#nikivi

hey 👋

Hi. What's the issue you're seeing right now?

so i am trying to setup a web hook

https://dashboard.stripe.com/test/webhooks/create?endpoint_location=local

going from this page

ill go over situation i have now

https://grafbase.com/guides/working-with-mutation-resolvers-and-stripe-checkout

I am using grafbase as my database, it is exposed via graphql

to authenticate requests it uses the JWT id token

when users pay and do it succesfully

a web hook should be sent

this web hook should update UserDetails paidSub.. value

the thing I don't get though is how to do this

with stripe web hooks

first event I think I need to listen to is checkout.session.completed

  try {
    const data = await stripe.checkout.sessions.create({
      success_url: process.env.STRIPE_SUCCESS_URL!,
      mode: "subscription",
      line_items: [
        {
          quantity: 1,
          price: process.env.STRIPE_PRICE_ID!,
        },
      ],
    })
    return {
      suggestedTasks: null,
      stripeCheckoutUrl: data.url,
    }
  } catch (error) {
    console.log(error)
  }

is the session page

the way I do calls to graphql in my app

https://github.com/kuskusapp/kuskus

  const client = new GraphQLClient(import.meta.env.VITE_GRAFBASE_API_URL, {
    headers: {
      authorization: `Bearer ${idToken}`,
    },
  })

is using this

where id_token is gotten from https://authts.github.io/oidc-client-ts/ library

I thought maybe it's possible to pass the user or id_token to stripe session

and somehow the stripe web hook should know that this specific user with this id_token has paid

but don't know how to do that

For syntax questions, I find asking ChatGPT is really helpful: https://www.phind.com/

this is not a syntax question though

Ask it anyways and see how it goes 🤷‍♂️ I find it provides great answers sometimes

I tried

I can't recommend chatgpt

this is very stripe specific

Not for Stripe specific things

@honest adder let me know if anything is unclear

Ok reading your question now

actually I don't need a client, I can just do a fetch from inside a webhook

but point about needing id_token to authenticate request is still there

inside the resolver here

I know the id_token

if I can pass it to the session

Sorry what's id_token

That was a lot of messages back to back and I'm juggling so many threads atm

when you auth with google sign in

you get back jwt with audience token (never changes)

tied to user

and id_token that is assigned for the session

this id_token is used with https://grafbase.com as authentication

inside the stripe web hook, I should update my database changing a value in a model basically for a specific user (id_token is how i do it for a specific user)

Yeah you shouldn't pass that through stripe

Auth tokens are sensitive

You should have a way to get that completely on your side

Without passing that to stripe

Up to you how to do that though

That's not a Stripe question