panpetar | Stripe Developers | Page 1

pseudo leafBOT Oct 4, 2023, 7:13 PM

#

hasty prism Oct 4, 2023, 7:15 PM

#

You don't appear to have any endpoints configured

#

Are you trying to vlidate signatures on a CLI endpoint?

#

eg, using stripe listen?

livid fog Oct 4, 2023, 7:16 PM

#

No. I am trying to do this
event = stripe.webhooks.constructEvent(reqBody, stripeSignature, process.env.STRIPE_SECRET_KEY)
in /api/webhook

#

And I am getting


Learn more about webhook signing and explore webhook integration examples for various frameworks at https://github.com/stripe/stripe-node#webhook-signing

I assume it is wrong secret

hasty prism Oct 4, 2023, 7:17 PM

#

Yes, but you showed me no endpoints configured

#

so i imagine you're forwarding from the CLI, yes?

livid fog Oct 4, 2023, 7:17 PM

#

that is right

#

So the thing is, CLI finds me but since i did not configure endpoint, it can't be processed ?

#

Do I have to use this secret provided in the code snippet on the right ?

hasty prism Oct 4, 2023, 7:23 PM

#

If you're using stripe listen --forward-to... to send events to the local endpoint, you need to use the whsec_123 value shown after you run stripe listen -- its specific to the CLI listener

livid fog Oct 4, 2023, 7:24 PM

#

Didn't know that. Sorry.

Also I didn't know code snippets will provide the data exactly for me. I thought snippets are just leads.

Maybe set somewhere additional note about that, but somewhere visible

hasty prism Oct 4, 2023, 7:29 PM

#

It looks like that snippet might actually grab the real secret from your CLI endpoint, according to the comment

#

So if thats the one youre using, there might be another issue to resolve.

#

You're getting into the webhook endpoint though, it seems

#

Can you share you code for the webhook handler?

#

ie, where you call constructEvent

livid fog Oct 4, 2023, 7:33 PM

#

I am using NextJS and I just connected it. Now it is time for handling cases..

import { headers } from 'next/headers'
import { stripe } from '@/utils/stripe'

export async function POST(req) {
  let event
  const headersList = headers()
  const stripeSignature = headersList.get('stripe-signature')
  // console.log(stripeSignature)

  try {
    const reqBody = await req.text()
    // console.log(reqBody)
    event = stripe.webhooks.constructEvent(reqBody, stripeSignature, process.env.STRIPE_WEBHOOK_SECRET)
    // console.log(event)
  } catch (err) {
    console.log(err)
    // console.log(err)
    // console.log(`⚠️  Webhook signature verification failed.`)
    // console.log(`⚠️  Check the env file and enter the correct webhook secret.`)
    return NextResponse.json({}, { status: 400 })
  }
  console.log('all good')
  return NextResponse.json(
    { received: true },
    {
      status: 200,
    },
  )
}

#

And yes sir, The one I am using is the one I found in the code snippet.

hasty prism Oct 4, 2023, 7:35 PM

#

You should first log the params to ensure they all have values

#

ie, perhaps you env vars arent set like you expect

#

reqBody, stripeSignature, process.env.STRIPE_WEBHOOK_SECRET

#

Are there values for all three of those?

livid fog Oct 4, 2023, 7:36 PM

#

I checked that, It is all good.

#

It is working now.

#

The problem was just that I could not find the webhook secret

hasty prism Oct 4, 2023, 7:36 PM

#

Gotcha, great!

livid fog Oct 4, 2023, 7:36 PM

#

Thank you sir

#panpetar