Loving it! I was just going through our webhook-initiated payment resque job last night to rewrite some of the legacy webhook stuff we had in place (and handle failed charges, which we never did until I recently filtered orders by status and saw a handful)
This does look awesome. However, the article states that to verify authenticity, you can request the event from the API. This seems awfully inefficient.
A better solution would be to supply everyone with a set of keys and you sign each object using the private key which can be verified by the public key. No network ops - whoop!
Stripe is intimidatingly good. A test mode that you don't need to sign up to play with. Excellent sinatra sample code for webhooks.
Then, I read their background, which is also intimidatingly good: funded by PayPal founders; one co-founder was a YCer with a $5 million exit at 19yo. (http://news.ycombinator.com/item?id=3539414)
I have one suggestion: for the browser test mode, allow invalid CC numbers (or, provide a test CC number), so one doesn't have to go and find and type in a real-life credit card, to try it out.
I have one suggestion: for the browser test mode, allow invalid CC numbers (or, provide a test CC number), so one doesn't have to go and find and type in a real-life credit card, to try it out
4242424242424242 with any three digit number for the CVC
As a current Stripe customer we built our whole subscription billing system on their clever invoice_ready webhook, but this new way looks a lot more robust. Win!
One tiny nitpick is that this field is too small IMO: http://dl.dropbox.com/u/186198/Screenshots/p5uf.png
Also nitpicky, I would like to have the test charge.failed webhook include a fake description param.