krishnaKanabar - SignatureVerificationException | Stripe Developers | Page 1

solemn prism Aug 4, 2022, 2:20 PM

#

Hello, apologies for the delay in reply. Can you send me your code where you make the call to verify the signature?

lyric sleet Aug 4, 2022, 2:21 PM

#

$webhookSecret = env('STRIPE_WEBHOOK_KEY'); //HARDCODED

    $event = null;
    try {
        $event = \Stripe\Webhook::constructEvent(
            $request->getContent(),
            $request->header('stripe-signature'),
            $webhookSecret
        );
    } catch (\UnexpectedValueException $e) {
        // Invalid payload
        echo '⚠️  Webhook error while parsing basic request.';
        http_response_code(400);
        exit();
    }

#

you there?

solemn prism Aug 4, 2022, 2:28 PM

#

Apologies, was bouncing around other threads and hadn't gotten a chance to look. Is the $request object otherwise populated properly as far as you can see?

lyric sleet Aug 4, 2022, 2:30 PM

#

I am doing request from postman

#

and passing stripe-signature in request headers

#

where do I exactly find stripe-signature???

solemn prism Aug 4, 2022, 2:32 PM

#

Ah so these are your own custom events that you want to test with, not ones from Stripe?

lyric sleet Aug 4, 2022, 2:33 PM

#

I have configured webhook endpoint

#

in stripe

#

and now wants to test that in local enviornment

#

webhook id - we_1LT3s0SJsXH2azWQM8D0MWze

solemn prism Aug 4, 2022, 2:34 PM

#

Our CLI has a pretty easy way to do that with the trigger command https://stripe.com/docs/cli/trigger

Stripe CLI Reference

#

Otherwise, I think populating the proper headers and signature would be pretty complicated in Postman

#

You can try to replicate our signature making but that would probably be more trouble than it is worth in my opinion

lyric sleet Aug 4, 2022, 2:35 PM

#

but I am not able to print anything

#

$webhookSecret = env('STRIPE_WEBHOOK_KEY'); //HARDCODED

    $event = null;
    try {
        $event = \Stripe\Webhook::constructEvent(
            $request->getContent(),
            $request->header('stripe-signature'),
            $webhookSecret
        );
    } catch (\UnexpectedValueException $e) {
        // Invalid payload
        echo '⚠️  Webhook error while parsing basic request.';
        http_response_code(400);
        exit();
    }
    switch ($event->type) {
        case 'invoice.paid':
            dd("hiii");

#

when I trigger invoice.paid I have put dd which prints text in php

#

where do I get that printed

#

actually I wanted to test line by line

#

and wants to print responses

#

is anyone there?

solemn prism Aug 4, 2022, 2:44 PM

#

I am not sure what you mean by that

#

Is your endpoint erroring out before it gets to a print statement or something?

lyric sleet Aug 4, 2022, 2:46 PM

#

try {
$event = \Stripe\Webhook::constructEvent(
$request->getContent(),
$request->header('stripe-signature'),
$webhookSecret
);
} catch (\UnexpectedValueException $e) {
// Invalid payload
echo '⚠️ Webhook error while parsing basic request.';
http_response_code(400);
exit();
}

#

stripe-signature param in header raises this error

solemn prism Aug 4, 2022, 2:48 PM

#

So when you use our CLI's trigger command, your server is erroring out on the line about stripe-signature?

lyric sleet Aug 4, 2022, 2:49 PM

#

no

#

but in that case I am not able to debug line by line

#

dd('hi') should print 'hi' but in CLI where do I debug line by line

solemn prism Aug 4, 2022, 2:55 PM

#

The CLI would send the event, your webhook code would still process the event

#

The CLI isn't what you are debugging, but it can give you an expected payload for your code to process, and you can debug/test through that

lyric sleet Aug 4, 2022, 2:59 PM

#

ok

#

In stripe-CLI also I am getting error

#

"Stripe\Exception\SignatureVerificationException: Unable to extract timestamp and signatures from header "

solemn prism Aug 4, 2022, 3:05 PM

#

Interesting, those fields definitely should be populated. Can you see the payload that your endpoint is receiving? Would you be able to post that payload in this thread?

lyric sleet Aug 4, 2022, 3:10 PM

#

📎 message.txt

#

"Stripe\Exception\SignatureVerificationException: No signatures found matching the expected signature for payload in file /home/admin123/linkjoy/vendor/stripe/stripe-php/lib/Exception/SignatureVerificationException.php on line 28"

solemn prism Aug 4, 2022, 3:15 PM

#

That sounds like progress at least, it sounds like it can read the headers but the calculated signature isn't lining up

#

Have you double checked that your webhook secret is being populated properly? It should have some value like whsec_123....

#

As in, can you try printing it out in your code to make sure it is set as you expected?

#

That error usually either comes from the signature being incorrect or from your payload not being the raw payload

#

I am having trouble finding whether getContent would modify the request body at all, it may be good to at least test using $payload = @file_get_contents('php://input'); as the payload as we do in our docs to see if that works any better.

lyric sleet Aug 4, 2022, 3:25 PM

#

worked

#

whsec_123 ............... key was old

solemn prism Aug 4, 2022, 3:26 PM

#

Great to hear!

#

Sorry that took a bit to suss out. Any further questions at the moment?

lyric sleet Aug 4, 2022, 3:31 PM

#

no

#

thanks

#krishnaKanabar - SignatureVerificationException