'Stripe Construct Event: No signatures found matching the expected signature for payload. Javascript, Express

I get an error whenever I try to construct the stripe webhook event:

No signatures found matching the expected signature for payload. Are you passing the raw request body you received from Stripe? https://github.com/stripe/stripe-node#webhook-signing

Cannot figure out how to solve this, already lot of json parsing methods but no one worked.

Here's my code:

app.post('/webhooks', express.raw({ type: 'application/json' }), (req, res) => {
    const signature = req.headers['stripe-signature'];
    console.log(signature);
    const endpointSecret = process.env.STRIPE_WEBHOOK_SECRET;

    let event;

    try {
        event = stripe.webhooks.constructEvent(req.body, signature, endpointSecret);
    } catch (err) {
        res.status(400).send(`Webhook Error: ${err.message}`);
        console.log(`Webhook Error: ${err.message}`);
        return;
    }

    switch (event.type) {
        case 'payment_intent.succeeded':
            const paymentIntent = event.data.object;
            console.log(paymentIntent);
            break;
        case 'payment_intent.payment_failed':
            console.log('Payment Failed');
    }

    res.status(200);

});

and these are my express uses:

app.use((req, res, next) => {
    if (req.originalUrl === '/webhook') {
        next();
    } else {
        express.json()(req, res, next);
    }
});
app.use(express.urlencoded({ extended: false }));
javascriptnode.jsexpressstripe-payments


Solution 1:[1]

The issue here is almost always not using the RAW BODY in the constructEvent. Stripe doesn't encode the "signature" in the JSON; they use "steganography" to encode the matching signature in the non-coding part of the JSON payload: extra spaces, line breaks, and other characters that are ignored by a JSON parser. The resulting payload can be parseed as JSON for the webhook object, but the "signature" part needs the raw body before any parser has removed the non-coding steganography.

specifically:

event = stripe.webhooks.constructEvent(req.rawbody, signature, endpointSecret)

Sources

This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.

Source: Stack Overflow

Solution Source
Solution 1 LeadDreamer

Related Questions

React Router with optional path parameter

How to dynamically update google recaptcha sitekey?

How to dynamically update google recaptcha sitekey?

Remove duplicate in a string - javascript

Remove duplicate in a string - javascript

Searching a string for missing letters of the alphabet in javascript

Searching a string for missing letters of the alphabet in javascript

Searching a string for missing letters of the alphabet in javascript

Find an element in DOM based on an attribute value

Redirecting html page with javascript

Find an element in DOM based on an attribute value

Find an element in DOM based on an attribute value

Redirecting html page with javascript

How to find x and y coordinates of a button while using keyboard navigation?

How to find x and y coordinates of a button while using keyboard navigation?