#.madvirus
unreal acorn
fiery dove
Hi there!
Getting a SignatureVerificationError is quite common. It usually comes from two potential errors:
- You are using the wrong webhook secret. So please double check you are using the correct one. It should look like whsec_xxx and match the one displayed in your dashboard
- The payload you pass in the constructEvent function is not the raw payload. So you need to ensure that you get the raw body of the HTTP request that Stripe sent you, without any interference by your code or framework in the middle.
To debug this you'll need to add logging to every value you pass to constructEvent (the payload, the secret, and the signature header) and then we can try to have a look at what part is wrong
finite oriole
i did that, the webhook secret is the one i copied from the dashbaord. as you can see from my codes above i am sending the raw request.body
fiery dove
Can you share:
- Your account ID (
acct_xxx)? It's at the top of this page: https://dashboard.stripe.com/settings/account - The first five and last 2 characters of the webhook endpoint secret?
Also is your code Python? Maybe with Flask?
finite oriole
Account ID: acct_1M5T6WGYYMC7FKsI
webhook secret: whsec and o0
finite oriole
Also is your code Python? Maybe with Flask?
yes python/FastAPI. i am using the stripe python library
fiery dove
webhook secret: whsec and o0
That looks correct, assuming it's realted to the webhook endpoint with a ngrok URL.
finite oriole
@fiery dove i am using an ngrok url for testing
fiery dove
Then the webhook secret is correct.
If you try to log the payload and the signature header, what do you see?
finite oriole
when i log then i get this ```
Stripe signature t=1696234989,v1=b151b9e93d30cdd47728442edfe43ee2b9307fb9f1c3aba076097cb593f32f91,v0=fab54776dbd3d85f56a6cbb1077e8fbba224a11e1fce946bb7ca84ed91a970f3
payload
<bound method Request.body of <starlette.requests.Request object at 0x7fa91111e0d0>>
naive crown
Hey! Taking over for my colleague. The issue here is probably you have something in your endpoint that is modifying the request body
naive crown
yes python/FastAPI. i am using the stripe python library
First I invite you to run this sample Python script:
https://stripe.com/docs/webhooks/quickstart?lang=python
expose an endpoint using ngrok and use the webhook client secret and make sure that you manage to consume events
finite oriole
hi @naive crown this is waht i have been doing, it works before but no longer works. i transalated this flask code to fastapi and have been using it for a while now but all of a sudden it stopped working
naive crown
it works before but no longer works
You need to double check what was modifyed exactly
i transalated this flask code to fastapi and have been using it for a while now but all of a sudden it stopped working
Stripe has no contorl over your endpoint, if you have version control history you can revert your latest changes
and try to go back to the latest working version
finite oriole
the only thing changed was the url and the endpoint secret
naive crown
If you are using env vars, make sure that your server is reading it correctly
try to log it
finite oriole
i did and it prints the exact value as i set it
naive crown
Are you using the client secret of the same Stripe Account owning that webhook endpoint ?
finite oriole
yes i am
naive crown
now but all of a sudden it stopped working
You need to figure out what was changed since this happens
Double check your code integration
payload = request.body
Here it shouldn't be request.raw ?
finite oriole
okay so i just fixed it, apparently the request.body is a couroutine that needed to be awaited. just did that and it works. thanks for your time