#Vanity - webhook

What seems to be the issue?

so

basically i setup everything

(local)

cli

login

webhook endpoint (with signature checking)

and when i fire the event with stripe cli

i get a 400

as response

i'll send you some screenshots

Please don't

Screenshots are not useful

oh ok

What document are you following to configure your webhook listener function?

https://dashboard.stripe.com/test/webhooks/create?endpoint_location=local

basically the one on the dashbord where you can create endpoints and local endpoints for testing

should i look to different documentations?

Hmmm I'm not as familiar with that one. I would recommend starting here:
https://stripe.com/docs/webhooks/quickstart

And be sure to review all the other related pages (you can see them in the left side navigation menu).

ok i'll try

ty

Happy to help. There's lots of good stuff in those docs but it can take some digging

was unable to find a solution

keeps saying that it gives me error because (maybe i'm not parsing request.body)

even tho i'm passing raw request.body

👋 stepping in as Snufkin needs to step away

it's ok

Ah hello again. We were chatting yesterday about this

yeh

so requests works fine now

we have another problem ahah

when i fire the event with stripe cli

it gives me 400 saying that was unable to verify the request

even tho the endpointSecret is the correct one

and i'm passing raw body to the function

Are you using Express?

yes

Gotcha, so Express oftentimes messes with the raw Body

want a screenshot of what function looks like?

Are you using express.json()

?

i've this on the top

app.use(bodyParser.json());

Ah yeah that is the issue

Try this: app.use((req, res, next) => { if (req.originalUrl === '/webhook') { next(); // Do nothing with the body because I need it in a raw state. } else { bodyParser.json()(req, res, next); // ONLY do bodyParser.json() if the received request is NOT a WebHook from Stripe. } });

ok i'll try

i've also this

app.use(bodyParser.urlencoded({
extended: true
}));

can it be a problem?

Potentially, yes.

Anything that would mess with the raw body before the signature verification will make veification fail

i'll put it in the same way i did with the other one

👍

Let me know

so

the problem is in this 2 functions

because i commented them

and everything works fine

app.use((req, res, next) => {
  if (req.originalUrl === '/webhook') {
    next(); 
  } else {
    bodyParser.json()(req, res, next);  
  }
});

app.use((req, res, next) => {
  if (req.originalUrl === '/webhook') {
    next(); 
  } else {
    bodyParser.urlencoded({
      extended: true
    })(req, res, next);  
  }
});```

Oh wait

You have bodyParser in your endpoint

Change that to express.raw

nono

i changed it

app.post('/webhook', express.raw({type: 'application/json'}), (request, response) => {
  let event = request.body;
  // Only verify the event if you have an endpoint secret defined.
  // Otherwise use the basic event deserialized with JSON.parse
  if (endpointSecret) {
    // Get the signature sent by Stripe
    const signature = request.headers['stripe-signature'];
    try {
      event = stripe.webhooks.constructEvent(
        request.body,
        signature,
        endpointSecret
      );
    } catch (err) {
      console.log(`⚠️  Webhook signature verification failed.`, err.message);
      return response.sendStatus(400);
    }
  }

  // Handle the event
  switch (event.type) {
    case 'payment_intent.succeeded':
      const paymentIntent = event.data.object;
      console.log(`PaymentIntent for ${paymentIntent.amount} was successful!`);
      // Then define and call a method to handle the successful payment intent.
      // handlePaymentIntentSucceeded(paymentIntent);
      break;
    case 'payment_method.attached':
      const paymentMethod = event.data.object;
      // Then define and call a method to handle the successful attachment of a PaymentMethod.
      // handlePaymentMethodAttached(paymentMethod);
      break;
    default:
      // Unexpected event type
      console.log(`Unhandled event type ${event.type}.`);
  }

  // Return a 200 response to acknowledge receipt of the event
  response.send();
});

that's it now

the problem still in these two calls to express on the top of my server.js

Ah okay

Well bodyParser should be ignored then if you are doing app.use((req, res, next) => { if (req.originalUrl === '/webhook') { next(); } else { bodyParser.json()(req, res, next); } });

So that is odd

Yup

I could add everytime bodyparser manually to every endpoint except the correct one

But i've lot's of endpoints

Why do you need bodyParser here?

Oh

This is alongside your other endpoints

This isn't just your webhook code

Yep

I don't really know why it doesnt just ignore bodyParser though for your /webhook endpoint....

I know this has come up for a ton of people before though

You can look at: https://github.com/stripe/stripe-node/issues/341

Ok ty

There are a lot of potential solutions in there that you could try

I'll find out by myself but ty for the help

🙂

👍

it works

finally

tysm

wanna ask one last question

how can i verify if the payment was a test payment with a test payment card and if not

What did you do to fix it?

Well mostly you should just know based on your keys you are using. But, you can examine the livemode attribute on the event as well (https://stripe.com/docs/api/events/object#event_object-livemode)

as simple as passing this paramater

express.raw({type: 'application/json'})

app.post('/webhook', express.raw({type: 'application/json'}), (request, response) => {
  let event = request.body;
  // Only verify the event if you have an endpoint secret defined.
  // Otherwise use the basic event deserialized with JSON.parse
  if (endpointSecret) {
    // Get the signature sent by Stripe
    const signature = request.headers['stripe-signature'];
    try {
      event = stripe.webhooks.constructEvent(
        request.body,
        signature,
        endpointSecret
      );
    } catch (err) {
      console.log(`⚠️  Webhook signature verification failed.`, err.message);
      return response.sendStatus(400);
    }
  }

  // Handle the event
  switch (event.type) {
    case 'payment_intent.succeeded':
      const paymentIntent = event.data.object;
      console.log(`PaymentIntent for ${paymentIntent.amount} was successful!`);
      // Then define and call a method to handle the successful payment intent.
      // handlePaymentIntentSucceeded(paymentIntent);
      break;
    case 'payment_method.attached':
      const paymentMethod = event.data.object;
      // Then define and call a method to handle the successful attachment of a PaymentMethod.
      // handlePaymentMethodAttached(paymentMethod);
      break;
    default:
      // Unexpected event type
      console.log(`Unhandled event type ${event.type}.`);
  }

  // Return a 200 response to acknowledge receipt of the event
  response.send();
});

for better understanding

tysm, love stripe support ❤️