default'.
            */
            'name' => 'default',

            /*
             * We expect that every webhook call will be signed using a secret. This secret
             * is used to verify that the payload has not been tampered with.
            */
            'signing_secret' => env('PAYSTACK_SECRET_KEY'),

            /*
             * The name of the header containing the signature.
            */
            'signature_header_name' => 'x-paystack-signature',

            /*
             *  This class will verify that the content of the signature header is valid.
             *
             * It should implement \Spatie\WebhookClient\SignatureValidator\SignatureValidator
            */
            'signature_validator' => App\Handler\CustomSignatureValidator::class,

            /*
             * This class determines if the webhook call should be stored and processed.
            */
            'webhook_profile' => \Spatie\WebhookClient\WebhookProfile\ProcessEverythingWebhookProfile::class,

            /*
             * This class determines the response on a valid webhook call.
            */
            'webhook_response' => \Spatie\WebhookClient\WebhookResponse\DefaultRespondsTo::class,

            /*
             * The classname of the model to be used to store call. The class should be equal
             * or extend Spatie\WebhookClient\Models\WebhookCall.
            */
            'webhook_model' => \Spatie\WebhookClient\Models\WebhookCall::class,

            /*
             * The class name of the job that will process the webhook request.
             *
             * This should be set to a class that extends \Spatie\WebhookClient\ProcessWebhookJob.
            */
             'process_webhook_job' => App\Handler\ProcessWebhook::class,
        ],
    ],
];

ProcessWebhook.php

<?php

namespace App\Handler;

//App/Handler/ProcessWebhook.php
use \Spatie\WebhookClient\ProcessWebhookJob;

//The class extends "ProcessWebhookJob" class as that is the class 
//that will handle the job of processing our webhook before we have 
//access to it.class ProcessWebhook extends ProcessWebhookJob

class ProcessWebhook extends ProcessWebhookJob
{

    public function handle() {

        $data = json_decode($this->webhookCall, true);
        //Do something with the event

        logger($data['payload']);
        http_response_code(200); //Acknowledge you received the response
    }
}

CustomSignatureValidator.php

<?php

//App/Handler/CustomSignatureValidator.php


namespace App\Handler;

use Illuminate\Http\Request;

use Spatie\WebhookClient\Exceptions\WebhookFailed;

use Spatie\WebhookClient\WebhookConfig;

use Spatie\WebhookClient\SignatureValidator\SignatureValidator;


class PaystackSignature implements SignatureValidator
{

    public function isValid(Request $request, WebhookConfig $config): bool
    {
        $signature = $request->header($config->signatureHeaderName);
    
        if (! $signature) {
            return false;
        }
 
        $signingSecret = $config->signingSecret;

        if (empty($signingSecret)) {
     
            throw WebhookFailed::signingSecretNotSet();
        }
 
        $computedSignature = hash_hmac('sha512', $request->getContent(), $signingSecret);
 
        return hash_equals($signature, $computedSignature);
    }
}

Response

status response from ngrok

Route List

Route List

Questioner
Adam
Viewed
0
分享
zahid hasan emon 2020-12-03 12:27:52

you are mismatching some things here. let's say you want to handle the webhook through web. then you have to put a route in your web.php file. (make sure to put it at the bottom of your route file if you use domain routing or to be safe put it just at the bottom)

Route::webhooks('paystack/webhook');

then add that route to your verify csrf middleware except

protected $except = [
    'paystack/*',
];

and then your webhook url for paystack will be

ngrock-generated-host/paystack/webhook

now if you want to handle it through api then put the route at api.php file

Route::webhooks('paystack/webhook');

you need not to put it at the except of verify csrf middleware as it will be handled with api. and your webhook url for paystack will be

ngrock-generated-host/api/paystack/webhook
Adam 2020-12-03 08:15:14

Thank you @zahid hasan emon, I have tried your suggestion with web.php route and I got 500 internal server error response, then I tried it with api route and I got 404 not found response. maybe am still missing something

zahid hasan emon 2020-12-03 08:57:35

do you put the api prefix for the api route in your paystack webhook url?? and if you get 500 for web, then it means it's receiving the webhook but something is going wrong when handling the webhook. check the response or the log to find out what is going wrong.

Adam 2020-12-03 09:15:32

api prefix? not I didn't, but now I did and is responding with 500 internal server error but I will check the log as you said

zahid hasan emon 2020-12-03 09:24:19

now you are receiving the webhook but something goes wrong when handling it..check out what's going on that causes 500 error.

Adam 2020-12-03 10:04:54

I did check the log and this is causing the error [2020-12-03 09:54:51] local.ERROR: App\Handler\CustomSignatureValidator is not a valid signature validator class.

热门github

1
Implementation of paper - YOLOv9: Learning What You Want to Learn Using Programmable Gradient Information
2
A Windows and Office activator using HWID / Ohook / KMS38 / Online KMS activation methods, with a focus on open-source code and fewer antivirus detections.
3
Get up and running with Llama 2, Mistral, Gemma, and other large language models.
4
该项目可以让你通过订阅的方式使用Cloudflare WARP+,自动获取流量。This project enables you to use Cloudflare WARP+ through subscription, automatically acquiring traffic.
5
Multi functional app to find duplicates, empty folders, similar images etc.
6
Xray panel supporting multi-protocol multi-user expire day & traffic & ip limit (Vmess & Vless & Trojan & ShadowSocks & Wireguard)
7
The Free Software Media System
8
lightweight, standalone C++ inference engine for Google's Gemma models.
9
📚 Freely available programming books
10
A collective list of free APIs
11
1️⃣🐝🏎️ The One Billion Row Challenge -- A fun exploration of how quickly 1B rows from a text file can be aggregated with Java
12
🎓 Path to a free self-taught education in Computer Science!
13
Curso para aprender el lenguaje de programación Python desde cero y para principiantes. 75 clases, 37 horas en vídeo, código, proyectos y grupo de chat. Fundamentos, frontend, backend, testing, IA...
14
This repository contains System Design resources which are useful while preparing for interviews and learning Distributed Systems
15
Mamba is a new state space model architecture showing promising performance on information-dense data such as language modeling, where previous subquadratic models fall short of Transformers. It is based on the line of progress on structured state space models, with an efficient hardware-aware design and implementation in the spirit of FlashAttention.