I've tested my webhooks locally, using the CLI, and they work fine. However, when I took the webhooks live and deployed them to Heroku, and went into "live" mode on Stripe (which I assume is necessary to be able to use live webhooks), Stripe just doesn't fire events at all, they don't appear in the dashboard, webhook endpoint doesn't get any requests, nothing; for example, no account.updated when a I try to create a Connected account, or no checkout.session.complete when I try to complete a Checkout purchase. Is there a step I've perhaps missed when taking my webhooks online?
I ran into this issue myself- a few ideas:
Make sure you are configured correctly in the dashboard, eg. only flip the "Test Mode" switch if you are looking at test data
Make sure you have the endpoints set up for both live and testing. You have to add them each time
Double-check that you're using the correct signing secret. The signing secret will be differnt for live, production testing, and local testing, even if you're using the same endpoint.
For example:
[Production] Live - Endpoint = https://www.example.com/webhooks. Signing secret = xyz
[Production] Testing - Endpoint = https://www.example.com/webhooks. Signing secret = abc
[Local] Testing - Endpoint = localhost:5000/webhooks. Signing secret = efg
Related
I'm completely new to slack development and I might sound crazy here.
This is what I have noticed. Whenever I use my incoming webhook URL to test messages using postman, it works fine. BUT, when I use it in my app and push the code in github (so it deploys to heroku), the incoming webhook gets removed. Is this something expected and that I missed reading in the documentation?
Ok, got answer to this. Basically, got an email from slack explaining the reason.
We recently discovered a publicly accessible incoming webhook associated with the Journey Alert Bot app installed on your sync.slack.com workspace. This can happen when someone who created or has access to a webhook URL posts it on a public site, such as Github or other code-sharing forums. None of your data is at risk — webhooks can only send messages into Slack and cannot access any data.
I have a Slack bot that is working fine and interacting with users. I'm using Bot Framework composer and the Slack Adapter.
In the Slack API portal I'm trying to change the Events Request Url the app uses to send Slack Events to my bot.
When I do that, slack sends a challenge request to my bot. The bot first tries to verify that the request is really coming from Slack following: https://api.slack.com/authentication/verifying-requests-from-slack#a_recipe_for_security
The problem is that this is failing and I can't understand why.
I see that Slack is sending all the right content, and that the ClientSigningSecret is being read, otherwise the other calls to the bot wouldn't work.
I know it's a bit far fetched to ask this since it seems to be a problem on my side. But since the bot is validating the requests just fine when users talk to the bot, and the code is from the Slack Adapter which is open source and there's nothing else I can thing of..... maybe someone struggled with the same problem.
I created a support ticket to Slack and they came back pretty quickly.
Pre publish state
Before publishing a Slack app the only configs that exist are the ones you see in the App configuration page. Those are what you use to test your app, this includes the secrets to authenticate the incoming messages from Slack into your backend.
After you publish your Slack App for the first time
Once your app is published, the production version that your users use will see the original settings, including the secrets and these are the ones your backend will get.
The settings you see in the configuration page are like development mode and they won't be persisted into the published app until you request Slack to approve your changes. That's sounds great and is what one would expect, but what you don't see and have no way of imagining is happening is that there are some development time secrets that are different from the ones you see on the settings screen.
When you change the endpoint url to be sent to your backend so that it can return the challenge and Slack would accept the new url, the message payload goes with this development secret and not the one you configured your backend with. Thus your backend will reject the call since it thinks it's not coming from Slack.
Proposed solution from Slack
Don't validate the signature of the incoming request for this type of call in an already published app. I don't like it but there was no other workaround unless Slack changes this. So what I did was:
Remove that check only for this request from the backend and publish to production.
Make the url change in Slack.
Revert the change from the backend.
:(
i have a custom google home action implemented as described in the documentation (Oauth2 setup, sync, execute, etc... setup) and all works as expected on my Google home app and my google home physical devices.
Now, every now and then i need to reconnect the app in the Google Home App because it seems the app cannot reach my devices after some time. I checked my Oauth server if the refresh tokens are working ok and they do. Also my access token expires after 20 minutes and me reconnecting to the app should be done after some hours so the refreshing works in my opinion.
Now, are there any restrictions in using the TEST of the google home action?
The case i wrote is specific for personal use (intergration with personal server and domotica system) so i am actually not planning on releasing it, I just want to use it for myself. Is this allowed? Can i just leave my action in 'test' forever for such purposes?
EDIT: 18/05/2022: custom actions still working flawlessly after 6 months in test :-)
EDIT: 02/02/2023: custom actions still working flawlessly in test :-)
Additional question:
If i have to submit the app for release, i cannot meet the expectation in implementing state report as i have no control over the usage of buttons pressed at my home domotica. Is State Reporting also accepted when i report the state of my devices over time (let's say, every hour?)
tnx
EDIT:
So it seems there is something wrong with my refreshing of the tokens but i don't know what. When i try through postman, all works as expected, in stackdriver logs i see this :
jsonPayload: {
#type: "type.googleapis.com/google.identity.accountlinking.type.AccountLinkingError"
errorReason: "Failed to get response from 3P. 3P returned malformed response like invalid response code or un-inflatble body."
request: {
body: "grant_type=refresh_token&refresh_token=REDACTED_VALUE&client_id=qbusauth&client_secret=REDACTED_VALUE"
method: "POST"
uri: "https://******.azurewebsites.net/token"
}
sessionId: -1039956344
step: "REFRESH_ACCESS_TOKEN"
If you don't plan to submit your Action for release, you'll just need to occasionally re-enable device testing through the console.
To minimize the number of query intents to your fulfillment, you should implement Report State and proactively send device states to update HomeGraph. You would have to implement this if you decide to release your Action.
I am trying to develop a simple bot that is supposed to answer incoming call made in personal chat with bot. The bot is employing application hosted media to play or get access to media streams. I am making use of classes and controllers that are implemented in Huebot sample project at Github. The bot is registered on MS Azure and i am using ngrok for local testing and debugging. While debugging after making the call, breakpoints are hit that are placed in 'CallsOnIncoming' or 'CallsOnUpdated' event handlers. So my bot configurations over Azure and in MS Teams seem to be correct. For setting up media platform, I have installed the wildcard SSL certificated issued by Let's Encrypt and CName records are created for corresponding tcp URLs exposed by ngrok. The environment is multi-tenant i.e. bot registration is done on another tenant, while bot is installed and tested in MS Teams on another tenant.
These are Media platform settings:
MediaPlatformInstanceSettings = new MediaPlatformInstanceSettings()
{
CertificateThumbprint = "0B687..................",
InstanceInternalPort = 8445,
InstancePublicPort = 15410,
InstancePublicIPAddress = new IPAddress(0x0),
ServiceFqdn = "4.mycustomdomain.com",
},
Here's the snapshot for ngrok:
The problem is, when call is made to the bot, after 5 to 10 seconds call is terminated automatically. Whereas he Call status should turn to 'Established' and the call shouldn't end until user does this.Please guide, what could be wrong.
The call is terminating because Teams can't connect to your media endpoint of the InstancePublicIPAddress / InstancePublicPort. It timesout (i believe in 15 seconds) and terminates the call when it can't get a media connection.
You need to put the IP address of 4.tcp.ngrok.io from your running ngrok settings above into it.
e.g.
InstancePublicIPAddress = Dns.GetHostEntry("4.tcp.ngrok.io").AddressList[0]
You may want to put error checking around the GetHostEntry call in production code.
1. Goal
I want to use parse.com to receive Trello webhook.
1a. Why?: Because I want to monitor my trello model and receive say a push notification on my android device and do neat things from the push notficiation (I'm an Android Dev)
2. What I've tried
2a. Setup on parse.com
I've created an app on parse.com
Obtained the keys (REST keys for the REST api)
Checked the above endpoint with Postman, works perfectly.
2b. Setup on trello.com
I've obtained an api appkey and secret; with full write on all boards, never expires
Tested the above with Postman, works perfectly fine.
PROBLEM: Posted to the following using Postman (of course with proper details for key, token, model, etc.
Request=
$.post("https://trello.com/1/tokens/[USER_TOKEN]/webhooks/?key=[APPLICATION_KEY]", {
description: "My first webhook",
callbackURL: "https://api.parse.com/1/functions/webhookReceiverTrello",
idModel: "4d5ea62fd76aa1136000000c",
});
Response Try=
URL (https://api.parse.com/1/functions/webhookReceiverTrello) did not return 200 status code, got 401
3. What is the problem?
Parse.com expects auth keys, etc as header. AFAIK Trello can NOT DO that.
How do I get a trello webhook to call a parse.com cloud function ?
Use a proxy (a simple web app will do)
This is how I did it:
Receive the webhook on a simple web app and make the necessary post call to parse.com
I used heroku for hosting
I used MeteorJS for the web app
Note: An issue you could encounter:
Trello.com sends calls to webhooks in proper order i.e. a card was created, the same card was updated, etc.
When you receive the webhook and make (proper) post calls, they will be received out of order at parse.com i.e. a card was updated and then it was created. This is just due to the way internet works, if you need an explanation, it's another SO question. ;)
This took me a while to figure out; mentioning so that you don't also spend your time with this.
A Fix: I don't know a simple/efficient way to fix this. Please let me know if you do. One possible solution is to queue all POST calls i.e. make POST call 1 and when a successful callback is gotten do the next one. Trello.com seems to do this in a more quicker fashion, it doesn't seem like they wait for a callback given how quick successive calls are received.