#Don Fercho

Hi river, i'm not sure if you're here but im very desperate for a solution, since my application is not registering stripe webhooks. This is very strange.

thanks for replying btw!

Could you share the event type that you expected it to be sent and the object ID that could trigger the event?

Well I was expecting the invoice.payment_succeeded event to be triggered after performing a test transaction but it did not work. Where can I find the object ID?

currently the test webhook is listening for all the events

Could you share the Invoice ID (in_xxx), so that I can check its event history?

"id": "in_1MyRcCKlKqnPmqrpMOUdArt0" I believe its this one

invoice.payment_succeeded event for this invoice was sent, but your Webhook endpoint returned error 500: https://dashboard.stripe.com/test/events/evt_1MyRcFKlKqnPmqrppn6Y9sU2

this is wierd, im using ngrok.exe as a tunnel right now for testing, and I can run the application fine and send messages to it (it's a chatbot)

i'd recommend checking your ngrok settings. The error message from your server returned showed:

<!doctype html>
<html lang=en>
<title>500 Internal Server Error</title>
<h1>Internal Server Error</h1>
<p>The server encountered an internal error and was unable to complete your request. Either the server is overloaded or there is an error in the application.</p>

You may refer to this Dashboard page that Stripe tried to send the events to your Webhook endpoint: https://dashboard.stripe.com/test/webhooks/we_1MyRZmKlKqnPmqrpwWFChm9X

Okay now before you go, I also noticed another strange thing. Here is my stripe_webhook route:

@app.route('/stripe_webhook', methods=['POST'])
def stripe_webhook():
    event = None
    payload = request.data
    sig_header = request.headers['STRIPE_SIGNATURE']
     # Debug print statements
    print(f"Received STRIPE_SIGNATURE header: {sig_header}")
    print(f"Payload: {payload}")
    print(f"Endpoint secret: {endpoint_secret}")

    try:
        event = stripe.Webhook.construct_event(
            payload, sig_header, endpoint_secret
        )
    except ValueError as e:
        # Invalid payload
        raise e
    except stripe.error.SignatureVerificationError as e:
        # Invalid signature
        raise e

    if event['type'] == 'invoice.payment_succeeded':
        handle_successful_payment(event)
    elif event['type'] == 'invoice.payment_failed':
        handle_failed_payment(event)
    else:
      print('Unhandled event type {}'.format(event['type']))

as you can see I print my signature key from stripe, however when I sent any event I get this error:

Endpoint secret: whsec_IvvU34bfcXVEy3gPTMR7GBKrF5AO1yVH
ERROR:app:Exception on /stripe_webhook [POST]

However, that is NOT my endpoint secret key! Why is it not getting the endpoint secret key I set on my global variables? (whsec_TmwzP6NFrglFj245Ybgnea63iA4yXGZJ)

its not sending the correct secret key?

im just not getting it, my app works fine i can send and receive messages from my chatbot, and get 204 responses just fine.

I'm not too sure how you set your webhook secret in global variable since the code above only shows how endpoint_secret is used.

If you hard code the actual value of endpoint_secret in stripe.Webhook.construct_event, does it work?

wait, I restarted my tunnel and now it seems to be working, but let me see if it will work in the deployed application one moment.

Ok im no longer getting the 500 error on my ngrok. Instead it is 200 now. However, in my webhook log, it does not show as succeeded?

Just to give a bit more info, this is a Flask application

Hi @turbid jay I'm taking over

Hi jack, thanks river! have a good one

what time is stripe help available til?

We are on discord Monday to Friday, and we have teams to cover various timezones.

It looks like your problem is resolved?

Hmm not really, my live app on heroku is giving me this error:

WebhookSignature.verify_header(payload, sig_header, secret, tolerance)
2023-04-19T04:04:22.705819+00:00 app[web.2]: File "/app/.heroku/python/lib/python3.11/site-packages/stripe/webhook.py", line 74, in verify_header
2023-04-19T04:04:22.705820+00:00 app[web.2]: raise error.SignatureVerificationError(
2023-04-19T04:04:22.705820+00:00 app[web.2]: stripe.error.SignatureVerificationError: No signatures found matching the expected signature for payload

however I double and triple chekced my live keys in the env variables and they are correct.

I fixed the issue in my local development server by simply restarting ngrok but in heroku is another story.

So im not sure what to do

I restarted the dynos

but still

should I delete the webhook and create a new one?

This error usually means the webhook secret is incorrect. Are you setting up endpoints for both live mode and test mode?

yep, in test mode it works fine in my local development server. but it wont work in live. why?

Are you using the same webhook secret in both test and live?

Just created a new sk key, added it to my heroku config vars and also put the webhook signining secret key and im getting this error:

2023-04-19T04:18:37.164869+00:00 app[web.1]: File "/app/.heroku/python/lib/python3.11/site-packages/flask/app.py", line 1799, in dispatch_request
2023-04-19T04:18:37.164870+00:00 app[web.1]: return self.ensure_sync(self.view_functions[rule.endpoint])(**view_args)
2023-04-19T04:18:37.164870+00:00 app[web.1]: ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
2023-04-19T04:18:37.164870+00:00 app[web.1]: File "/app/app.py", line 176, in stripe_webhook
2023-04-19T04:18:37.164871+00:00 app[web.1]: raise e
2023-04-19T04:18:37.164872+00:00 app[web.1]: File "/app/app.py", line 168, in stripe_webhook
2023-04-19T04:18:37.164872+00:00 app[web.1]: event = stripe.Webhook.construct_event(
2023-04-19T04:18:37.164872+00:00 app[web.1]: ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
2023-04-19T04:18:37.164872+00:00 app[web.1]: File "/app/.heroku/python/lib/python3.11/site-packages/stripe/webhook.py", line 23, in construct_event
2023-04-19T04:18:37.164873+00:00 app[web.1]: WebhookSignature.verify_header(payload, sig_header, secret, tolerance)
2023-04-19T04:18:37.164873+00:00 app[web.1]: File "/app/.heroku/python/lib/python3.11/site-packages/stripe/webhook.py", line 74, in verify_header
2023-04-19T04:18:37.164873+00:00 app[web.1]: raise error.SignatureVerificationError(
2023-04-19T04:18:37.164874+00:00 app[web.1]: stripe.error.SignatureVerificationError: No signatures found matching the expected signature for payload

im so confused, restarted the dynos 3 times now

even made a NEW webhook

Still waiting for your answer->Are you using the same webhook secret in both test and live?

No they are different, however remember that heroku apps have their env vairables on the server and locally i have another set of env file.

I just confirmed my theory, locally it works fine, but in heroku it doens't it says signatureverificationerror, etc

this seems to be a problem from your side

I'd suggest to put some logs in your application to verify if the correct secret is used in your endpoint.

I will and I will show you that the error is being caused because it is being sent a diffrent endpoint from the one in stripe dashboard. Not even hardcoding it will fix it give me a moment.

Hmm i added the print statement and it is this:

they are the same, why is it giving me an error then?

event ID?

"id": "cus_NjwGxH3XULvaKo",

An event ID starts with evt_

oh yes my bad sorry "id": "evt_1MySO4KlKqnPmqrpP0QJZ8Qu",

Your endpoint responds with

<p>The server encountered an internal error and was unable to complete your request. Either the server is overloaded or there is an error in the application.</p>

yes but that cant be right because right now my application is receiving requests and giving responses just fine

https://stripe.com/docs/webhooks/quickstart?lang=python

In the sample code it's getting the signature from stripe-signature, but your code is getting it from STRIPE_SIGNATURE'

Hmm, okay! let me see

damn no 😦 still getting the same error

Put a log to print out he signature that you receive

one moment

here is the header and secret endpoint:

2023-04-19T04:59:51.677309+00:00 app[web.1]: Endpoint secret: whsec_3QROalhNXD5xhpbOC14X2R6nNE3Wf34U```

hmm?

Is the request.data a raw data or parsed json data ?

here is a sample of the request.data:

Payload: b'{\n "id": "evt_1MyRfrKlKqnPmqrp1H1feTxc",\n "object": "event",\n "api_version": "2022-11-15",\n "created": 1681874834,\n "data": {\n "object": {\n "id": "in_1MyRfnKlKqnPmqrpnY30eK2h",\n "object": "invoice", Im not sure if its parsed or raw

What do you think?

Hey man I have to go now but could you please leave this open. This is an urgent issue and im simply lost on why its happening. I should be back in 6 hours

A thread will be closed after some time, you can ask again in #dev-help when you are back

Could you ask around why is this happening?