#Frosun-firebase

👋 happy to help

unfortunately I'm not really familiar with firebase so I wouldn't be much of help here

but let's try nonetheless

Sure! I'll take any help 🙂

I'm stuck on this one.

Is there an easy way to see the payload being sent by the webhook in the local env?

could you please share your firebase code that is listening for the webhook events?

Absolutely:

exports.listenForSubStart = functions.https.onCall( {type: "application/json"}, async (request, response) => { //(http://127.0.0.1:5001/inventory-manager-ft/us-central1/listenForSubStart) const endpointSecret = secretStuffHere; let event; console.log(Trigger); console.log(req); try { event = stripe.webhooks.constructEvent( request.rawBody.toString(), request.headers[stripe-signature], endpointSecret ); console.log(event); } catch (err) { console.error("⚠️ Webhook signature verification failed."); return response.sendStatus(403); } // Handle the event console.log(Unhandled event type ${event.type}); return response.sendStatus(200); } );

I'm going to handle the event eventually, I'm just trying to get it to receive the payload and execute anything right now.

Here's the firebase log:

` functions: Beginning execution of "listenForSubStart"

{"severity":"WARNING","message":"Request body has extra fields: id, object, api_version, created, livemode, pending_webhooks, request, type"}
{"severity":"ERROR","message":"Invalid request, unable to process."}
i functions: Finished "listenForSubStart" in ~1s`

And here's a snapshot of the Stripe local webhook test:

2022-07-29 08:24:04 --> customer.subscription.created [evt_1LQv2mKDVmoNRkMOstxMi6wP] 2022-07-29 08:24:04 <-- [400] POST http://localhost:5001/inventory-manager-ft/us-central1/listenForSubStart [evt_1LQv2mKDVmoNRkMOstxMi6wP] 2022-07-29 08:24:04 --> payment_intent.succeeded [evt_3LQv2jKDVmoNRkMO0bmfasFh] 2022-07-29 08:24:05 <-- [400] POST http://localhost:5001/inventory-manager-ft/us-central1/listenForSubStart [evt_3LQv2jKDVmoNRkMO0bmfasFh] 2022-07-29 08:24:05 --> payment_intent.created [evt_3LQv2jKDVmoNRkMO0NjXdTwL]

And just FYI if you are interested, here's the docs for Firebase's httpsCallable

https://firebase.google.com/docs/functions/callable-reference

I'm concerned my issue could be related to this from the Firebase documentation:

"If any other headers are included, the request is rejected, as described in the response documentation below.

Note: In JavaScript clients, these requests trigger a CORS OPTIONS preflight, because:

application/json is not allowed. It must be text/plain or application/x-www-form-urlencoded.
The Authorization header is not a CORS-safelisted request-header.
Other headers are similarly not allowed.
The callable trigger automatically handles these OPTIONS requests."

Though I'm not sure how others got it workin in that case...

sorry let me catch up

All good! Take your time, just wanted to make sure you had all the info I do.

My apologies if I missed something simple!

Hey, checking in here! To summarise, you're looking to deploy a Firebase function to handle Stripe webhook events, right?

Correct! I have everything working through Stripe to manage subscriptions, I just need to alert Firebase to changes in subscription status.

I think onCall might be the wrong handler type. In my experience we use onRequest. See our Firebase extension example: https://github.com/stripe/stripe-firebase-extensions/blob/504145e63fe928123ce7d87f36bf9a6d1de091e4/firestore-stripe-payments/functions/src/index.ts#L653

You're probably right, let me look into that/try that.

You are all insanely helpful. Thank you! I'll ping back if it doesn't work

The difference is onCall expects a specific signature

Hence the error you're seeing. The CORS stuff is likely just a red herring unrelated to the core issue

(unintentional pun)

I'm getting used to those functions, mostly I use functions trigged by firestore changes and avoid http when possible.

Yep, onCall is good for internal Firebase events (i.e. creating a document)

This link is very helpful, thank you. Looking at this code clears up a lot, much of what you're doing here I'm doing in similar ways (you're using onCall to create a Stripe portal session - as am I). But it's clear I need to use onRequest for external requests like handling webhooks.

This GitHub code is going to save me HOURS, thanks again!

np! Will close out the thread, happy coding!