#wizz_error

👋 Welcome to your new thread!

⏲️ We'll be here soon! Typically we respond in a few minutes, but sometimes we might take a bit longer if the server is busy or if you have a particularly tricky question.

⏱️ We close idle threads, which makes them read-only. Once a thread is closed it won't be reopened, but you can always start a new thread if you have another question.

🔗 This thread will always be available, even after it's closed. You can find it again using Discord's search, or you can save this link: https://discord.com/channels/841573134531821608/1348939266084044892

📝 Have more to share? Add more details, code, screenshots, videos, etc. below.

Hi, let me help you with this.

Hello ! Please, im struggling since 1 week 😄

Could you please share your webhook handler code?

Sure !

index.js right ?

I don't know how you name your files, unfortunately.

What variable type is payload?

So basically, after the payment, in the firestore database should save UID, email, plan, endDate and startDate

I dont know, a friend of mine tried to help me, and he did some things into it

The error you see is because the payload you provide to constructEvent() is probably parsed, and is not exactly the same as what Stripe sent out.

Could you please print typeof payload and payload?

This is the full log

Where is the Request details log?

Do you want me to reproduce the steps, and send you the new log file ? Or can i get the Request details logs from somewhere else ?

Your code is supposed to print a log with :pencil: Request details: with many local variables. Do you see it in your logs?

Oh, no.. This is all i got

Are you sure these are the logs from the current version of your app? Or, is the code you shared is currently running?

Let me reproduce the steps, and tell me if im doing something wrong

Hi there 👋 I'm jumping in as my teammate needs to step away soon. The error that you shared has a couple common causes that we should look at first.

The error indicates that the value calculated by our constructEvent function doesn't match the value contained in the stripe-signature header. So we need to look at things that could impact the calculation of that hash.

Oh sure, welcome toby, thanks for your help !

First thing, is this a new webhook endpoint that you're standing up using code from a previous endpoint? If so, you should double check that the signing secret you're using in this environment, matches the signing secret for the webhook endpoint in Stripe that it's associated with.

Each webhook endpoint generates its own signing secret rather than them using a shared one.

Oh, yeah, im using the key from "Signing secret

Reveal" from webhooks dashboard from stripe, and ive been applied it by using "firebase functions:config:set stripe.secret_key="sk_live_KEY" and the other command

So now, when i write the stripe get command, i get :

D:\ELECTRON2\immortal_companion>firebase functions:config:get stripe
{
"secret_key": "sk_live_51........",
"webhook_secret": "whsec.........."
}

D:\ELECTRON2\immortal_companion>

You're using a live secret key here? Did you already get this working in testmode?
Are you able to share the ID of an Event that isn't being handled successfully? That ID should have an evt_ prefix.

No, i didnt work in test mode..

I tought it was easier to implement the Stripe payments

😄

I would strongly recommend getting everything working in testmode first, so you can make plenty of test payments without actually moving any money.

This is it, the last checkout session

Ive been doing only 0.50Euro payments to test the payments

You can use our test cards in testmode, and not process any real payments while you're getting everything built:
https://docs.stripe.com/testing

Are you comfortable sharing which webhook endpoint you're debugging here? I see that Event is being sent to three different ones.

And this is the dart file if it helps

Sure, i dont mind, so you need the webhook link ?

Either the URL, or the ID of the webhook endpoint which will have a we_ prefix

https://us-central1-dic-premium.cloudfunctions.net/handleStripeWebhook

Perfect, thanks!

Looking at the most recent attempt to deliver the shared Event to that endpoint, I see the following error message, which I also see in your logs. The important part seems to the be last line, can you double check the value you're using for your signing secret?

Webhook Error: No signatures found matching the expected signature for payload. Are you passing the raw request body you received from Stripe?

Learn more about webhook signing and explore webhook integration examples for various frameworks at https://github.com/stripe/stripe-node#webhook-signing

Note: The provided signing secret contains whitespace. This often indicates an extra newline or space is in the value

I see you're using .trim(), which I would expect to remove leading and trailing white spaces, maybe there's whitespace in the middle of the string?

I have this code

let event;
try {
// Get the raw body
const payload = req.rawBody;
if (!payload) {
throw new Error("No raw body found in request");
}

in the index.js file from functions folder

Is this corrected ?

Can we start with where the error being returned by our library is pointing? It indicates that there is whitespace within the signing secret value you're trying to use.

Should I send you the full code for

So now, when i write the stripe get command, i get :

D:\ELECTRON2\immortal_companion>firebase functions:config:get stripe
{
"secret_key": "sk_live_51........",
"webhook_secret": "whsec.........."
}

D:\ELECTRON2\immortal_companion>

?

No, I don't think I need to see more code right now, as you've shared your webhook endpoint handler.

Can you add a log line in your code to log exactly what value ends up in your webhookSecret variable? Don't share the output of that log here, as signing secrets should remain secret, but the error indicates there is whitespace in that value so you should log it to confirm whether that's the case.

Sure, but one more thing. I applied the last index.js file, and now i receive only

Webhook Error: No signatures found matching the expected signature for payload. Are you passing the raw request body you received from Stripe?
Learn more about webhook signing and explore webhook integration examples for various frameworks at https://github.com/stripe/stripe-node#webhook-signing

So no more whitespace

Awesome, that's progress! So then the question is whether req.rawBody is actually giving you the raw payload of the request. Any modification of the request's payload will result in our hashing failing, it is even sensitive to whitespace changes.

Maybe if i replace this code "app.use(bodyParser.raw({ type: "application/json" }));
" with "app.use(express.json({ verify: (req, res, buf) => { req.rawBody = buf; } }));" will fix the issue ?

I think it might

Trying now

Deploying the new code..

But i got 1 question. When i use "stripe trigger checkout.session.completed
" , why i dont see a new log into the dashboard ? I need to press "resend" manually, is that okay ?

Because stripe trigger does everything in testmode

Oh..

Yeah, doesnt work, same errors

Are you logging the contents of the payload variable, to make sure you're getting the raw unmodified contents of the request payload and not some parsed value?

This is the new and updated code. More of that, i cant do, because i dont understand whats going on 😄 This is my first time using Stripe

I'm not sure I understand what you're trying to say. It looks like you have log lines to log out the contents of req.rawBody:

    console.log("🔍 Raw body content:", req.rawBody.toString("utf8"));```

Give me a moment please

This is the new log file

:mag: Raw body type: object
that seems concerning, if it's the raw body I'd expect it to typically be a string or a buffer

Hmm ok, give me a moment please

Wait, are you actually using Express to host your endpoints? I don't see any app.post lines like I'd expect to if you were.

Instead it seems like you're using onRequest from some firebase library, does that sound right?

I dont know, yesterday because ive been so exhausted to try over and over again to fix the problem ,ive been using ChatGPT , but i think ill start it over from scratch.. All i want to do is to make the payments work 😄

You're definitely using the correct whsec_xxx secret, yes? I see you have multiple webhhook configured to point to the same URL

Yes, should i delete the other ones ?

Up to you, just potentially confusing matters have multiple endpoints for one URL

Done, just the important one left

You're running this on Firebase/Google Cloud yes? If so, req.rawBody should definitely be a Buffer so that's likely your issue looking at your logs. Can you remove this logs? They could malform the raw request body

console.log("🔍 Raw body content:", req.rawBody.toString("utf8"));```

Sure, just a moment please. And yeah, im working with Firestore Database and Funtions

Done, this is the new code

Deploying now

Good reference point: https://github.com/invertase/stripe-firebase-extensions/blob/next/firestore-stripe-payments/functions/src/index.ts#L733

And your code is basically the same

I'm confused, you had a Firebase function and now you have an Express app?

No no, im using only firebase function. Ive been trying something, sorry. This is the latest code

Remove this line too bodyParser.raw({ type: "application/json" })(req, res, async () => {

Done, deploying

I'd recommend looking at this example and largely copying it

Okay, give me few minutes, cause i reached the quota, need to wait 5 - 7 minutes

Yeah you need to setup a local env to test this

But generaly passing req.rawBody to constructEvent is enough. You don't need bodyParser and everything else for a Firebase function

Is this good?

Let's try it

New log..

I don't understand where that log is coming from? It's not in this code you just sent

Its from "firebase functions:log"

Right but where is the console.log in the code that spits out :mag: Raw body type: object

You said you removed it, so how is it still in the logs?

Are you sure you're hitting the endpoint you're updating the code on?

I'm in cmd, in the app directory, writing "firebase deploy --only functions", and then "firebase functions:log"

Yes, I understand how you access the logs. But in the code you sent me there is no console.log() that spits out that line

You removed it, or so you told me:

We're likely gonna wrap up this thread soon as this is not really a Stripe issue and we've been ongoing for 2 hours. You seem to be blindly deploying code without understanding the changes you're making, and they don't even seem to be taking effect

I dont see that part in the code either..

Exactly, you're hitting the wrong endpoint/function when you're testing

Restarted the CMD and did it again. Maybe should i be in /functions folder , and not in the project source code ?

I don't really know enough about Firebase Functions to advise. As I said, I'd recommend looking at the example I shared or reading their docs

I did everything again, double checked all the keys..

And this is the index.js file

Then I would guess that your webhookSecret var is for a different endpoint

Let me understand, what is that endpoint, and where can i find it ?

So the endpoint in the stripe webhook, is this " https://us-central1-dic-premium.cloudfunctions.net/handleStripeWebhook "

And in firebase

I have this

You want to secret from the corresponding we_xxx endpoint in your Dashboard

Hey, taking over here. Let me know if there's any follow-up Qs I can answer!

Welcome ! Well, im trying to fix this thing, so i can enable the payments..