#renlaer057

Hello renlaer057, we'll be with you shortly! Below are links to other discussions we've had with you in the past week in case you want to review that information. If your question is related to one of these previous discussions, please provide a comprehensive summary of the current state and what you need help with now. We help many users simultaneously, so a summary allows us to resolve your issue as soon as possible.
• renlaer057, 0 days ago, 38 messages
• renlaer057, 3 days ago, 9 messages
• renlaer057, 3 days ago, 9 messages
• renlaer057, 4 days ago, 46 messages

hi @autumn moon what was the CheckoutSession ID cs_test_xxx where that happened?

OK

"id": "cs_test_a1QKGrN4S8kQLfXXMsrVBVj0XyBQwJEF9PkArCZohluNvzE68MjELIdpS7",

I can see in our logs we did send you the webhook.

https://dashboard.stripe.com/test/events/evt_1O4M42ILBklWVE7iSu37gk8l

But why didn't my program receive it? What's wrong?

We updated to the latest version from 2022-11-15. Is it because we missed something?

I don't know, it's your server. We did deliver the webhook (https://api-test.****.com/V1/Order/PayWebHook) and you responded with a HTTP 200, that is all that we can see.

What changes have been made in the latest version compared to the version on November 15, 2022? Do I need to change the code?

What changes have been made in the latest version compared to the version on November 15, 2022?
https://stripe.com/docs/upgrades#api-versions
Do I need to change the code?
I don't know. Did you change the default API version on your account or start passing a new version in your Stripe-Version header on your API requests?

No changes, but I added the latest version of the webhook endpoint

then that would mean the payload of the event we send you will contain the API object, rendered in the latest version of the API.

so your code that does things with the payload needs to be able to handle that. I suggest looking at the logs of your application to see what , if anything, happened when processing the event, I have no visibility into your systems.

:Stripe.StripeException: The expected signature was not found in the Stripe-Signature header. Make sure you're using the correct webhook secret (whsec_) and confirm the incoming request came from Stripe.
at Stripe.EventUtility.ValidateSignature(String json, String stripeSignatureHeader, String secret, Int64 tolerance, Int64 utcNow) in //src/Stripe.net/Services/Events/EventUtility.cs:line 154
at Stripe.EventUtility.ConstructEvent(String json, String stripeSignatureHeader, String secret, Int64 tolerance, Int64 utcNow, Boolean throwOnApiVersionMismatch) in //src/Stripe.net/Services/Events/EventUtility.cs:line 127
at Stripe.EventUtility.ConstructEvent(String json, String stripeSignatureHeader, String secret, Int64 tolerance, Boolean throwOnApiVersionMismatch) in /_/src/Stripe.net/Services/Events/EventUtility.cs:line 88
at Renlaer.Services.ThirdPartyPay.Stripe.ThirdPartyPayWebHookService.WebHookAsync() in D:\code\Renlaer\Renlaer\Services\ThirdPartyPay\Stripe\ThirdPartyPayWebHookService.cs:line 162

It shows this error and my developer doesn't know what to do

sounds like when you created the webhook endpoint today you did not copy the new secret (whsec_xxxxx) from the Dashboard and update your code to use that secret, that could explain it.

👋 taking over for my colleague. Let me know if there's any follow-up Qs I can answer!

I created the latest version of the webhook, but my payment process became erratic and we were unable to receive webhook notifications

For the new version endpoint, my developers want to know where should we modify to be compatible with it?

Can you list them for me?

I'm not sure I follow, would you mind elaborating?

I created a public endpoint of 2023-10-16 in test mode, which caused me to be unable to receive webhook notifications.

The API version we used before has always been 2022-11-15, and it has always been normal.

would you mind sharing your account ID?

yes

acct_1N6RXLILBklWVE7i

sorry for the delay

we're talking about your test webhook endpoint, right?

yes

it seems to be working

what exactly is not?

as you can see here https://dashboard.stripe.com/test/events/evt_1O4M42ILBklWVE7iSu37gk8l your server responded with 200 OK

How should I explain, everything worked fine for me before, before the upgrade.

what's not working now

Received event with API version 2022-11-15, but Stripe.net 42.8.0 expects API version 2023-08-16. We recommend that you create a WebhookEndpoint with this API version. Otherwise, you can disable this exception by passing throwOnApiVersionMismatch: false to Stripe.EventUtility.ParseEvent or Stripe.EventUtility.ConstructEvent, but be wary that objects may be incorrectly deserialized.
at Stripe.EventUtility.ParseEvent(String json, Boolean throwOnApiVersionMismatch) in //src/Stripe.net/Services/Events/EventUtility.cs:line 47
at Stripe.EventUtility.ConstructEvent(String json, String stripeSignatureHeader, String secret, Int64 tolerance, Int64 utcNow, Boolean throwOnApiVersionMismatch) in //src/Stripe.net/Services/Events/EventUtility.cs:line 128
at Stripe.EventUtility.ConstructEvent(String json, String stripeSignatureHeader, String secret, Int64 tolerance, Boolean throwOnApiVersionMismatch) in /_/src/Stripe.net/Services/Events/EventUtility.cs:line 88
at Renlaer.Services.ThirdPartyPay.Stripe.ThirdPartyPayWebHookService.WebHookAsync() in D:\code\Renlaer\Renlaer\Services\ThirdPartyPay\Stripe\ThirdPartyPayWebHookService.cs:line 162

Suddenly one day my webhook received this prompt, and it seemed that I had to upgrade the version to solve it.

Then I upgraded the version today and created the latest version of webhook. As a result, I still cannot respond to events sent by webhook. I tested the payment. After the payment was successful, my program could not respond to the event of successful checkout.

Received event with API version 2022-11-15
how did you receive it? what's the event ID?

It was reported by the official database itself.

let me clarify how I see this.
In the past you were using the 2022 API version and an older version of the stripe-dotnet package that works with that version so it's all good.

Suddenly one day my webhook received this prompt
That 'suddenly' must correspond with you upgrading your version of the stripe-dotnet package. As we explain in the README/docs of that library, there are breaking changes when upgrading, and the new version is pinned to the latest API version and can't handle webhooks in the old version(which is what the error means)
and it seemed that I had to upgrade the version to solve it.
creating a new webhook endpoint using the new API version is one possible solution, yep. Or downgrading to the version of stripe-dotnet you were using before can also work.
Then I upgraded the version today and created the latest version of webhook.
ok.
As a result, I still cannot respond to events sent by webhook. I tested the payment
and now it's this error about ': The expected signature was not found' ,correct? Like I said, that is because you created the endpoint, but you did not copy the new secret (whsec_xxxxx) from the Dashboard and update your code to use that secret.

That's how I see it, can you take this back to your devs and confirm if that's the situation and you understand the next step?

The problem is, I don’t see the new key starting with whsec in the dashboard

Public key: pk Key: sk and no whsec

because you're not looking at the right page

the secret is on the page for the webhook endpoint, which will be on https://dashboard.stripe.com/webhooks

it's not a Key, it's a webhook signing secret and is associated with the webhook endpoint itself

OK, actually, I just need to apply this key to the code and the problem is solved

well, maybe, if my summary above is an accurate understanding of the problem, which I think it is but it's hard for me to say.

It seems that the latest version adds a parameter, return_url?

are you referring to this?
https://stripe.com/docs/upgrades#2023-08-16

When confirming a PaymentIntent, you will be required to provide a return_url unless off_session=true.

yes

got it. And what's your question about it?

What is he used for?

it's so that if a redirect-based payment method(one that requires the customer to authenticate on a separate site), like iDEAL that requires the customer to visit their bank's page, is used, there is a URL for the customer to return to your site.

Got it, I'm very happy that the problem just now has been solved.

so you updated your code to use the new whsec_xxx, and did a test just now, and your webhook worked the way you expected?

Yes, I successfully applied the event sent by the webhook.

I have another request. Does the checkout.session.expired event mean that the session has expired?

great!

When I receive this event, the session representative has expired. I need to change the session status in my own system to =Invalid.

possibly! I don't what exact status or session this is in your system or what it represents.

On the Stripe side, that webhook event means the CheckoutSession(the Stripe-hosted payment page you can redirect a customer to in order to pay) has expired, which happens 23 hours after you first create the CheckoutSession object; or if you call the API to manually expire it; or if you use a certain API parameter to set a custom expiration time on it.

When a customer's payment fails, or the payment is blocked by you, it seems that you will also send the checkout.session.expired event to me?

no, not that I'm aware of no.

the CheckoutSession expires in the circumstances described above. A failed payment doesn't expire the session. You can test this in test mode.

Then there is a question. I did not cancel the order and it has not been more than 24 hours. Why does the checkout session appear to have expired?

which CheckoutSession cs_xxx exactly are you referring to?

but I just remembered that we do cancel the session if there's an excessive number of attempts on it(indicating probable fraud) in addition to what I mentioned, so could be that.

We do cancel the session if there are too many attempts (indicating possible fraud), so that may be the case. At this time, what event will be sent to me?

probably checkout.session.expired.

thanks

Found a problem, when I tried to pay countless times and was blocked, the checkout session was still not canceled by you, what is going on?

pi_3O4NY0ILBklWVE7i0u30iwWK

It seems like it’s different now than before? I remember that my checkout was blocked by you and my order would be invalidated. It won't fail now

Having trouble looking up that ID. I do think something was added recently so that payment intents themselves cancel after so many declines, it is possible that you just aren't hitting that limit with this payment intent