quellabs/canvas-payments-stripe 问题修复 & 功能扩展

解决BUG、新增功能、兼容多环境部署,快速响应你的开发需求

邮箱:yvsm@zunyunkeji.com | QQ:316430983 | 微信:yvsm316

quellabs/canvas-payments-stripe

Composer 安装命令:

composer require quellabs/canvas-payments-stripe

包简介

Stripe Checkout Sessions and Payment Intents REST API payment gateway integration for the Canvas PHP framework

README 文档

README

A Stripe payment provider for the Canvas framework. Part of the Canvas payments ecosystem. Implements the Stripe Checkout Sessions and Payment Intents APIs with webhook-based payment notifications.

Installation

composer require quellabs/canvas-payments-stripe

Architecture

This package sits between the Stripe REST API and your application. Your application only ever touches the contracts layer — it never depends on this package directly. PaymentRouter (from quellabs/canvas-payments) discovers this package automatically via composer metadata and routes payment calls to it.

Your Application
      │
      ▼
PaymentRouter               (quellabs/canvas-payments — discovery + routing)
      │
      ▼
PaymentInterface            (quellabs/canvas-payments-contracts)
      │
      ▼
Stripe                      (this package — implements the interface)
      │
      ▼
StripeGateway               (raw Stripe Checkout Sessions / Payment Intents REST API calls)

Webhook processing is decoupled from your application via signals. When Stripe sends a webhook notification, the package emits a payment_exchange signal carrying a PaymentState. Your application listens for that signal and handles it. The buyer return URL works the same way — both the return and cancel cases are handled by the same route and emit the same signal, so your application does not need to distinguish between them at the routing level.

Configuration

Create config/stripe.php in your Canvas application:

return [
    'test_mode'         => true,
    'secret_key'        => '',
    'publishable_key'   => '',
    'webhook_secret'    => '',
    'verify_ssl'        => true,
    'brand_name'        => '',
    'return_url'        => 'https://example.com/order/thankyou',
    'cancel_return_url' => 'https://example.com/order/cancelled',
    'webhook_url'       => 'https://example.com/webhooks/stripe',
];
Key Required Description
test_mode Yes Set to true for test mode, false for production
secret_key Yes Secret API key from the Stripe Dashboard — sk_test_* for test, sk_live_* for production
publishable_key No Publishable API key — only needed if your frontend interacts with Stripe.js directly
webhook_secret Yes Webhook signing secret (whsec_*) from your Stripe webhook endpoint — required for signature verification
verify_ssl No Whether to verify Stripe's SSL certificate. Always true in production. Defaults to true
brand_name No Used as the payment statement descriptor (max 22 characters). Full branding is set in the Stripe Dashboard
return_url Yes URL the customer is redirected to after a completed payment
cancel_return_url Yes URL the customer is redirected to after cancelling at Stripe
webhook_url Yes Full URL Stripe POSTs webhook events to — must match the URL registered in your Stripe webhook settings

Usage

Initiating a payment

Inject PaymentInterface via Canvas DI and call initiate():

use Quellabs\Payments\Contracts\PaymentInterface;
use Quellabs\Canvas\Controllers\BaseController;
use Quellabs\Payments\Contracts\PaymentRequest;
use Quellabs\Payments\Contracts\PaymentInitiationException;

class CheckoutController extends BaseController {

    public function __construct(private PaymentInterface $router) {}

    /**
     * @Route("...")
     */
    public function checkout(): void {
        $request = new PaymentRequest(
            paymentModule: 'stripe',
            amount:        999,   // in minor units — €9.99
            currency:      'EUR',
            description:   'Order #12345',
        );

        try {
            $result = $this->router->initiate($request);
            return $this->redirect($result->redirectUrl);
        } catch (PaymentInitiationException $e) {
            // handle error
        }
    }
}

Handling refunds

Pass amount: null for a full refund, or a minor-unit integer for a partial refund.

When your payment_exchange listener receives a PaymentStatus::Paid state, store $state->metadata['paymentReference'] — you'll need it as RefundRequest::$paymentReference.

// In your payment_exchange listener — store the PaymentIntent ID when the payment succeeds
public function onPaymentExchange(PaymentState $state): void {
    if ($state->state === PaymentStatus::Paid) {
        $this->orderRepository->updateCaptureId(
            $state->transactionId,
            $state->metadata['paymentReference']
        );
    }
}

// Full refund
$request = new RefundRequest(
    paymentReference: $order->paymentReference, // retrieved from your orders table
    paymentModule:    'stripe',
    amount:           null, // null = full refund
    currency:         'EUR',
    description:      'Full refund for order #12345',
);

// Partial refund
$request = new RefundRequest(
    paymentReference: $order->paymentReference, // retrieved from your orders table
    paymentModule:   'stripe',
    amount:          500, // in minor units — €5.00
    currency:        'EUR',
    description:     'Partial refund for order #12345',
);

try {
    $result = $this->router->refund($request);
    echo $result->refundId;
} catch (PaymentRefundException $e) {
    // handle error
}

Listening for payment state changes

use Quellabs\Canvas\Annotations\ListenTo;
use Quellabs\Payments\Contracts\PaymentState;
use Quellabs\Payments\Contracts\PaymentStatus;

class OrderService {

    /**
     * @ListenTo("payment_exchange")
     */
    public function onPaymentExchange(PaymentState $state): void {
        match ($state->state) {
            PaymentStatus::Paid      => $this->markPaid($state->transactionId),
            PaymentStatus::Canceled  => $this->markCanceled($state->transactionId),
            PaymentStatus::Failed    => $this->markFailed($state->transactionId),
            default                  => null,
        };
    }
}

Stripe-specific quirks

Two transaction identifiers

Stripe uses two different identifiers across the payment lifecycle:

  • Session ID — created by POST /v1/checkout/sessions and returned by initiate() as InitiateResult::$transactionId. Stripe appends it to your return_url as ?session_id={cs_...} so the return handler can retrieve the session without server-side storage.
  • paymentReference — available in PaymentState::$metadata['paymentReference'] when a PaymentStatus::Paid event fires. Persist this value — it is required as RefundRequest::$paymentReference for refunds and getRefunds().

Webhooks vs. return URL

Stripe notifies your application of payment state changes in two independent ways:

  • Webhooks — a server-to-server POST from Stripe to webhook_url, verified by HMAC-SHA256 signature locally (no outbound verification call required). This is the authoritative source of truth and may arrive before or after the buyer returns to your site. Only payment_intent.* events trigger a signal; all other event types are acknowledged and ignored.
  • Return URL — a browser redirect after the buyer completes or cancels at Stripe.

Both routes call exchange() and emit the payment_exchange signal. Your application should be idempotent when handling this signal, as it may fire twice for the same transaction.

Webhook setup

Register your webhook_url in the Stripe Dashboard under Developers → Webhooks → Add endpoint. Subscribe at minimum to these event types:

  • payment_intent.succeeded
  • payment_intent.payment_failed
  • payment_intent.canceled
  • payment_intent.requires_action

After creating the endpoint, reveal the signing secret (whsec_*) and copy it into your config/stripe.php as webhook_secret. Without it, all webhook notifications will be rejected.

For local development, use the Stripe CLI to forward events to your local server:

stripe listen --forward-to localhost:8000/webhooks/stripe

The CLI prints a temporary signing secret — use it as webhook_secret during development.

Refund reason mapping

Stripe accepts only three refund reason values: duplicate, fraudulent, and requested_by_customer. The driver maps the description field of RefundRequest automatically — descriptions containing the word "duplicate" or "dubbel" map to duplicate, descriptions containing "fraud" or "fraude" map to fraudulent, and everything else maps to requested_by_customer. Pass amount: null for a full refund; the driver omits the amount field, which causes Stripe to refund the full captured amount internally.

3DS and additional authentication

When a payment requires Strong Customer Authentication (SCA), exchange() returns a PaymentStatus::Redirect state with the next-action URL in $state->metadata['redirectUrl']. The controller handles this automatically by redirecting the buyer back to Stripe's authentication page. After the buyer completes authentication, Stripe redirects them back to your return_url and also sends a payment_intent.succeeded webhook.

License

MIT

quellabs/canvas-payments-stripe 适用场景与选型建议

quellabs/canvas-payments-stripe 是一款 基于 PHP 开发的 Composer 扩展包,目前已累计 0 次下载、GitHub Stars 达 0, 最近一次更新时间为 2026 年 03 月 19 日, 在 PHP 生态内属于活跃度较高的组件。

它主要适用于以下技术方向: 「payments」 「stripe」 「payment gateway」 「canvas」 「stripe-checkout」 「canvas-payments」 等业务场景。在实际项目中,围绕这些方向常见需要落地的问题包括:接口对接、性能调优、并发安全、与既有框架(Laravel / ThinkPHP / Yii / Webman 等)的兼容适配,以及生产环境的日志埋点与稳定性保障。

我们在过去多个企业项目中使用过 quellabs/canvas-payments-stripe 或与其功能相近的方案,如果你在选型或落地过程中遇到问题,例如 版本兼容、二次改造、私有化封装、与内部系统对接、生产 BUG 排查,欢迎联系我们协助评估。

围绕 quellabs/canvas-payments-stripe 我们能提供哪些服务?
定制开发 / 二次开发

基于 quellabs/canvas-payments-stripe 在你已有业务上做功能扩展、字段裁剪、UI 适配、与内部账号 / 权限 / 日志系统的深度对接。

BUG 修复 & 性能优化

线上偶发问题、内存泄漏、慢查询、并发异常等排查修复;针对高流量场景做缓存、队列、索引层面的调优。

项目外包 & 长期维护

承接完整的项目从需求 → 设计 → 开发 → 上线 → 长期运维;也可按月提供技术保姆服务。

yvsm@zunyunkeji.com QQ:316430983 微信:yvsm316 西安尊云信息科技 · 专注 PHP / Go / 分布式系统研发

统计信息

  • 总下载量: 0
  • 月度下载量: 0
  • 日度下载量: 0
  • 收藏数: 0
  • 点击次数: 21
  • 依赖项目数: 0
  • 推荐数: 0

GitHub 信息

  • Stars: 0
  • Watchers: 0
  • Forks: 0
  • 开发语言: PHP

其他信息

  • 授权协议: MIT
  • 更新时间: 2026-03-19