thedevgod. | Stripe Developers | Page 1

tardy stumpBOT Feb 21, 2024, 2:40 AM

#

Hello! We'll be with you shortly. Below are links to other discussions we've had with you in the past week in case you want to review that information. If your question is related to one of these previous discussions, please provide a comprehensive summary of the current state and what you need help with now. We help many users simultaneously, so a summary allows us to resolve your issue as soon as possible.

thedevgod., 3 hours ago, 2 messages

rotund sparrow Feb 21, 2024, 2:45 AM

#

hello! The 403 error is returned from your server so you're going to need to investigate why your server is doing so. We can't really provide any further insights there since it's occurring on your server unfortunately. The HTTP 403 Forbidden response status code indicates that the server understands the request but refuses to authorize it [0], so you might want to start with that.

[0] https://developer.mozilla.org/en-US/docs/Web/HTTP/Status/403

MDN Web Docs

403 Forbidden - HTTP | MDN

The HTTP 403 Forbidden response status code indicates that the server understands the request but refuses to authorize it.

fiery dove Feb 21, 2024, 2:52 AM

#

I am using a middleware <?php

namespace App\Http\Middleware;

use Closure;
use Illuminate\Http\Request;
use Stripe\WebhookSignature;
use Illuminate\Support\Facades\Log;
use Symfony\Component\HttpFoundation\Response;
use Stripe\Exception\SignatureVerificationException;
use Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException;

class VerifyStripeWebhook
{
/**
* Handle an incoming request.
* * @param \Illuminate\Http\Request $request
* @param \Closure(\Illuminate\Http\Request): (\Illuminate\Http\Response|\Illuminate\Http\RedirectResponse) $next
* @return \Illuminate\Http\Response|\Illuminate\Http\RedirectResponse
*/
public function handle(Request $request, Closure $next): Response
{
//Log::info('Stripe-Signature Header:', ['Stripe-Signature' => $request->header('Stripe-Signature')]);

    try {
        WebhookSignature::verifyHeader(
            $request->getContent(),
            $request->header('Stripe-Signature'),
            config('services.stripe.webhook')
        );
        Log::info('Webhook signature verified successfully.');
    } catch (SignatureVerificationException $e) {
        Log::error('Webhook signature verification failed.', ['message' => $e->getMessage()]);
        throw new AccessDeniedHttpException('Webhook signature verification failed: ' . $e->getMessage(), $e);
    }
    return $next($request);
}

}

#

📎 message.txt

rotund sparrow Feb 21, 2024, 2:54 AM

#

you can add additional logging at each step to trace through what's happening for each webhook event

fiery dove Feb 21, 2024, 2:57 AM

#

I added the logs but still not finding where this is coming from, for I get status 200 in the cli, but on the stipe dashboard appears as 403 @rotund sparrow

hollow moth Feb 21, 2024, 3:08 AM

#

If status 403 is only returned from the hosted webhook endpoint, the issue is likely not due to the code but the hosted server such as server configuration or other parts of the code

fiery dove Feb 21, 2024, 3:15 AM

#

hollow moth If status 403 is only returned from the hosted webhook endpoint, the issue is li...

that is correct, but I am unable to find out where because my database is still updating, the main issue is I do not want the webhook endpoint being disabled due to this 403 error appearing in the dashboard for it appears in the failed section @hollow moth

#thedevgod.