k1ng | Stripe Developers | Page 1

topaz daggerBOT May 2, 2023, 5:53 AM

#

void summit May 2, 2023, 5:54 AM

#

hello!

When running into issues with checking/verifying the signature of a webhook event sent to your endpoint, there are typically one of two root causes:

The webhook secret in your code does not match the one defined in the webhook. You would want to try logging the webhook secret during runtime to verify if it's correct.

Note : If you're using the Stripe CLI to forward events on to a local endpoint, you should make sure that you're using the CLI webhook secret instead. The CLI's webhook secret is different from the secret of the webhook endpoint(s) defined via the Dashboard/API.

The data you're signing is simply different from the data Stripe signed. This can happen if you're using a framework that tries to be helpful and parses the event data as JSON. Because of this, when a user calculates their own signature, they do this on a string that is subtly different. For example, the order of properties might have changed or the indentation would be different. For the signatures to match, you need to calculate it on the exact same raw string as Stripe did. For this, you'll need to ensure that you get the raw body of the HTTP request that Stripe sends you, without any interference by your code or any other framework in the middle.

#

you might want to take a look at this Stackoverflow question since you're using next.js https://stackoverflow.com/questions/69968460/nextjs-stripe-webhook-raw-body/69970121#69970121

urban badger May 2, 2023, 6:08 AM

#

hey @void summit i tried literally everything, can you hop on vc?

void summit May 2, 2023, 6:09 AM

#

i'm afraid we don't do vc, can you paste what's the output of the raw req body, just before you use constructEvent?

topaz daggerBOT May 2, 2023, 6:09 AM

#

urban badger May 2, 2023, 6:22 AM

#

@void summit

📎 message.txt

#

thats the buf variable right before
event = stripe.webhooks.constructEvent(buf, sig, webhookSecret)

fiery nexus May 2, 2023, 6:23 AM

#

Hi @urban badger I'm taking over

urban badger May 2, 2023, 6:23 AM

#

hey Jack

fiery nexus May 2, 2023, 6:24 AM

#

Thanks for the ID

#


FUNCTION_INVOCATION_TIMEOUT```

This is the error that your server returns. I'd suggest you to check your server log and troubleshoot

urban badger May 2, 2023, 6:26 AM

#

@fiery nexus im getting this: : No signatures found matching the expected signature for payload.

#

let me send u the server file to look at

#

📎 serv.txt

fiery nexus May 2, 2023, 6:34 AM

#

Can you double check if the webhook secret is the one you obtained from test mode Dashboard instead of Stripe CLI?

urban badger May 2, 2023, 6:35 AM

#

@fiery nexus yep its from the dashboard

#

wait jack, it just worked

#k1ng