Stripe webhook failures #6254
Comments
|
It seems your webhook parses the request payload incorrectly, so the raw I was unable to reproduce your issue in a fresh project. Are you able to provide a reproduction of the issue? Would make it easier to debug. Also, can I get you to ensure all your Medusa packages are updated? |
|
Thank you for your reply @olivermrbl I have setop local webhooks with Stripe using this: And can reproduce it locally now. What do I need to do, do you want access to my MedusaJS repo? Can you test it without the frontend? |
|
If you are OK with giving me access, that would definitely be the most straightforward approach. I'll spin up our own storefront and test it out. |
Sure, it's a gitlab repo, what e-mail can I use to invite you? |
|
Done, can you access it? |
|
Downgrading does not help because of the |
|
@olivermrbl I have customer paying for orders now and the carts are not converted to orders because of the webhook issue. Can I manually complete the carts as a workaround for now? |
|
@adrien2p tagging you since Oli seems to have other stuff on his mind (understandable, no offence). |
I can't sign in to get access no. Can you try resending the invite? |
See your mail, I've manually set the pw for you, |
|
same issue. whats the workaround (if there's one) |
Well Im glad I'm not the only one anymore @olivermrbl @dasherzx What Im doing for now is manually calling the |
|
Here's a detailled step by step of what im doing (and be aware, I changed nothing, everything used to work for about half a year and it suddenly stopped working):
Is there a way I can debug the incoming webhook in MedusaJS so we can investigate further? Mentioning @adrien2p as he's helped me before and I get no solutions yet and this is breaking, sorry! |
|
@BorisKamp, in order to debug this one, you should put BP or log in the stripe plugin web hook end point, theoratically this one expect a raw body and not a parsed one. |
|
Same issue here, we changed nothing, and suddenly Stripe webhooks started failing last week, we have paying customers so this is critical also for us. |
|
@dadebulba, can you provide a reproduction? |
|
I managed to solve the issue, although I don't understand why my code was causing it. By removing the I'm using "@medusajs/medusa": "^1.19.0" and "medusa-payment-stripe": "^6.0.2" |
|
I am having the same issue here ! Is there a solution ? |
|
I was facing the same issue and I just noticed that I was using the Webhook ID instead of the Signing Secret. Maybe it's not the case for you guys, but going trough the documentation again can be a good idea as Stripe's UI can be a little bit confusing.
https://docs.medusajs.com/plugins/payment/stripe#retrieve-stripes-keys |
|
Same issue with latest Stripe API and Medusa packages. Why does medusa-stripe-pluigin still rely on stripe ^11.10.0 node package ? Current major is 15 ! https://github.com/medusajs/medusa/blob/develop/packages/medusa-payment-stripe/package.json#L56 |
|
I am struggling with this issue and tried all possible solutions without results. I suspect api Versions miss match between stripe hook and nodejs configuration in the plug-in. |
|
According to the version used by medusa plugin it support apiVersion: "2022-11-15". Does that mean that current Stripe version (2024-04-10) isn't supported ? |
|
It's what I am suspecting. But I am not sure. I am investigating this right after some other urgent issues in my backlog. In my webapp the order is created even if the webhook is failing |
|
After some research I came upon this: https://stackoverflow.com/a/78168323 I also found that Medusa Team has improved the handling of webhook for V2 API that implement the same changes: More likely this part seems the reason why we're getting error that seems fixed in v2 : Now the question for @olivermrbl : Does Medusa team could backport these modifications to current stripe plugin more precisely the route handler: https://github.com/medusajs/medusa/blob/develop/packages/medusa-payment-stripe/src/api/stripe/hooks/route.ts ? |
|
Exactly I saw this and I was wondering how can we use it to replace the actual plug-in |
As a workaround you could create your own endpoint and wrap it in it's own Middleware like so: https://docs.medusajs.com/development/api-routes/create#parse-webhook-body-parameters And setup your webhook to listen to this new endpoint. As long as rawbody is preserved you shouldn't have any issue with webhook validation. My point is that medusa team should upgrade the current API route for stripe webhook like they did for the V2 API Update: Here is how to resolve the Webhook issue (worked for me) if you're still using Express API Route System
const stripeCors = {
origin: "*", //list of FQDN from Stripe if you want to restrict domains: https://docs.stripe.com/ips#stripe-domains
credentials: false,
methods: "GET,HEAD,PUT,PATCH,POST,DELETE,OPTIONS",
};
const stripeRoutePattern = /^\/stripe\/.*/;
stripePublicRouter(router, stripeCors);
import { Router, json, urlencoded } from "express" //important: do not use "body-parser" if your express pckg is above 4.16.x
import { wrapHandler } from "@medusajs/utils";
import { MedusaRequest, MedusaResponse } from "@medusajs/medusa";
export function stripePublicRouter(stripeRouter, stripeCorsOptions): Router {
stripeRouter.use(
cors(stripeCorsOptions),
json({
verify: (req: MedusaRequest, res: MedusaResponse, buf: Buffer) => {
req.rawBody = buf
}}),
urlencoded({ extended: true }),
)
stripeRouter.post(
"/stripe/events",
wrapHandler(YOUR_STRIPE_API_ROUTE_HANDLER)
)
return stripeRouter
}
import { MedusaRequest, MedusaResponse } from "@medusajs/medusa"
import StripeProviderService from "medusa-payment-stripe/dist/services/stripe-provider"
import { constructWebhook } from "medusa-payment-stripe/dist/api/utils/utils"
type SerializedBuffer = {
data: ArrayBuffer
type: "Buffer"
}
export const POST = async (req: MedusaRequest, res: MedusaResponse) => {
try {
const pluginOptions = req.scope.resolve<StripeProviderService>(
"stripeProviderService"
).options
let rawData = req.rawBody
if ((rawData as unknown as SerializedBuffer).type === "Buffer") {
rawData = Buffer.from((rawData as unknown as SerializedBuffer).data)
}
const event = constructWebhook({
signature: req.headers["stripe-signature"],
body: rawData,
container: req.scope,
})
const eventBus = req.scope.resolve("eventBusService")
// we delay the processing of the event to avoid a conflict caused by a race condition
await eventBus.emit("medusa.stripe_payment_intent_update", event, {
delay: pluginOptions.webhook_delay || 5000,
attempts: pluginOptions.webhook_retries || 3,
})
} catch (err) {
res.status(400).send(`Webhook Error: ${err.message}`)
return
}
res.sendStatus(200)
}That way Webhook payload from Stripe will be preserved and hopefully it should avoid issue to many of you ! |
|
Please do not close this issue as the Stripe Plugin is still not implementing the solution introduced in V2 |
|
In the end, did you manage to solve the problem? |
|
i still have this error, how can i solve? |
|
i still have this issue, how can i solve? |
|
Hi i solved the issue placing a file middlewares.ts in /src/api/ with this content: |
|
|
This issue is stale because it has been open 30 days with no activity. Remove stale label or comment or this will be closed in 3 days. |
|
This issue was closed because it has been stalled for 3 days with no activity. |
Running
medusa1.20.0andmedusa-payment-stripe6.0.7Im having all my webhooks fail.In Stripe dashboard, all the webhooks return a
400with the following message:I read this:
https://medusajs.com/changelog/#v1.20.0
But have no clue what I need to do, I cannot find that anywhere in the text.
Am I missing something here?
I find it pretty disturbing that this happens, now payments do not work basically...
The text was updated successfully, but these errors were encountered: