When deployed to Netlify (I would assume any Lambda-based implementation will have the same issue) Stripe webhook events
fail and report:
No signatures found matching the expected signature for payload
I solved this by updating the handleStripeWebhooks function to check the NODE_ENV value and if it's set to production to use event.rawBody rather than event.body. The local dev server will fail if it's passed the rawBody.
Here is my revised function that solves the issue:
export const handleStripeWebhooks = (event, context, webhooksObj) => {
let stripeEvent
let body = process.env.NODE_ENV === 'production' ? event.rawBody : event.body
try {
const sig = event.headers['stripe-signature']
stripeEvent = stripe.webhooks.constructEvent(
body,
sig,
process.env.STRIPE_WEBHOOK_KEY
)
let results = null
if (typeof webhooksObj[stripeEvent.type] !== 'undefined') {
results = webhooksObj[stripeEvent.type](event, context)
}
return results
https://github.com/redwoodjs/example-store-stripe/issues/214 This issue came up in May and was missed.