#jimmiller-webhooks

that means your webhook signature verification is not working, meaning your code is not responding to Stripe webhooks at all

that doesn't make sense. I had a successful transaction at 2:48pm

sure but that isn't webhook related

right

like I can make API requests to Stripe but still have my webhook endpoint fail

ok. In the webhooks dashboard I see checkout.session.completed.

sure but what about your integration's response to the webhook event?

the error is coming from your server when Stripe sends you a webhook event

Stripe creates and sends the event just fien

fine

your integration does not respond to it because your code hits that error above^

ok, do I have to move my webhook from test to live?

no, sorry I think you're misunderstanding

are you listening to webhooks? is your code doing something in your webhook handler?

Its just a standard controller:

    payload = request.body.read
    sig_header = request.env['HTTP_STRIPE_SIGNATURE']
    event = nil

    begin
      event = Stripe::Webhook.construct_event(
        payload, sig_header, Rails.application.credentials[:stripe][:webhook]
      )
    rescue JSON::ParserError => e
      status 400
      return
    rescue Stripe::SignatureVerificationError => e
      # Invalid signature
      puts "Signature error"
      p e
      return
    end

    # Handle the event
    case event.type
    when 'checkout.session.completed'
      session = event.data.object
      session_with_expand = Stripe::Checkout::Session.retrieve({
        id: session.id, 
        expand: ["line_items"] 
      })


      session_with_expand.line_items.data.each do |line_item|
        product = Product.find_by(stripe_product_id: line_item.price.product)
        product.increment!(:sales_count)
      end
      # @product = Product.find_by(price: session.amount_total)
      # @product.increment!(:sales_count)
    end
  end

  render json: { message: 'success' }```

so you're failing signature verification at the part where you're doing signature verification.

      # Invalid signature
      puts "Signature error"
      p e
      return

this catch block is being triggered so the rest of your code isn't being called, going off that error msg

yes. so it seemed to work when I was in Stripe test mode. so I see in the Webhooks Dashboard on Stripe that there is an "Import Test Endpoint". when I click that it asks me if I want to import from test to live.

well it depends right, are you making live mode requests?

My point is, your webhook endpoint is being called, I don't know for what events, live or test.

I am live now. It was working in test and I see in the logs that the last successful webhook POST was 11/06

is there a way to test if I have it live now?

sorry I think we're not speaking about the same thing here

the Log you showed is webhook endpoint creation

there should be an "Events" section in your Dashboard

ok

that will tell you what your webhook endpoint is responding to Stripe's Events with

but really, this is a configuration issue on your end, your webhook endpoint is not verifying signatures, either test or live, I cannot say given what I have seen but that is the issue here

can you send any one of those event IDs to me

just pasting here is fine

evt_1K1fYfKfSszlxio1oU8qbB8R

@long raven sorry for the delay completely missed this

no worries

So what is your question exactly? What's blocking you? That's a Live event sent to your webhook endpoint and the delivery succeeded

Well, initially it was "Why am I getting this Error":

2021-11-30T19:48:05.183037+00:00 app[web.1]: #<Stripe::SignatureVerificationError: No signatures found matching the expected signature for payload>```

It seems like I am live

This worked in test but now not in live mode:

        product = Product.find_by(stripe_product_id: line_item.price.product)
        product.increment!(:sales_count)
      end```

I don't think its a credentials error but I can't tell what the error is

So step 1 would be to figure out what the problem is really in that case first. Is it a signature issue? Is it something else? The 2 parts you mentioned are completely unrelated to each other

Well if it worked in test mode would that rule out a signature issue?

not really no

you could have mixed up the webhook secret for example. But it's surprising that your code would have a signature error and still return a 200 to the delivery

but really the first step is to try and debug your issue and add logs to understand what is failing

There is only one webhook secret, right? Not one for test and live

That's not correct. The secret is different for every single webhook endpoint

Well, I created 1 webhook endpoint so I should only have 1 wh secret, correct?

Hello, yes 1 secret per endpoint

Thanks. So I should probably go back to local and use the CLI to test?

Yes please!

Ok. Will do.

Is there something Stripe that I can add to help debug? More verbose logs?

You have the events list in the view above, on your Dashboard about which event came to your endpoint and how was the response. Other than that it's really up to you to put debug on your server