GCP:Stripe webhook 错误:未找到与有效负载的预期签名匹配的签名
[英]GCP: Stripe webhook error: No signatures found matching the expected signature for payload
问题描述
Stripe version: "8.107.0"
条纹版本:“8.107.0”
I keep getting a Stripe webhook verification error whenever I run my webhook on GCP.每当我在 GCP 上运行我的 webhook 时,我都会收到 Stripe webhook 验证错误。 I've tried using the raw body in the signature, as the code snippet below mentions, as well as other ways to pass the req.rawBody as other StackOverflow answers mention.我已经尝试在签名中使用原始正文,正如下面提到的代码片段,以及其他方法来传递 req.rawBody 作为其他 StackOverflow 答案提到。
The weird thing is that this error seems to be thrown when I deploy to GCP, and not when I run locally.奇怪的是,这个错误似乎在我部署到 GCP 时抛出,而不是在我本地运行时抛出。 I tried to manually create the signature ( https://stripe.com/docs/webhooks/signatures#verify-manually ), and the same result there: locally the signatures match, on GCP it doesn't.我尝试手动创建签名( https://stripe.com/docs/webhooks/signatures#verify-manually ),结果相同:本地签名匹配,在 GCP 上不匹配。
Our server is hosted on GCP GKE, and we serve requests to our server through an Nginx Reverse Proxy.我们的服务器托管在 GCP GKE 上,我们通过 Nginx 反向代理向我们的服务器提供请求。 Other stack overflow solutions mentioned Google Cloud Functions and Lambda.其他堆栈溢出解决方案提到了 Google Cloud Functions 和 Lambda。 As far as I'm aware, we do not parse requests on GCP据我所知,我们不解析 GCP 上的请求
I do use bodyParser.json(), but that's setup after this endpoint.我确实使用了 bodyParser.json(),但这是在这个端点之后设置的。 These are the ways I've tried creating / using a rawBody:这些是我尝试创建/使用 rawBody 的方法:
app.use(express.json({verify: (req,res,buf) => { req.rawBody = buf }}));
bodyParser.json({
verify: (req: any, res, buf) => {
req.rawBody = buf.toString();
},
}),
event = stripe.webhooks.constructEvent(req.rawBody, sig, webhookSecret);
I based my code on the stripe example found here: https://github.com/stripe/stripe-node/blob/master/examples/webhook-signing/node-express/express.js我的代码基于此处找到的条带示例: https : //github.com/stripe/stripe-node/blob/master/examples/webhook-signing/node-express/express.js
// Stripe requires the raw body to construct the event
app.post('/webhook', bodyParser.raw({type: 'application/json'}), (req, res) => {
const sig = req.headers['stripe-signature'];
let event;
try {
event = stripe.webhooks.constructEvent(req.body, sig, webhookSecret);
} catch (err) {
// On error, log and return the error message
console.log(`❌ Error message: ${err.message}`);
return res.status(400).send(`Webhook Error: ${err.message}`);
}
// Successfully constructed event
console.log('✅ Success:', event.id);
// Return a response to acknowledge receipt of the event
res.json({received: true});
});
Any help would be appreciated, thanks.任何帮助将不胜感激,谢谢。
2 个解决方案
解决方案1
2 2020-11-06 19:20:33
问题出在我们的一个安装文件中,其中基本上一个空格或一个 \\n 字符被添加到我们的 webhookSecret
解决方案2
0 2021-05-23 10:04:21
I just solved a similar issue, in short, here is how I solved it:我刚刚解决了一个类似的问题,简而言之,我是这样解决的:
// main.js
server.use('*', cors());
-server.use(express.json()); // default on my boilerplate
+server.use(bodyParser.raw({ type: 'application/json' })); // use body-parser instead
server.use(morgan('tiny'));
Then, just make sure you do not rewrite bodyParser.raw({type: 'application/json'}) before handling your webhooks, nor anywhere else in the app.然后,请确保在处理 webhook 之前不要重写bodyParser.raw({type: 'application/json'}) ,也不要在应用程序中的任何其他地方重写。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.