You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Love the package, but there seems to be a problem with verifying the signature.
The isValid method of the MailgunSignatureValidator class doesn't seem to ever be able to return false.
It is expecting an exception to return false, but it can never receive one.
In the Webhook class, you have:
public static function constructEvent(array $payload, array $signature, string $secret): Event
{
// verify we are good, else throw an expection
WebhookSignature::make($signature, $secret)->verify();
// Make an event
return Event::constructFrom($payload);
}
But the verify() function only returns a bool and doesn't throw an exception like the Stripe package. So even if it is false, it doesn't raise an exception and the isValid method of the Signature Validator will always return true.
Would you be interested in a PR?
The text was updated successfully, but these errors were encountered:
Love the package, but there seems to be a problem with verifying the signature.
The
isValidmethod of theMailgunSignatureValidatorclass doesn't seem to ever be able to return false.It is expecting an exception to return false, but it can never receive one.
In the Webhook class, you have:
But the
verify()function only returns abooland doesn't throw an exception like the Stripe package. So even if it is false, it doesn't raise an exception and theisValidmethod of the Signature Validator will always return true.Would you be interested in a PR?
The text was updated successfully, but these errors were encountered: