durxiking_error | Stripe Developers | Page 1

thin gyroBOT Jun 21, 2024, 9:17 AM

#

👋 Welcome to your new thread!

⏲️ We'll be here soon! We typically respond in a few minutes, but in some cases we might need a bit more time (e.g., server's busy, you've got a complex question, etc.).

⏱️ We close idle threads, which makes them read-only. Once a thread is closed it won't be reopened, but you can start a new thread if you have another question.

🔗 This thread will always be available, even after it's closed. You can find it again using Discord's search, or you can save this link: https://discord.com/channels/841573134531821608/1253639880043532370

📝 Have more to share? Add details, code, screenshots, videos, etc. below.

flat slate Jun 21, 2024, 9:17 AM

#

hi! what exact code is this coming from?

half citrus Jun 21, 2024, 9:18 AM

#

Shouls I send the whole code?

flat slate Jun 21, 2024, 9:19 AM

#

whatever you think would give the most context. Right now you just said you got an error but not what code you executed and what line gave that error.

half citrus Jun 21, 2024, 9:21 AM

#

This is the code from API 2

@app.route('/webhook', methods=['POST'])
def webhook():
event = None
payload = request.data
sig_header = request.headers['STRIPE_SIGNATURE']
logger.warning(payload)
logging.info("Received headers: %s", sig_header)

if not sig_header:
    return jsonify({'error': 'Stripe signature header missing'}), 400

try:
    event = stripe.Webhook.construct_event(
        payload, sig_header, endpoint_secret
    )
    logger.warning(event)
except ValueError as e:
    return jsonify({'error': 'Invalid payload'}), 400
except stripe.error.SignatureVerificationError as e:
    logger.warning("BAD BAD BAD")
    return jsonify({'error': 'Invalid signature'}), 400

# Process the event
if event['type'] in ['payment_intent.payment_failed', 'payment_intent.succeeded']:
    payment_intent = event['data']['object']  # PaymentIntent object
    new_status = 'completed' if event['type'] == 'payment_intent.succeeded' else 'failed'
    update_order_status(payment_intent['client_secret'], new_status)

return jsonify(success=True), 200

#

This is the code from API 1

@limiter.limit("12 per second") # Adjust limit as needed
def webhook_stripe_webhook():

logger.info(data)
stripe_signature = request.headers['STRIPE-SIGNATURE']
logger.info(headers)
if not data:
    return jsonify({'error': 'No data provided'}), 400

api_url = 'http://localhost:5000/webhook'

headers = {
    'Content-Type': 'application/json',
    'Stripe-Signature': stripe_signature
}

try:
    # Forward the request to the internal API handling the support form
    response = requests.post(api_url, json=data, headers=headers)
    logger.info(response)
    if response.status_code == 429:
        return jsonify({'error': 'Too many requests, please try again later'}), 429

    if response.status_code != 200:
        return jsonify(response.json()), response.status_code

    try:
        response_data = response.json()
    except ValueError:
        return jsonify({'error': 'Invalid JSON response from internal API'}), 500

    # Return the successful response from the internal API to the client
    return response_data, 200

    # Return the successful response from the internal API to the client
   return response.json(), 200

except requests.exceptions.RequestException as e:
    print(f"Error getting product price: {e}")
    return jsonify({'error': f'Failed to communicate with support form processing API:{e}'}), 500

and yes there is a app.route etc... at method post

#

here when I put headers = request.header it worked "better"

response = requests.post(api_url, json=data, headers=headers)

flat slate Jun 21, 2024, 9:23 AM

#

cool. And when this does error happen? What are you doing/what are you sending to the endpoint when it happens?

flat slate Jun 21, 2024, 9:23 AM

#

half citrus here when I put headers = request.header it worked "better" response = requests...

why are you writing your own code to post to the webhook endpoint?

#

it's Stripe who sends the request(and we include the HTTP header for the signature). If you're sending your own request for some reason, naturally that won't have that header and hence the error.

half citrus Jun 21, 2024, 9:25 AM

#

flat slate cool. And when this does error happen? What are you doing/what are you sending t...

So I should not be sending curl's

#

Can I please copy you message and give it to the developer so that he can know?

flat slate Jun 21, 2024, 9:28 AM

#

ah I thought I was speaking to a developer, it's a developer support Discord 🙂

#

but sure, of course.

half citrus Jun 21, 2024, 9:29 AM

#

Well we are both developers haha

#

But I can send curl right? and it should work

#

or does it need to be send directly from stripe

flat slate Jun 21, 2024, 9:33 AM

#

well you're not being very clear. You have some code here that seems to recieve an event from Stripe, and then tries to forward it to a different endpoint, and both your endpoints try to verify the signature

half citrus Jun 21, 2024, 9:34 AM

#

Because I do not know if the first endpoint is sending it all, all the data including headers etc... to the other endpoint

flat slate Jun 21, 2024, 9:34 AM

#

it makes no sense to me. I would just build one endpoint that accepts the event(that is the endpoint you make be the webhook for Stripe), that endpoint can check the signature and decode the body , and then you can forward things to your other endpoints/services, without the signature, there's no reason to check it twice

flat slate Jun 21, 2024, 9:35 AM

#

half citrus Because I do not know if the first endpoint is sending it all, all the data incl...

that doesn't make sense, why do you need two endpoints at all?

#

you're also not clear which of those endpoints is giving you the error about HTTP_STRIPE_SIGNATURE being missing

half citrus Jun 21, 2024, 9:36 AM

#

flat slate you're also not clear _which_ of those endpoints is giving you the error about `...

To be hones neither I do

#

But like I have 1 endpoint that has a connection to the DB but is not accessible from outside, you can not connect to it.
The other one (the API 1) Is the one who you can connect to but only redirects data to the correspondent endpoint inside

flat slate Jun 21, 2024, 9:39 AM

#

cool, well there's no reason to re-send the signature when doing that internal forwarding, IMO. All the Stripe stuff of verifying the signature should just happen on the "edge" server that's connected to the internet. Once that's done you can just forward data to where you need it internally

#

beyond that if you're also not sure where you're getting this error from it's hard to narrow down for me. Probably it means either:

you are testing the endpoint in some way by sending a raw request instead of stripe trigger or testmode API calls
the error is from the second internal server and the 'forwarding' of the headers didn't work
some other bug

half citrus Jun 21, 2024, 9:41 AM

#

So I do the "event" and then to change the users stuff that has to go to the db and is not with stripe I should do an endpoint

#

And yes this is test mode

thin gyroBOT Jun 21, 2024, 9:59 AM

#

half citrus Jun 21, 2024, 10:05 AM

#

SO I changed the code but still the http error

#

and I am using curl

tepid sonnet Jun 21, 2024, 10:07 AM

#

Hey! Taking over for my colleague. Let me catch up.

half citrus Jun 21, 2024, 10:08 AM

#

Ok perfect

#

DO you want me to send the new code?

tepid sonnet Jun 21, 2024, 10:20 AM

#

half citrus So I do the "event" and then to change the users stuff that has to go to the db ...

yes you can achieve this customisation using Stripe trigger

#

https://docs.stripe.com/stripe-cli/triggers#customize-events

#

As mentioned by my colleague earlier, in order to test your webhook endpoint, you should be using Stripe cli (trigger) and not making curls.

#durxiking_error