2

I'm using GoCardless (sandbox account) webhook for a billing project. I want to recover the clients who choose to pay with GoCardless. The problem is that in the JSON that I get from GoCardless there is no such information.

I need the company name to put the mandate number into a sql database where all my clients are.

Is there a way to get the company name when a mandate is created ? Or to connect the mandate number to the company name ?

Here is my code : 

<?php
putenv('GC_WEBHOOK_SECRET=my_secret...');
$token = getenv("GC_WEBHOOK_SECRET");
$raw_payload = file_get_contents('php://input');
$headers = getallheaders();
$provided_signature = $headers["Webhook-Signature"];
$calculated_signature = hash_hmac("sha256", $raw_payload, $token);
if ($provided_signature == $calculated_signature) {
  $payload = json_decode($raw_payload, true);
    foreach ($payload["events"] as $event) {
      if ($event["resource_type"]=="mandates" && $event["action"]=="created"){
                $mandates=$event["links"];
                $mandate=$mandates["mandate"];
                try
                {
                    $pdo_options[PDO::ATTR_ERRMODE] = PDO::ERRMODE_EXCEPTION;
                    $bdd = new PDO('sqlsrv...', $pdo_options);
                    $reqi="INSERT INTO goCardLess (client) VALUES ('".$mandate."')";
                    $req = $bdd->query($reqi);
                    $req->closeCursor();
                }
                catch (Exception $e)
                {
                    die('Erreur : ' . $e->getMessage());
                }
                header("HTTP/1.1 200 OK");
                }
              }
            }
 else {
    header("HTTP/1.1 498 Invalid Token test");
  }
?>
Adrien M.
  • 33
  • 5

1 Answers1

3

GoCardless webhook events don't contain any sensitive data - they provide resource IDs so you can retrieve them from the API if needed.

The "mandate created" event contains the mandate ID, and the API reference for mandates shows that mandate responses contain a customer ID (the customer resource is where you'll find their company name.)

This means you need to retrieve the mandate through the API, then retrieve the customer:

if ($event["resource_type"]=="mandates" && $event["action"]=="created") {
    $mandate_id = $event["links"]["mandate"];
    $mandate = $client->mandates()->get($mandate_id);

    $customer_id = $mandate->links->customer;
    $customer = $client->customers()->get($customer_id);

    $company_name = $customer->company_name;
}

This assumes that you've already installed and initialised the client library as $client.

jpn
  • 786
  • 6
  • 20