Download the PHP package spatie/laravel-webhook-server without Composer

On this page you can find all versions of the php package spatie/laravel-webhook-server. It is possible to download/install these versions without Composer. Possible dependencies are resolved automatically.

FAQ

After the download, you have to make one include require_once('vendor/autoload.php');. After that you have to import the classes with use statements.

Example:
If you use only one package a project is not needed. But if you use more then one package, without a project it is not possible to import the classes with use statements.

In general, it is recommended to use always a project to download your libraries. In an application normally there is more than one library needed.
Some PHP packages are not free to download and because of that hosted in private repositories. In this case some credentials are needed to access such packages. Please use the auth.json textarea to insert credentials, if a package is coming from a private repository. You can look here for more information.

  • Some hosting areas are not accessible by a terminal or SSH. Then it is not possible to use Composer.
  • To use Composer is sometimes complicated. Especially for beginners.
  • Composer needs much resources. Sometimes they are not available on a simple webspace.
  • If you are using private repositories you don't need to share your credentials. You can set up everything on our site and then you provide a simple download link to your team member.
  • Simplify your Composer build process. Use our own command line tool to download the vendor folder as binary. This makes your build process faster and you don't need to expose your credentials for private repositories.
Please rate this library. Is it a good library?

Informations about the package laravel-webhook-server

Send webhooks from Laravel apps

Latest Version on Packagist run-testsTotal Downloads

A webhook is a way for an app to provide information to another app about a particular event. The way the two apps communicate is with a simple HTTP request.

This package allows you to configure and send webhooks in a Laravel app easily. It has support for signing calls, retrying calls and backoff strategies.

If you need to receive and process webhooks take a look at our laravel-webhook-client package.

Support us

We invest a lot of resources into creating best in class open source packages. You can support us by buying one of our paid products.

We highly appreciate you sending us a postcard from your hometown, mentioning which of our package(s) you are using. You'll find our address on our contact page. We publish all received postcards on our virtual postcard wall.

Installation

You can install the package via composer:

You can publish the config file with:

This is the contents of the file that will be published at config/webhook-server.php:

By default, the package uses queues to retry failed webhook requests. Be sure to set up a real queue other than sync in non-local environments.

Usage

This is the simplest way to call a webhook:

This will send a post request to https://other-app.com/webhooks. The body of the request will be JSON encoded version of the array passed to payload. The request will have a header called Signature that will contain a signature the receiving app can use to verify the payload hasn't been tampered with. Dispatching a webhook call will also fire a DispatchingWebhookCallEvent.

If the receiving app doesn't respond with a response code starting with 2, the package will retry calling the webhook after 10 seconds. If that second attempt fails, the package will attempt to call the webhook a final time after 100 seconds. Should that attempt fail, the FinalWebhookCallFailedEvent will be raised.

Send webhook synchronously

If you would like to call the webhook immediately (synchronously), you may use the dispatchSync method. When using this method, the webhook will not be queued and will be run immediately. This can be helpful in situations where sending the webhook is part of a bigger job that already has been queued.

Conditionally sending webhooks

If you would like to conditionally dispatch a webhook, you may use the dispatchIf, dispatchUnless, dispatchSyncIf, and dispatchSyncUnless methods:

How signing requests work

When setting up, it's common to generate, store, and share a secret between your app and the app that wants to receive webhooks. Generating the secret could be done with Illuminate\Support\Str::random(), but it's entirely up to you. The package will use the secret to sign a webhook call.

By default, the package will add a header called Signature that will contain a signature the receiving app can use if the payload hasn't been tampered with. This is how that signature is calculated:

Skip signing request

We don't recommend this, but if you don't want the webhook request to be signed call the doNotSign method.

By calling this method, the Signature header will not be set.

Customizing signing requests

If you want to customize the signing process, you can create your own custom signer. A signer is any class that implements Spatie\WebhookServer\Signer.

This is what that interface looks like.

After creating your signer, you can specify its class name in the signer key of the webhook-server config file. Your signer will then be used by default in all webhook calls.

You can also specify a signer for a specific webhook call:

If you want to customize the name of the header, you don't need to use a custom signer, but you can change the value in the signature_header_name in the webhook-server config file.

Retrying failed webhooks

When the app to which we're sending the webhook fails to send a response with a 2xx status code the package will consider the call as failed. The call will also be considered failed if the remote app doesn't respond within 3 seconds.

You can configure that default timeout in the timeout_in_seconds key of the webhook-server config file. Alternatively, you can override the timeout for a specific webhook like this:

When a webhook call fails, we'll retry the call two more times. You can set the default amount of times we retry the webhook call in the tries key of the config file. Alternatively, you can specify the number of tries for a specific webhook like this:

To not hammer the remote app we'll wait some time between each attempt. By default, we wait 10 seconds between the first and second attempts, 100 seconds between the third and the fourth, 1000 between the fourth and the fifth, and so on. The maximum amount of seconds that we'll wait is 100 000, which is about 27 hours. This behavior is implemented in the default ExponentialBackoffStrategy.

You can define your own backoff strategy by creating a class that implements Spatie\WebhookServer\BackoffStrategy\BackoffStrategy. This is what that interface looks like:

You can make your custom strategy the default strategy by specifying its fully qualified class name in the backoff_strategy of the webhook-server config file. Alternatively, you can specify a strategy for a specific webhook like this.

Under the hood, the retrying of the webhook calls is implemented using delayed dispatching. Amazon SQS only has support for a small maximum delay. If you're using Amazon SQS for your queues, make sure you do not configure the package in a way so there are more than 15 minutes between each attempt.

Customizing the HTTP verb

By default, all webhooks will use the post method. You can customize that by specifying the HTTP verb you want in the http_verb key of the webhook-server config file.

You can also override the default for a specific call by using the useHttpVerb method.

Adding extra headers

You can use extra headers by adding them to the headers key in the webhook-server config file. If you want to add additional headers for a specific webhook, you can use the withHeaders call.

Using a proxy

You can direct webhooks through a proxy by specifying the proxy key in the webhook-server config file. To set a proxy for a specific request, you can use the useProxy call.

Using mutual TLS authentication

To safeguard the integrity of webhook data transmission, it's critical to authenticate the intended recipient of your webhook payload. Mutual TLS authentication serves as a robust method for this purpose. Contrary to standard TLS, where only the client verifies the server, mutual TLS requires both the webhook endpoint (acting as the client) and the webhook provider (acting as the server) to authenticate each other. This is achieved through an exchange of certificates during the TLS handshake, ensuring that both parties confirm each other's identity.

Note: If you need to include your own certificate authority, pass the certificate path to the verifySsl() method.

The proxy specification follows the guzzlehttp proxy format

Verifying the SSL certificate of the receiving app

When using a URL that starts with https:// the package will verify if the SSL certificate of the receiving party is valid. If it is not, we will consider the webhook call failed. We don't recommend this, but you can turn off this verification by setting the verify_ssl key in the webhook-server config file to false.

You can also disable the verification per webhook call with the doNotVerifySsl method.

Adding meta information

You can add extra meta information to the webhook. This meta information will not be transmitted, and it will only be used to pass to the events this package fires.

This is how you can add meta information:

Adding tags

If you're using Laravel Horizon for your queues, you'll be happy to know that we support tags.

To add tags to the underlying job that'll perform the webhook call, simply specify them in the tags key of the webhook-server config file or use the withTags method:

Exception handling

By default, the package will not log any exceptions that are thrown when sending a webhook.

To handle exceptions you need to create listeners for the Spatie\WebhookServer\Events\WebhookCallFailedEvent and/or Spatie\WebhookServer\Events\FinalWebhookCallFailedEvent events.

Retry failed execution

By default, failing jobs will be ignored. To throw an exception when the last attempt of a job fails, you can call throwExceptionOnFailure :

or activate the throw_exception_on_failure global option of the webhook-server config file.

Sending raw string body instead of JSON

By default, all webhooks will transform the payload into JSON. Instead of sending JSON, you can send any string by using the sendRawBody(string $body) option instead.

Due to a type mismatch in the Signer API, it is currently not supported to sign raw data requests. When using the sendRawBody option, you will receive a string payload in the WebhookEvents.

Events

The package fires these events:

All these events have these properties:

Except for the DispatchingWebhookCallEvent, all events have these additional properties:

Testing

Testing Webhooks

When using the package in automated tests, you'll want to perform one of the following to ensure that no webhooks are sent out to genuine websites

Bus

Queue

Changelog

Please see CHANGELOG for more information on what has changed recently.

Contributing

Please see CONTRIBUTING for details.

Security

If you discover any security-related issues, please email [email protected] instead of using the issue tracker.

Postcardware

You're free to use this package, but if it makes it to your production environment, we highly appreciate you sending us a postcard from your hometown, mentioning which of our package(s) you are using.

Our address is: Spatie, Kruikstraat 22, 2018 Antwerp, Belgium.

We publish all received postcards on our company website.

Credits

License

The MIT License (MIT). Please see License File for more information.


All versions of laravel-webhook-server with dependencies

PHP Build Version
Package Version
Requires php Version ^8.0
ext-json Version *
guzzlehttp/guzzle Version ^6.3|^7.3
illuminate/bus Version ^8.50|^9.0|^10.0|^11.0
illuminate/queue Version ^8.50|^9.0|^10.0|^11.0
illuminate/support Version ^8.50|^9.0|^10.0|^11.0
spatie/laravel-package-tools Version ^1.11
Composer command for our command line client (download client) This client runs in each environment. You don't need a specific PHP version etc. The first 20 API calls are free. Standard composer command

The package spatie/laravel-webhook-server contains the following files

Loading the files please wait ....