Closed nfm closed 6 years ago
Actually, it looks like you can only hit this exception if you've configured StripeEvent.signing_secret
.
Curiously, Ruby only raises NameError: uninitialized constant Stripe::SignatureVerificationError
if the rescue
block is hit at runtime. So the root problem is actually that Stripe::Webhook
is undefined.
ie.
# This method is safe to call and returns `true`, even though Totally::Not::Defined::Error isn't defined
def some_method
true
rescue Totally::Not::Defined::Error
end
# This method will raise `NameError: uninitialized constant Totally`
def another_method
raise
rescue Totally::Not::Defined::Error
end
Weird!
Just ran into this, it looks like stripe_event 1.8.0 through 1.9.1 assumes
Stripe::SignatureVerificationError
is defined...However, for older versions of the stripe gem (< 2.8.0), this class is undefined.
True.
This looks like it's been fixed in stripe_event 2.0.0
True. I only realized this discrepancy when making the changes to move towards the v2.0.0 release. I ignored any further v1.9 changes because no one had run into this issue before.
Actually, it looks like you can only hit this exception if you've configured StripeEvent.signing_secret.
Also true.
Curiously, Ruby only raises NameError: uninitialized constant Stripe::SignatureVerificationError if the rescue block is hit at runtime.
Likely true. I believe this is because that constant isn't necessary until that rescue block is hit.
I'm not sure if it's worth cutting a 1.9.2 release with a bumped stripe minimum dependency version.
I'm willing to cut a new 1.9.2 release (and create a new 1-9-stable
branch). Would this help you specifically, or are you just noting a potential issue for others?
Thanks @rmm5t.
Would this help you specifically, or are you just noting a potential issue for others?
We're stuck on stripe_event 1.9.1 for now due to another gem being incompatible with 2.x, but we were able to update stripe to > 2.8.0, so this isn't affecting us directly any more.
I'm mostly just documenting my finding in the hope that it'll save someone else some time!
I concede that this a bug with older versions of the gem, but I'm going to close this out with no action. If someone has a specific perfect storm environment that cannot get their dependencies in an optimal state, I'd be happy to revisit. Please chime in here again to request that this issue be re-opened.
@nfm Thanks for reporting and documenting this.
Hi, I am maintaining an app which is stuck with older versions of both gems and ran into this problem. Is there a way to get it working?
Just ran into this, it looks like stripe_event 1.8.0 through 1.9.1 assumes
Stripe::SignatureVerificationError
is defined inapp/controllers/stripe_event/webhook_controller.rb
. However, for older versions of the stripe gem (< 2.8.0), this class is undefined.This looks like it's been fixed in stripe_event 2.0.0 by https://github.com/integrallis/stripe_event/commit/7ba4aac84bce3cac8254d7a80aabfa4cedd361f5#diff-e9a787c387d464835a5c543f3a5d9dc8 where the minimum stripe version is set to >= 2.8.0.
I'm not sure if it's worth cutting a 1.9.2 release with a bumped stripe minimum dependency version. We were stuck on a quite old version of stripe for a while because stripe-ruby-mock fell behind and are only updating now, but stripe 2.8.0 has been out for almost a year now. If this is wontfix feel free to close, but I figured I'd open it anyway so that if anyone else runs into this, there'll be a search result in the issue list.
Thanks for your work on this gem :heart: