Stripe Integration
Stripe is used for processing card payments. The integration handles payment capture, webhook events, and refund processing.
Components
| Component | File | Role |
|---|---|---|
StripeApi | src/CoreBundle/Api/StripeApi.php | Stripe API client |
Configuration
Required parameters in parameters.yml:
stripe:
secret_key: "sk_..."
publishable_key: "pk_..."
webhook_secret: "whsec_..."
Data Flow
Payment Flow
- The customer completes checkout on the Magento front-end
- Magento creates a Stripe PaymentIntent
- Stripe processes the card and confirms the payment
- A webhook notifies Logidav of the successful transaction
StripeApirecords the transaction in the database
Refund Flow
Error Handling
| Scenario | Behavior |
|---|---|
| Card declined | Status recorded; order remains pending |
| Webhook signature invalid | Request rejected; logged as security event |
| Partial refund failure | Alert raised; manual review required |
| API timeout | Retry with exponential backoff |
:::warning Webhook verification
Always verify the webhook signature using the webhook_secret. Unverified webhooks should be rejected to prevent fraudulent transaction confirmations.
:::