account.application.deauthorized 401 error with 1.2.0

[asecondwill]

I'm trying to test out the account.application.deauthorized event. This has been recently fixed up for the 1.2.0 release so I have made sure I am on that.

I get an error : Completed 401 Unauthorized in 2212ms (ActiveRecord: 0.0ms)

when i unauthorize my application from the stripe control panel

I am registering my events like this:

StripeEvent.configure do |events|

events.subscribe 'account.application.deauthorized', AccountApplicationDeauthorized.new(Rails.logger)

  events.all do |event|
    logger.info "Stripe Event please: #{event}"
  end
end

and my handler looks like this:

class AccountApplicationDeauthorized

  def initialize(logger)
    @logger = logger
  end

  def call(event)
    @logger.info "deauth:#{event.type}:#{event.id}"

    p = Provider.where(:stripe_user_id => event.user_id).first

    if p
      p.access_token = ""
      p.save
    end
  end

end

What am I doing wrong?

Thanks for any guidance,

Will

[asecondwill]

I'm struggling to get this to work. Its probably me.

I get an error:

Stripe::InvalidRequestError: No such event: evt_14COyF2LMLicEPiMz1aFKw1m

even if i modify my instrument method to catch that error too:

def instrument(params)
      begin
        binding.pry
        event = event_retriever.call(params)
        binding.pry
      rescue Stripe::AuthenticationError => e
        binding.pry
        if params[:type] == "account.application.deauthorized"
          event = Stripe::Event.construct_from(params.deep_symbolize_keys)
        else
          raise UnauthorizedError.new(e)
        end
      rescue Stripe::InvalidRequestError => e
        binding.pry
        if params[:type] == "account.application.deauthorized"
          event = Stripe::Event.construct_from(params.deep_symbolize_keys)
        else
          raise UnauthorizedError.new(e)
        end
      rescue Stripe::StripeError => e
        binding.pry
        raise UnauthorizedError.new(e)
      end

      backend.instrument namespace.call(event[:type]), event
    end

None of those rescue blocks get called, we go straight to the rescue in the webhook_controller - set the unauthorized head and thats it.

I'm testing this locally, with a test stripe account, api keys etc and the ultrahook gem.

[rmm5t]

Since you're trying to test account.application.deauthorized, you must be using Stripe Connect. If using Stripe Connect, you need to define your own event_retriever to override the default retriever in stripe_event. Here's an example of what your config might want to look like:

StripeEvent.configure do |events|
  events.subscribe 'account.application.deauthorized', AccountApplicationDeauthorized.new(Rails.logger)

  events.all do |event|
    logger.info "Stripe Event please: #{event}"
  end

  # You need a custom event_retriever to use the correct api_key (aka access_token).
  events.event_retriever = lambda do |params|
    api_key = Account.find_by!(stripe_user_id: params[:user_id]).api_key
    Stripe::Event.retrieve(params[:id], api_key)
  end
end

Now, if it was a real deauthorization, that event_retriever should find the account by the params[:user_id], but it wouldn't be able to find the event when requesting it from Stripe, and the lambda will raise a Stripe::AuthenticationError. That AuthenticationError is rescued and masked by stripe_event so that it can still trigger the account.application.deauthorized event that you're subscribed to.

Does that make sense?

[invisiblefunnel]

Closing. Thanks for helping out @rmm5t. @asecondwill please reopen if this is still an issue.