PHPackages                             adejorosam/laravel-flutterwave-webhook - PHPackages - PHPackages  [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register)

1. [Directory](/)
2. /
3. [Payment Processing](/categories/payments)
4. /
5. adejorosam/laravel-flutterwave-webhook

ActiveLibrary[Payment Processing](/categories/payments)

adejorosam/laravel-flutterwave-webhook
======================================

Handle Flutterwave Webhooks in a Laravel application

1.0.0(5y ago)5562[1 issues](https://github.com/adejorosam/laravel-flutterwave-webhook/issues)MITPHPPHP ^7.1

Since Oct 5Pushed 5y ago2 watchersCompare

[ Source](https://github.com/adejorosam/laravel-flutterwave-webhook)[ Packagist](https://packagist.org/packages/adejorosam/laravel-flutterwave-webhook)[ Docs](https://github.com/adejorosam/laravel-flutterwave-webhook)[ RSS](/packages/adejorosam-laravel-flutterwave-webhook/feed)WikiDiscussions master Synced 2d ago

READMEChangelog (1)Dependencies (4)Versions (2)Used By (0)

Handle Flutterwave Webhooks in a Laravel application
====================================================

[](#handle-flutterwave-webhooks-in-a-laravel-application)

[![Latest Version on Packagist](https://camo.githubusercontent.com/7e37d65f479cb11cba924cac0338c343409507ec2db976a57730bd86471552a4/68747470733a2f2f696d672e736869656c64732e696f2f7061636b61676973742f762f6164656a6f726f73616d2f6c61726176656c2d666c7574746572776176652d776562686f6f6b2e7376673f7374796c653d666c61742d737175617265)](https://packagist.org/packages/adejorosam/laravel-flutterwave-webhook)[![run-tests](https://github.com/adejorosam/laravel-flutterwave-webhook/workflows/run-tests/badge.svg)](https://github.com/adejorosam/laravel-flutterwave-webhook/workflows/run-tests/badge.svg)[![Check & fix styling](https://github.com/adejorosam/laravel-flutterwave-webhook/workflows/Check%20&%20fix%20styling/badge.svg)](https://github.com/adejorosam/laravel-flutterwave-webhook/workflows/Check%20&%20fix%20styling/badge.svg)[![Total Downloads](https://camo.githubusercontent.com/914b1407158a97e959c9695790fa1de837e34a22445656f911626f4e265929a1/68747470733a2f2f696d672e736869656c64732e696f2f7061636b61676973742f64742f6164656a6f726f73616d2f6c61726176656c2d666c7574746572776176652d776562686f6f6b2e7376673f7374796c653d666c61742d737175617265)](https://packagist.org/packages/adejorosam/laravel-flutterwave-webhook)

[Flutterwave](https://flutterwave.com/) can notify your application about various events via webhooks. This package can help you handle those webhooks. It will automatically verify all incoming requests and ensure they are coming from Flutterwave.

Please note that this package will NOT handle what should be done after the request has been validated. You should still write the code for that.

Find out more details about [Flutterwave's webhook here](https://developer.flutterwave.com/reference#webhook)

Installation
------------

[](#installation)

You can install the package via composer:

```
composer require adejorosam/laravel-flutterwave-webhook
```

The service provider will automatically register itself.

You must publish the config file with:

```
php artisan vendor:publish --provider="Adejorosam\LaravelFlutterwaveWebhook\LaravelFlutterwaveWebhookServiceProvider" --tag="config"
```

This is the contents of the config file that will be published at `config/flutterwave-webhooks.php`:

```
return [

    /*
     * Flutterwave will sign each webhook using the secret hash you fielded.
     * You can do that at the webhook configuration settings: https://dashboard.flutterwave.com/account/webhooks.
     */
    'signing_secret' => env('SECRET_HASH'),

    /*
     * The classname of the model to be used. The class should equal or extend
     * \Spatie\WebhookClient\ProcessWebhookJob.
    */
    'process_webhook_job' => '',
];
```

In the `signing_secret` key of the config file you should add a valid webhook secret. You can find the secret used at [the webhook configuration settings on the flutterwave dashboard](https://dashboard.flutterwave.com/account/webhooks).

Next, you must publish the migration with:

```
php artisan vendor:publish --provider="Adejorosam\LaravelFlutterwaveWebhook\LaravelFlutterwaveServiceProvider" --tag="migrations"
```

After the migration has been published you can create the `webhook_calls` table by running the migrations:

```
php artisan migrate
```

Finally, take care of the routing: At [the flutterwave dashboard](https://dashboard.flutterwave.com/account/webhooks) you must configure at what url Flutterwave webhooks should hit your app. In the routes file of your app you must pass that route to `Route::flutterwaveWebhooks`:

```
Route::flutterwaveWebhooks('webhook-route-configured-at-the-flutterwave-dashboard');
```

Behind the scenes this will register a `POST` route to a controller provided by this package. Because Flutterwave has no way of getting a csrf-token, you must add that route to the `except` array of the `VerifyCsrfToken` middleware:

```
protected $except = [
    'webhook-route-configured-at-the-flutterwave-dashboard',
];
```

Usage
-----

[](#usage)

Flutterwave will send out webhooks for several event types. You can find the \[full list of events types\] in the Flutterwave documentation.

Flutterwave will sign all requests hitting the webhook url of your app. This package will automatically verify if the signature is valid. If it is not, the request was probably not sent by Flutterwave.

Unless something goes terribly wrong, this package will always respond with a `200` to webhook requests. Sending a `200` will prevent Flutterwave from resending the same event over and over again. All webhook requests with a valid signature will be logged in the `webhook_calls` table. The table has a `payload` column where the entire payload of the incoming webhook is saved.

If the signature is not valid, the request will not be logged in the `webhook_calls` table but a `Adejorosam\LaravelWebhooks\WebhookFailed` exception will be thrown. If something goes wrong during the webhook request the thrown exception will be saved in the `exception` column. In that case the controller will send a `500` instead of `200`.

### Storing and processing webhooks

[](#storing-and-processing-webhooks)

After the signature is validated and the webhook profile has determined that the request should be processed, the package will store and process the request.

The request will first be stored in the `webhook_calls` table. This is done using the `WebhookCall` model.

Next, the newly created `WebhookCall` model will be passed to a queued job that will process the request. Any class that extends `\Spatie\WebhookClient\ProcessWebhookJob` is a valid job. Here's an example:

```