Stripe 与 django 的 webhook 说: stripe.error.SignatureVerificationError
Yac*_*izi 7 django webhooks stripe-payments
我使用与条纹教程中相同的代码:
def webhook(request):
payload = request.body
sig_header = request.META['HTTP_STRIPE_SIGNATURE']
event = None
try:
event = stripe.Webhook.construct_event(
payload, sig_header, endpoint_secret
)
except ValueError as e:
raise(e)
return HttpResponse(status=400)
except stripe.error.SignatureVerificationError as e:
raise(e)
return HttpResponse(status=400)
# ...
但是当我尝试使用 stripe CLI ( ) 测试 webhook 时,stripe trigger payment_intent.created出现以下错误:
Internal Server Error: /payment/webhook/
Traceback (most recent call last):
File "/home/rouizi/django-ecommerce/venv/lib/python3.6/site-packages/django/core/handlers/exception.py", line 34, in inner
response = get_response(request)
File "/home/rouizi/django-ecommerce/venv/lib/python3.6/site-packages/django/core/handlers/base.py", line 115, in _get_response
response = self.process_exception_by_middleware(e, request)
File "/home/rouizi/django-ecommerce/venv/lib/python3.6/site-packages/django/core/handlers/base.py", line 113, in _get_response
response = wrapped_callback(request, *callback_args, **callback_kwargs)
File "/home/rouizi/django-ecommerce/venv/lib/python3.6/site-packages/django/views/decorators/http.py", line 40, in inner
return func(request, *args, **kwargs)
File "/home/rouizi/django-ecommerce/venv/lib/python3.6/site-packages/django/views/decorators/csrf.py", line 54, in wrapped_view
return view_func(*args, **kwargs)
File "/home/rouizi/django-ecommerce/payment/views.py", line 99, in webhook
raise(e)
File "/home/rouizi/django-ecommerce/payment/views.py", line 88, in webhook
payload, sig_header, endpoint_secret
File "/home/rouizi/django-ecommerce/venv/lib/python3.6/site-packages/stripe/webhook.py", line 23, in construct_event
WebhookSignature.verify_header(payload, sig_header, secret, tolerance)
File "/home/rouizi/django-ecommerce/venv/lib/python3.6/site-packages/stripe/webhook.py", line 78, in verify_header
payload,
stripe.error.SignatureVerificationError: No signatures found matching the expected signature for payload
我尝试像这样解码有效负载:
payload = request.body.decode('utf-8')
但我仍然有同样的错误。
有什么想法错误可能来自哪里吗?
对我来说,这个问题是通过解码解决的request.data。
payload = request.body.decode('utf-8')
我刚刚决定将其记为单独的答案,也许有人在问题描述中错过了这一行。
It turns out, that when creating webhook in test mode it gives you webhook secret same as for the CLI.
You need to use this secret as webhook secret as stated in other comments.
- 谢谢,我实际上使用了 webhook id 而不是秘密。 (2认同)
重要的是,您将原始请求正文传递到construct_event堆栈中,并且没有任何内容对其进行解析或修改。
与您引用的示例的一个重要区别是如何访问标题和正文。您也没有显示您endpoint_secret来自哪里。您是否检查过以确保所有输入都符合您的预期?
如果有,请尝试使用记录的步骤手动重新创建签名。
- 我找到了问题的根源。为了测试我的 webhook,我在使用 stripe CLI 时使用了开发人员仪表板中 webhook 设置中的端点机密,而不是使用运行“stripe Listen”时打印的端点机密。我花了几个小时试图找出问题出在哪里。我不知道这是否只发生在我身上,但我在文档中认为他们应该提请注意这一点而不是发表评论。感谢您的帮助 (3认同)
| 归档时间: |
|
| 查看次数: |
4082 次 |
| 最近记录: |