Stripe - Unable to set up 2 webhook endpoints: 'Account' and 'Connect' (wappler limitation?)

Wappler General
1

I have a very frustrating Wappler limitation(?) - perhaps I’m doing it wrong…

For our Stripe integration we need to be able to deal with webhooks from connected accounts and from direct account.

That means creating 2 webhook endpoints, for example:
webhooks/stripe/connect
webhooks/stripe

image
image1007×163 17.7 KB

However, currently in Wappler you can only set up 1 webhook endpoint secret and there’s only 1 folder. This means I am currently using the endpoint webhooks/stripe for both types of webhooks:

image
image1491×278 23.2 KB

This doesn’t work because the endpoint secret (whsec_...) is different per webhook. (Throws the error Webhook Error: No signatures found matching the expected signature for payload. Are you passing the raw request body you received from Stripe? https://github.com/stripe/stripe-node#webhook-signing

So either I can process direct or connect webhook events.

To process both in Wappler we need:

  1. A way to set up 2 webhook endpoint secrets
    image
  2. Another folder for the ‘connected’ webhooks
    image
    image673×864 32.9 KB

Link to documentation: https://stripe.com/docs/connect/webhooks

PS Just confirming that this is their intended way of handling webhooks (from the Stripe developer Discord):
image

Is there any way around tihs? Or else - can this be added to Wappler’s stripe integration?

2

@patrick I’m tagging you because I feel like you’re usually responsible for these things.

I created an extension that seems to work for now (I hope in the way you guys are intending to treat webhook extensions).

Can you please tell me if this is a good reliable solution, that will keep working with future Wappler updates?

What I’ve done:

  1. Made a folder in
    app/webhooks/stripe_connect

  2. Made a file in /lib/webhooks/ called stripe_connect.js
    This file contains:

const webhook = require('../core/webhook');
const config = require('../setup/config');
const fs = require('fs-extra')

if (fs.existsSync('app/webhooks/stripe_connect')) {
    const stripe = require('stripe')(config.stripe.secretKey);
    const endpointSecret = "whsec_CONNECTENDPOINT";

    exports.handler = webhook.createHandler('stripe_connect', (req, res, next) => {
        const sig = req.headers['stripe-signature'];

        try {
            stripe.webhooks.constructEvent(req.rawBody, sig, endpointSecret);
        } catch (err) {
            res.status(400).send(`Webhook Error: ${err.message}`);
            return false;
        }

        // return the action name to execute
        return req.body.type;
    });
}

I changed line 5: app/webhooks/stripeapp/webhooks/stripe_connect
I changed line 7: added my endpointSecret for my connect webhook

  1. This works. Luckily I can still right click and add stripe actions in Wappler. But I’m not sure what caused this.

    2022.04.06 14.00 - 4155 - Africanwildcat

1 Like
3

Bump. It sure would be great if the Wappler Stripe integration supported the 2 required webhook secrets (1 for typical accounts, and the other for Connected accounts.)

1 Like
4

To extend @karh 's solution, you can store the endpointSecret in an environment variable so they can differ on your targets.

Setup an environment variable like all others (add to globals then add values to each target)

And modify the above to this:

const endpointSecret = process.env.STRIPE_WEBHOOK_CONNECT_SECRET
1 Like