hanley-webhooksignature-python | Stripe Developers | Page 1

quartz skyBOT Feb 6, 2023, 6:32 PM

#

random lily Feb 6, 2023, 6:33 PM

#

hanley-dashboard-testmode

#

Hey @potent roost the Live/Test toggle in the Dashboard is just a UI switch, nothing else. We default to Live mode usually. Whether to use Live or Test mode in your code/integration is based on which API key(s) your code is using

potent roost Feb 6, 2023, 6:37 PM

#

ok, who do I talk to about a problem with my signing key?

#

no matter what I do, I get this error

raise error.SignatureVerificationError(
stripe.error.SignatureVerificationError: No signatures found matching the expected signature for payload"

#

I thought it might have to do with the toggle switch

random lily Feb 6, 2023, 6:38 PM

#

Yeah that has nothing to do with the toggle, you can be sure of this. Can you provide more details about what you are trying to do? Which programming language are you using? Are you using the CLI?

potent roost Feb 6, 2023, 6:39 PM

#

I am using python

#

I have made a webhook

#

this is an error that is produced in my log for the webhook that I have deployed via flask to a microservice

#

I was able to use the cli test with the cli test key

#

but when I use the key from the webhook dashboard, it gives the above error

random lily Feb 6, 2023, 6:41 PM

#

But are you using the CLI to send the Event to your local code? Are you in Test mode? Sorry you don't give me much to understand the problem, how it differs from your test with the CLI, etc.

potent roost Feb 6, 2023, 6:42 PM

#

no problem

#

if I use the cli to send the event, and use the key that I get from my terminal when using the cli, everything works as expected

#

when I use the key provided in the webhook console, and test from my app using the fake credit card, I get the above error

random lily Feb 6, 2023, 6:47 PM

#

What does that mean "test from my app". Where is the webhook handler hosted? How are you getting the Event to it?

potent roost Feb 6, 2023, 6:51 PM

#

the app has a credit card entry form. I enter in the test number 424242...... and hit send

#

I have an api that hosts the server that receives the webhook

#

the server is receiving the webhook, but it is having the signing error that I put above

#

I am using cloud run microservices via gcp

random lily Feb 6, 2023, 6:59 PM

#

okay I have no idea what "cloud run microservices via gcp" entails. But to take a step back, webhook signature verification are usually failing because of 2 things:

90% of the time, you're using the wrong secret. So triple-check it and make sure your code prints it in the logs and confirm it's the one from the Dashboard.
10% of the time it's because your code/framework/setup is incorrectly "tampering" with the raw data/payload we gave you. When we sign the data we look at the exact payload we send you. If your code/setup/framework changes the data, the signature won't match. Often it's because something in your stack is trying to be helpful and parse the information as JSON for you and so that messes with the content. What you can do is print the content of the raw body and compare it to what you get locally where it works fine and see if they are different in any way

potent roost Feb 6, 2023, 7:04 PM

#

ok, thanks, will try these things

random lily Feb 6, 2023, 7:15 PM

#

hanley-webhooksignature-python

potent roost Feb 6, 2023, 7:36 PM

#

got it working, thanks for your help

random lily Feb 6, 2023, 7:37 PM

#

what did you find out of curiosity?

#

We see a lot of those reports and they are quite tough to debug so I'd love to know what you figured out

potent roost Feb 6, 2023, 7:48 PM

#

I deleted the entire code and started back from scratch using the webhook code provided by stripe

#

now I am adding my custom logic back in piece by piece

#

It is kind of a mystery, but this seemed to work faster than figuring out what was wrong

#hanley-webhooksignature-python