quellabs/canvas-payments-stripe
Composer 安装命令:
composer require quellabs/canvas-payments-stripe
包简介
Stripe Checkout Sessions and Payment Intents REST API payment gateway integration for the Canvas PHP framework
关键字:
README 文档
README
A Stripe payment provider for the Canvas framework. Part of the Canvas payments ecosystem. Implements the Stripe Checkout Sessions and Payment Intents APIs with webhook-based payment notifications.
Installation
composer require quellabs/canvas-payments-stripe
Architecture
This package sits between the Stripe REST API and your application. Your application only ever touches the contracts
layer — it never depends on this package directly. PaymentRouter (from quellabs/canvas-payments) discovers this
package automatically via composer metadata and routes payment calls to it.
Your Application
│
▼
PaymentRouter (quellabs/canvas-payments — discovery + routing)
│
▼
PaymentInterface (quellabs/canvas-payments-contracts)
│
▼
Stripe (this package — implements the interface)
│
▼
StripeGateway (raw Stripe Checkout Sessions / Payment Intents REST API calls)
Webhook processing is decoupled from your application via signals. When Stripe sends a webhook notification, the
package emits a payment_exchange signal carrying a PaymentState. Your application listens for that signal and
handles it. The buyer return URL works the same way — both the return and cancel cases are handled by the same route
and emit the same signal, so your application does not need to distinguish between them at the routing level.
Configuration
Create config/stripe.php in your Canvas application:
return [ 'test_mode' => true, 'secret_key' => '', 'publishable_key' => '', 'webhook_secret' => '', 'verify_ssl' => true, 'brand_name' => '', 'return_url' => 'https://example.com/order/thankyou', 'cancel_return_url' => 'https://example.com/order/cancelled', 'webhook_url' => 'https://example.com/webhooks/stripe', ];
| Key | Required | Description |
|---|---|---|
test_mode |
Yes | Set to true for test mode, false for production |
secret_key |
Yes | Secret API key from the Stripe Dashboard — sk_test_* for test, sk_live_* for production |
publishable_key |
No | Publishable API key — only needed if your frontend interacts with Stripe.js directly |
webhook_secret |
Yes | Webhook signing secret (whsec_*) from your Stripe webhook endpoint — required for signature verification |
verify_ssl |
No | Whether to verify Stripe's SSL certificate. Always true in production. Defaults to true |
brand_name |
No | Used as the payment statement descriptor (max 22 characters). Full branding is set in the Stripe Dashboard |
return_url |
Yes | URL the customer is redirected to after a completed payment |
cancel_return_url |
Yes | URL the customer is redirected to after cancelling at Stripe |
webhook_url |
Yes | Full URL Stripe POSTs webhook events to — must match the URL registered in your Stripe webhook settings |
Usage
Initiating a payment
Inject PaymentInterface via Canvas DI and call initiate():
use Quellabs\Payments\Contracts\PaymentInterface; use Quellabs\Canvas\Controllers\BaseController; use Quellabs\Payments\Contracts\PaymentRequest; use Quellabs\Payments\Contracts\PaymentInitiationException; class CheckoutController extends BaseController { public function __construct(private PaymentInterface $router) {} /** * @Route("...") */ public function checkout(): void { $request = new PaymentRequest( paymentModule: 'stripe', amount: 999, // in minor units — €9.99 currency: 'EUR', description: 'Order #12345', ); try { $result = $this->router->initiate($request); return $this->redirect($result->redirectUrl); } catch (PaymentInitiationException $e) { // handle error } } }
Handling refunds
Pass amount: null for a full refund, or a minor-unit integer for a partial refund.
When your payment_exchange listener receives a PaymentStatus::Paid state, store
$state->metadata['paymentReference'] — you'll need it as RefundRequest::$paymentReference.
// In your payment_exchange listener — store the PaymentIntent ID when the payment succeeds public function onPaymentExchange(PaymentState $state): void { if ($state->state === PaymentStatus::Paid) { $this->orderRepository->updateCaptureId( $state->transactionId, $state->metadata['paymentReference'] ); } } // Full refund $request = new RefundRequest( paymentReference: $order->paymentReference, // retrieved from your orders table paymentModule: 'stripe', amount: null, // null = full refund currency: 'EUR', description: 'Full refund for order #12345', ); // Partial refund $request = new RefundRequest( paymentReference: $order->paymentReference, // retrieved from your orders table paymentModule: 'stripe', amount: 500, // in minor units — €5.00 currency: 'EUR', description: 'Partial refund for order #12345', ); try { $result = $this->router->refund($request); echo $result->refundId; } catch (PaymentRefundException $e) { // handle error }
Listening for payment state changes
use Quellabs\Canvas\Annotations\ListenTo; use Quellabs\Payments\Contracts\PaymentState; use Quellabs\Payments\Contracts\PaymentStatus; class OrderService { /** * @ListenTo("payment_exchange") */ public function onPaymentExchange(PaymentState $state): void { match ($state->state) { PaymentStatus::Paid => $this->markPaid($state->transactionId), PaymentStatus::Canceled => $this->markCanceled($state->transactionId), PaymentStatus::Failed => $this->markFailed($state->transactionId), default => null, }; } }
Stripe-specific quirks
Two transaction identifiers
Stripe uses two different identifiers across the payment lifecycle:
- Session ID — created by
POST /v1/checkout/sessionsand returned byinitiate()asInitiateResult::$transactionId. Stripe appends it to yourreturn_urlas?session_id={cs_...}so the return handler can retrieve the session without server-side storage. - paymentReference — available in
PaymentState::$metadata['paymentReference']when aPaymentStatus::Paidevent fires. Persist this value — it is required asRefundRequest::$paymentReferencefor refunds andgetRefunds().
Webhooks vs. return URL
Stripe notifies your application of payment state changes in two independent ways:
- Webhooks — a server-to-server POST from Stripe to
webhook_url, verified by HMAC-SHA256 signature locally (no outbound verification call required). This is the authoritative source of truth and may arrive before or after the buyer returns to your site. Onlypayment_intent.*events trigger a signal; all other event types are acknowledged and ignored. - Return URL — a browser redirect after the buyer completes or cancels at Stripe.
Both routes call exchange() and emit the payment_exchange signal. Your application should be idempotent when
handling this signal, as it may fire twice for the same transaction.
Webhook setup
Register your webhook_url in the Stripe Dashboard under
Developers → Webhooks → Add endpoint. Subscribe at minimum to these event types:
payment_intent.succeededpayment_intent.payment_failedpayment_intent.canceledpayment_intent.requires_action
After creating the endpoint, reveal the signing secret (whsec_*) and copy it into your config/stripe.php
as webhook_secret. Without it, all webhook notifications will be rejected.
For local development, use the Stripe CLI to forward events to your local server:
stripe listen --forward-to localhost:8000/webhooks/stripe
The CLI prints a temporary signing secret — use it as webhook_secret during development.
Refund reason mapping
Stripe accepts only three refund reason values: duplicate, fraudulent, and requested_by_customer.
The driver maps the description field of RefundRequest automatically — descriptions containing the word
"duplicate" or "dubbel" map to duplicate, descriptions containing "fraud" or "fraude" map to fraudulent,
and everything else maps to requested_by_customer. Pass amount: null for a full refund; the driver omits
the amount field, which causes Stripe to refund the full captured amount internally.
3DS and additional authentication
When a payment requires Strong Customer Authentication (SCA), exchange() returns a PaymentStatus::Redirect
state with the next-action URL in $state->metadata['redirectUrl']. The controller handles this automatically
by redirecting the buyer back to Stripe's authentication page. After the buyer completes authentication, Stripe
redirects them back to your return_url and also sends a payment_intent.succeeded webhook.
License
MIT
quellabs/canvas-payments-stripe 适用场景与选型建议
quellabs/canvas-payments-stripe 是一款 基于 PHP 开发的 Composer 扩展包,目前已累计 0 次下载、GitHub Stars 达 0, 最近一次更新时间为 2026 年 03 月 19 日, 在 PHP 生态内属于活跃度较高的组件。
它主要适用于以下技术方向: 「payments」 「stripe」 「payment gateway」 「canvas」 「stripe-checkout」 「canvas-payments」 等业务场景。在实际项目中,围绕这些方向常见需要落地的问题包括:接口对接、性能调优、并发安全、与既有框架(Laravel / ThinkPHP / Yii / Webman 等)的兼容适配,以及生产环境的日志埋点与稳定性保障。
我们在过去多个企业项目中使用过 quellabs/canvas-payments-stripe 或与其功能相近的方案,如果你在选型或落地过程中遇到问题,例如 版本兼容、二次改造、私有化封装、与内部系统对接、生产 BUG 排查,欢迎联系我们协助评估。
基于 quellabs/canvas-payments-stripe 在你已有业务上做功能扩展、字段裁剪、UI 适配、与内部账号 / 权限 / 日志系统的深度对接。
线上偶发问题、内存泄漏、慢查询、并发异常等排查修复;针对高流量场景做缓存、队列、索引层面的调优。
承接完整的项目从需求 → 设计 → 开发 → 上线 → 长期运维;也可按月提供技术保姆服务。
与 quellabs/canvas-payments-stripe 相关的其它包
同方向 / 同关键字的高下载量 PHP Composer 包推荐,方便对比选型:
Flexible payment integration for Laravel, lunarphp, supporting multiple payment providers.
Dealing with payments through the Egyptian payment gateway PayMob
Librería para la gestión sencilla de pagos mediante TPV Redsys y Paypal
Rich payment solutions for Laravel framework. Paypal, payex, authorize.net, be2bill, omnipay, recurring paymens, instant notifications and many more
A simple Symfony bundle for Stripe API.
统计信息
- 总下载量: 0
- 月度下载量: 0
- 日度下载量: 0
- 收藏数: 0
- 点击次数: 21
- 依赖项目数: 0
- 推荐数: 0
其他信息
- 授权协议: MIT
- 更新时间: 2026-03-19