TrimStrings middleware breaks signature verification - Part 2
BKirev opened this issue · comments
- Cashier Paddle Version: 1.4.8
- Laravel Version: 8.49.2
- PHP Version: 7.4.3
- Database Driver & Version: mysql Ver 8.0.27-0ubuntu0.20.04.1 for Linux on x86_64
Description:
The issue seems to be similar to #120
I've noticed that sometimes webhooks(subscription_payment_succeeded and payment_succeeded) are failing with invalid signature exception. Upon further investigation I've discovered that the only similar thing between them is that the customers have one customer_name - eg. (whitespace)John
, instead of John Doe
. All such customers have this whitespace.
It looks like this:
(screenshot from Paddle)
I've contacted Paddle's support and reported the issue there as well, as I think it could be something on their side.
My solution:
Adding customer_name
to $except
in TrimStrings
middleware.
I need code to reproduce this.
This is something we have no control over. For the reason above specifically, we trim each string value in the payload sent to Paddle to generate the pay link: https://github.com/laravel/cashier-paddle/blob/1.x/src/Concerns/PerformsCharges.php#L77
This is a Paddle limitation that we have no control over, sorry.