#AkariSarzul - Webhooks
lunar epoch
Hello! We only show webhook delivery attempts from the past 15 days in the Dashboard. Events from the past 30 days are available via the API: https://stripe.com/docs/api/events
prisma apex
lmao
what does that have to do with replaying the event?
Stripe support told me to use that github app
@lunar epoch
lunar epoch
Sorry, I think I misunderstood. Your question is focused on the "invalid signature" piece?
prisma apex
yes
I'm trying to get the app to run the event to my webhook
$event = \Stripe\Webhook::constructEvent($payload,
$sig_header,
$endpoint_secret);```this returns \Stripe\Error\SignatureVerification
lunar epoch
That means the Stripe library is unable to verify the signature for the event provided. That usually happens if you're using the wrong webhook signing secret on your server, or the body of the request is being modified before the signature verification code runs.
prisma apex
I copied the key from my environment variables
how can i fix it?
all i need to do is rerun 3 events
lunar epoch
Can you share the code you're using to get the body of the request and verify the signature?
Like how is $payload populated?
prisma apex
public function webhookHandler(Request $request) {
\Stripe\Stripe::setApiKey(config('app.stripe.secret'));
//Get event type and pass it to a handler
$endpoint_secret = config('app.stripe.webhookSecret');
$payload = @file_get_contents("php://input");
$sig_header = $request->header('stripe-signature');//$_SERVER["HTTP_STRIPE_SIGNATURE"];
$event = null;
try {
$event = \Stripe\Webhook::constructEvent($payload,
$sig_header,
$endpoint_secret);
} catch(\UnexpectedValueException $e) {
// Invalid payload
return response("Invalid paylaod", 400);
} catch(\Stripe\Error\SignatureVerification $e) {
// Invalid signature
return response("Invalid Signature", 400);
}
$eventType = $request->type;
switch($eventType) {
case 'charge.failed':
return response($this->bankDraftNSFHandler($event), 200);
break;
default:
return response("Unhandled event type.", 200);
break;
}
//return response((json_encode($payload) . "|||" . json_encode($event) . "|||" . json_encode($sig_header)), 200);
}```this works for every event except ones i try to replay
it logs these in the middleware so I can see that the event payload is being picked up
and the payload is the exact same as the first time the event hit the webhook
lunar epoch
What creates $request? Are you using some kind of framework?
prisma apex
Yes, I'm using Laravel
any ideas on how to get the stripe python event resend to work?
lunar epoch
I'm not familiar with the resend code you're using, but I don't think that's the issue. I think the issue is you're using the wrong endpoint secret. You're sure it's for the same account, and for the correct environment (live vs. test)?
prisma apex
I'm 99% certain it's the correct secret, but just in case it isn't where can i find it on the website so I can copy and paste it from there?
i don't think it's the secret key
lunar epoch
You would need to go here: https://dashboard.stripe.com/webhooks
prisma apex
because it's able to pull the event data
prisma apex
unless stripe lets anyone pull event data
it calls api.stripe.com/v1/events and successfully gets the event payload and passes it to my webhook which then fails to verify the signature
prisma apex
the app specifies that the key starts with sk_live
lunar epoch
I have no idea. 🙂
lunar epoch
The whole point of signature verification is to confirm the event came from Stripe.
prisma apex
i'm so pissed off at stripe rn
lunar epoch
If this script is sending events itself signature verification will fail by design.
prisma apex
how do i replay these events that are older than 15 days?
lunar epoch
Try the Stripe CLI's stripe events resend command: https://stripe.com/docs/cli/events/resend
Sorry, I misunderstood what the code you were using did.
lunar epoch
The alternative would be to fetch the events from the API and process them manually.
prisma apex
how*
lunar epoch
prisma apex
ok
thank you
i will try that
I get this error
My account has developer permissions
what permission do i need to add?
like how do i do it
actually my role is listed as administrator
you'd think support would care more about an account that pushes over 50 million dollars per year
lunar epoch
Hm, interesting. Let me see if I can reproduce that error...
lunar epoch
I was able to successfully resend an event on my test account. Can you give me the event ID you're trying to resend?
prisma apex
evt_1JVkpjKalH3Zcmn9DjmCH9No
evt_1JX9uHKalH3Zcmn9Jc7Kdet3
evt_1JXvgTKalH3Zcmn9L3CgmBQP
these three events
prisma apex
yes one second
stripe events resend evt_1JVkpjKalH3Zcmn9DjmCH9No --live --webhook-endpoint=we_1CE1qGKalH3Zcmn9b6UYYNji
lunar epoch
Thanks, looking...
Can you try without specifying the webhook endpoint? So just this:
stripe events resend evt_1JVkpjKalH3Zcmn9DjmCH9No --live
Assuming it's okay to send it to both of your live endpoints?
lunar epoch
Let me see if this is a known bug...
prisma apex
is there some page with permissions we should check?
lunar epoch
No, not if you used stripe login while logged in as an administrator to this account. I can reproduce the error in live mode with my test account as well.
prisma apex
I didn't specifically run stripe login I ran the command i pasted before and it ran the stripe login command and had me log in
my coworker changed the all webhook resources permission from read to write and that seems to have fixed it
lunar epoch
Ah, you were able to resend successfully after that?
lunar epoch
Awesome! Sorry about the trouble, but glad to hear you got it resent finally!
Is there anything else I can help you with?
lunar epoch
Happy to help! Have a great day!