Aurelius - webhook signatures | Stripe Developers | Page 1

tepid rune Dec 17, 2021, 3:54 PM

#

hey there, can you explain whats not working like you expect it to?

lime burrow Dec 17, 2021, 3:55 PM

#

Definitely

#

So I have a webhook that when sent a stripe event and that stripe event is. 'checkout.session.completed' it'll execute some code

#

During dev mode, I am now getting the error Stripe webhook failed with Error: No signatures found matching the expected signature for payload. Are you passing the raw request body you received from Stripe?

#

However, I haven't changed my code and it was working before

#

Moreover, I a product online that when it recieves the initial events for the checkout process from webhook it doesn't execute (it's not from webhook failure because that error doesn't show) but when I send the completed event manually it does work

#

So my two questions are 1. I am not sure why I am getting webhook failure (in dev) now while the same code works (granted only partially) when online

tepid rune Dec 17, 2021, 3:59 PM

#

what do you mean by "online" here, are you referring to live mode?

lime burrow Dec 17, 2021, 3:59 PM

#

I have a product in live mode

tepid rune Dec 17, 2021, 3:59 PM

#

or a public server vs local development server?

lime burrow Dec 17, 2021, 3:59 PM

#

I have one on a public server

#

but currently, the code is the same

#

and checkout and everything works but when I try to recieve the webhook I have an issue

tepid rune Dec 17, 2021, 4:01 PM

#

are you using the appropriate signing secret to match your test mode endpoint when you switch to developing? is your test mode endpoint also public?

#

are you using the stripe CLI to proxy event delivery to a local dev endpoint?

lime burrow Dec 17, 2021, 4:01 PM

#

I am using the stripe cli for test mode

#

the latter

#

When I resend the checkout.session.completed event from dashboard, my webhook executes it

#

but not when stripe initially sends the events

#

const stripeEvent = stripe.webhooks.constructEvent(
      body,
      headers['stripe-signature'],
  
process.env.GATSBY_STRIPE_WEBHOOK_SECRET
    );

tepid rune Dec 17, 2021, 4:06 PM

#

OK so you need to use the webhook secret generated by the CLI when you do this

#

not the secret from the dashboard

#

It's displayed when you run the stripe listen command

lime burrow Dec 17, 2021, 4:08 PM

#

Ok, I had it set to test secret key. let me try it again

tepid rune Dec 17, 2021, 4:09 PM

#

👍

lime burrow Dec 17, 2021, 4:11 PM

#

Perfect that works, onto the next problem

#

When I complete a checkout, my webhook doesn't execute

#

Only when I resend the session.complete event does the event trigger

#

from the dashboard

tepid rune Dec 17, 2021, 4:13 PM

#

lime burrow When I complete a checkout, my webhook doesn't execute

You're talking about test mode now, or live mode?

lime burrow Dec 17, 2021, 4:13 PM

#

Live mode

tepid rune Dec 17, 2021, 4:13 PM

#

Can you share the event id?

lime burrow Dec 17, 2021, 4:13 PM

#

Though both are the same code at the moment

tepid rune Dec 17, 2021, 4:13 PM

#

Sure, but they'd go to different endpoints

lime burrow Dec 17, 2021, 4:13 PM

#

"evt_1K7huQDtAqr0NEuGgA8Vf1qB"

#

All the webhooks are recieved

#

they indicate 200

tepid rune Dec 17, 2021, 4:14 PM

#

Yep, it looks like it was delivered successfully and your server responded with a 200

#

so you'll need to investigate why that didnt trigger whatever you expect it to in your code

#

You responded with a header that includes X-Nf-Request-Id: 01FQ4EFZRZ1MC56X1P1PBGV5WD

#

to the first delivery

lime burrow Dec 17, 2021, 4:16 PM

#

My question is, it fires when I manually send the webhook but not the intial ones automatically sent upon checkout

tepid rune Dec 17, 2021, 4:17 PM

#

sure, and i'm saying both are delivered, so whatever isnt happening as you expect is within your handler/endpoint

#

so what do your logs say happened with the first (automatic) delivery?

lime burrow Dec 17, 2021, 4:19 PM

#

Normally they show that my function recieved them but then nothing

#

and overnight i had

#

2:55:01 AM: b44a841e Duration: 1.41 ms Memory Usage: 87 MB 9:55:01 AM: c2e1596f INFO Stripe webhook failed with Error: No signatures found matching the expected signature for payload. Are you passing the raw request body you received from Stripe? https://github.com/stripe/stripe-node#webhook-signing

#

Yet it executes when i manually send a hook

#

other times it'll get the event and do nothing

tepid rune Dec 17, 2021, 4:21 PM

#

oh

#

you have the same endpoint configured for live mode and test mode

#

you shouldnt do this

#

those have different signing secrets (they are different endpoints, which happen to point to the same URL)

lime burrow Dec 17, 2021, 4:22 PM

#

oooh

tepid rune Dec 17, 2021, 4:22 PM

#

if you want to handle this, i suggest change one to add a query param like ?testmode=1 to one of them

#

that way you can choose whether to use the live or test mode signing secret

#

without that you dont know which secret to use

lime burrow Dec 17, 2021, 4:23 PM

#

If I remove the webhook in test

#

will that also work?

#

so there's only one webhook, in live, that's pointing to the endpoint

tepid rune Dec 17, 2021, 4:24 PM

#

yes, you are likely receiving events related to your dev work in test mode to the live endpoint, and you arent expecting that

#

since youre using the CLI for test mode you dont need the configured test mode endpoint

lime burrow Dec 17, 2021, 4:25 PM

#

That makes sense then on why when I manually resend it works but not on the initial payments

#

Is there anyway to archive this thread? I won't know if the problem persists until someone makes a payment but this seems like the culprit

tepid rune Dec 17, 2021, 4:29 PM

#

They all get archive, and you can search for your messages here later

#

eg, bookmark the root message of this thread: #dev-help message

#Aurelius - webhook signatures