.hendrid | Stripe Developers | Page 1

copper chasmBOT Oct 9, 2023, 1:41 PM

#

hybrid quartz Oct 9, 2023, 1:43 PM

#

Hello, that error can happen 3 ways from the things that you pass in to the construct event function

Using an incorrect webhook secret
Passing an incorrect signature to the
Not passing in the raw webhook body to the function

#

I would recommend double-checking the first two first

sterile flint Oct 9, 2023, 1:49 PM

#

I think I have a correct webhook secret, but I not sure about other

#

hybrid quartz Oct 9, 2023, 1:54 PM

#

You are calling the code right, I would recommend printing out the sig variable to make sure it is populated and your process.env.STRIPE_WEBHOOK_SECRET param to make sure it is populated and has a format of whsec_1234...

sterile flint Oct 9, 2023, 1:55 PM

#

is correct the format of the sig?

hybrid quartz Oct 9, 2023, 1:55 PM

#

Yep that signature looks fine

#

Don't send the webhook signature to me here, that is sensitive

sterile flint Oct 9, 2023, 1:56 PM

#

cool

hybrid quartz Oct 9, 2023, 1:57 PM

#

But with that, you will want to check that it starts with whsec_ and that it matches the secret for that specific webhook

#

So if you created it via the CLI, double check that it matches your CLI. If you created it via the dashboard, double check the dashboard. Using the secret from another endpoint will cause signature verification to fail.

sterile flint Oct 9, 2023, 1:57 PM

#

hybrid quartz Oct 9, 2023, 2:00 PM

#

I would also print out the webhook secret before calling ConstructEvent just to confirm that the code is reading the env file properly

#

Soundling likely that this is being caused by the last one I mentioned

Not passing in the raw webhook body to the function

sterile flint Oct 9, 2023, 2:02 PM

#

hybrid quartz Oct 9, 2023, 2:02 PM

#

Basically, Stripe needs the exact raw webook body that we sent out. Frameworks will often be helpful and parse the json before passing the body to your handler function, but that throws off our signature validation

#

I'd reccommend looking up "nestjs raw post body" to find how to access the raw body before modifications

sterile flint Oct 9, 2023, 2:03 PM

#

mmm... and how we can fix that

hybrid quartz Oct 9, 2023, 2:03 PM

#

Not that familiar with nest myself but this SO looks relevant

#

https://stackoverflow.com/questions/54346465/access-raw-body-of-stripe-webhook-in-nest-js

Stack Overflow

Access raw body of Stripe webhook in Nest.js

I need to access the raw body of the webhook request from Stripe in my Nest.js application.

Following this example, I added the below to the module which has a controller method that is needing th...

sterile flint Oct 9, 2023, 2:03 PM

#

My nestjs version don't handle raw body directly

#

I use this link for config the middleware but does'nt work 🤷

hybrid quartz Oct 9, 2023, 2:06 PM

#

Unfortunately I don't have nestjs specific advice, I'd recommend looking further in to how to do this for your specific version

sterile flint Oct 9, 2023, 2:06 PM

#

hybrid quartz Oct 9, 2023, 2:06 PM

#

Nestjs forums or StackOverflow could be helpful here as well

copper chasmBOT Oct 9, 2023, 2:11 PM

#

#.hendrid