mirror of
https://github.com/TryGhost/Ghost.git
synced 2025-01-20 22:42:53 -05:00
🐛 Fixed error handling webhooks for unknown member (#14155)
https://github.com/TryGhost/Team/issues/1374 When we receive a web hook to update payment details for a customer which is not associated with a Member, instead of proceeding and erroring we now return early and respond to Stripe with a 200. A test has been added to ensure this
This commit is contained in:
parent
d2081059de
commit
daa39bf4fe
3 changed files with 123 additions and 2 deletions
|
@ -86,7 +86,7 @@
|
||||||
"@tryghost/members-importer": "0.5.1",
|
"@tryghost/members-importer": "0.5.1",
|
||||||
"@tryghost/members-offers": "0.10.7",
|
"@tryghost/members-offers": "0.10.7",
|
||||||
"@tryghost/members-ssr": "1.0.20",
|
"@tryghost/members-ssr": "1.0.20",
|
||||||
"@tryghost/members-stripe-service": "0.8.1",
|
"@tryghost/members-stripe-service": "0.8.2",
|
||||||
"@tryghost/metrics": "1.0.5",
|
"@tryghost/metrics": "1.0.5",
|
||||||
"@tryghost/minifier": "0.1.10",
|
"@tryghost/minifier": "0.1.10",
|
||||||
"@tryghost/mw-error-handler": "0.1.2",
|
"@tryghost/mw-error-handler": "0.1.2",
|
||||||
|
|
|
@ -162,6 +162,109 @@ describe('Members API', function () {
|
||||||
to: 'checkout-webhook-test@email.com'
|
to: 'checkout-webhook-test@email.com'
|
||||||
});
|
});
|
||||||
});
|
});
|
||||||
|
|
||||||
|
it('Does not 500 if the member is unknown', async function () {
|
||||||
|
const setupIntent = {
|
||||||
|
id: 'setup_intent_456',
|
||||||
|
payment_method: 'card_456',
|
||||||
|
metadata: {
|
||||||
|
customer_id: 'cus_456',
|
||||||
|
subscription_id: 'sub_456'
|
||||||
|
}
|
||||||
|
};
|
||||||
|
|
||||||
|
const paymentMethod = {
|
||||||
|
id: 'card_456'
|
||||||
|
};
|
||||||
|
|
||||||
|
const webhookPayload = JSON.stringify({
|
||||||
|
type: 'checkout.session.completed',
|
||||||
|
data: {
|
||||||
|
object: {
|
||||||
|
mode: 'setup',
|
||||||
|
customer: 'cus_456',
|
||||||
|
setup_intent: 'setup_intent_456'
|
||||||
|
}
|
||||||
|
}
|
||||||
|
});
|
||||||
|
|
||||||
|
const webhookSignature = stripe.webhooks.generateTestHeaderString({
|
||||||
|
payload: webhookPayload,
|
||||||
|
secret: process.env.WEBHOOK_SECRET
|
||||||
|
});
|
||||||
|
|
||||||
|
const subscription = {
|
||||||
|
id: 'sub_456',
|
||||||
|
customer: 'cus_456',
|
||||||
|
status: 'active',
|
||||||
|
items: {
|
||||||
|
type: 'list',
|
||||||
|
data: [{
|
||||||
|
id: 'item_456',
|
||||||
|
price: {
|
||||||
|
id: 'price_456',
|
||||||
|
product: 'product_456',
|
||||||
|
active: true,
|
||||||
|
nickname: 'Monthly',
|
||||||
|
currency: 'USD',
|
||||||
|
recurring: {
|
||||||
|
interval: 'month'
|
||||||
|
},
|
||||||
|
unit_amount: 500,
|
||||||
|
type: 'recurring'
|
||||||
|
}
|
||||||
|
}]
|
||||||
|
},
|
||||||
|
start_date: Date.now() / 1000,
|
||||||
|
current_period_end: Date.now() / 1000 + (60 * 60 * 24 * 31),
|
||||||
|
cancel_at_period_end: false
|
||||||
|
};
|
||||||
|
|
||||||
|
nock('https://api.stripe.com')
|
||||||
|
.persist()
|
||||||
|
.get(/v1\/.*/)
|
||||||
|
.reply((uri, body) => {
|
||||||
|
const [match, resource, id] = uri.match(/\/?v1\/(\w+)\/?(\w+)/) || [null];
|
||||||
|
|
||||||
|
if (!match) {
|
||||||
|
return [500];
|
||||||
|
}
|
||||||
|
|
||||||
|
if (resource === 'setup_intents') {
|
||||||
|
return [200, setupIntent];
|
||||||
|
}
|
||||||
|
|
||||||
|
if (resource === 'subscriptions') {
|
||||||
|
return [200, subscription];
|
||||||
|
}
|
||||||
|
});
|
||||||
|
|
||||||
|
nock('https://api.stripe.com')
|
||||||
|
.persist()
|
||||||
|
.post(/v1\/.*/)
|
||||||
|
.reply((uri, body) => {
|
||||||
|
const [match, resource, id, action] = uri.match(/\/?v1\/(\w+)(?:\/?(\w+)){0,2}/) || [null];
|
||||||
|
|
||||||
|
if (!match) {
|
||||||
|
return [500];
|
||||||
|
}
|
||||||
|
|
||||||
|
if (resource === 'payment_methods') {
|
||||||
|
return [200, paymentMethod];
|
||||||
|
}
|
||||||
|
|
||||||
|
if (resource === 'subscriptions') {
|
||||||
|
return [200, subscription];
|
||||||
|
}
|
||||||
|
|
||||||
|
return [500];
|
||||||
|
});
|
||||||
|
|
||||||
|
await membersAgent.post('/webhooks/stripe/')
|
||||||
|
.body(webhookPayload)
|
||||||
|
.header('stripe-signature', webhookSignature)
|
||||||
|
.expectStatus(200);
|
||||||
|
});
|
||||||
});
|
});
|
||||||
});
|
});
|
||||||
});
|
});
|
||||||
|
|
20
yarn.lock
20
yarn.lock
|
@ -1958,6 +1958,14 @@
|
||||||
lodash "^4.17.21"
|
lodash "^4.17.21"
|
||||||
uuid "^8.3.2"
|
uuid "^8.3.2"
|
||||||
|
|
||||||
|
"@tryghost/errors@1.2.2":
|
||||||
|
version "1.2.2"
|
||||||
|
resolved "https://registry.yarnpkg.com/@tryghost/errors/-/errors-1.2.2.tgz#643009ba20770279577fe2778cdf1f816ad13e90"
|
||||||
|
integrity sha512-81PnsWWayCLQgeBYpslyrMRmSIuflarxxR4tz7ZOIuptybAiKaD3S4GhTZLAXUOi38S62wJBoS/qTzRF6sIzng==
|
||||||
|
dependencies:
|
||||||
|
lodash "^4.17.21"
|
||||||
|
uuid "^8.3.2"
|
||||||
|
|
||||||
"@tryghost/errors@^0.2.10", "@tryghost/errors@^0.2.11", "@tryghost/errors@^0.2.14":
|
"@tryghost/errors@^0.2.10", "@tryghost/errors@^0.2.11", "@tryghost/errors@^0.2.14":
|
||||||
version "0.2.17"
|
version "0.2.17"
|
||||||
resolved "https://registry.yarnpkg.com/@tryghost/errors/-/errors-0.2.17.tgz#9b89f3845256ace5650593f41cc86d64965b56ed"
|
resolved "https://registry.yarnpkg.com/@tryghost/errors/-/errors-0.2.17.tgz#9b89f3845256ace5650593f41cc86d64965b56ed"
|
||||||
|
@ -2243,7 +2251,17 @@
|
||||||
jsonwebtoken "^8.5.1"
|
jsonwebtoken "^8.5.1"
|
||||||
lodash "^4.17.11"
|
lodash "^4.17.11"
|
||||||
|
|
||||||
"@tryghost/members-stripe-service@0.8.1", "@tryghost/members-stripe-service@^0.8.1":
|
"@tryghost/members-stripe-service@0.8.2":
|
||||||
|
version "0.8.2"
|
||||||
|
resolved "https://registry.yarnpkg.com/@tryghost/members-stripe-service/-/members-stripe-service-0.8.2.tgz#9a59b6ba95e523750d1989e14f5d6e5f354938bb"
|
||||||
|
integrity sha512-Tnkqaqqk5wWwDxcknZ+lqRNmbMwu8GbwzV4bFblymBdV/lOy87CMFMhw324pVSDagTLx/cWqoDkkfoF1aM93dw==
|
||||||
|
dependencies:
|
||||||
|
"@tryghost/debug" "^0.1.4"
|
||||||
|
"@tryghost/errors" "1.2.2"
|
||||||
|
leaky-bucket "^2.2.0"
|
||||||
|
stripe "^8.174.0"
|
||||||
|
|
||||||
|
"@tryghost/members-stripe-service@^0.8.1":
|
||||||
version "0.8.1"
|
version "0.8.1"
|
||||||
resolved "https://registry.yarnpkg.com/@tryghost/members-stripe-service/-/members-stripe-service-0.8.1.tgz#5af1be427a524ca5d016205117c1322914c0fbbf"
|
resolved "https://registry.yarnpkg.com/@tryghost/members-stripe-service/-/members-stripe-service-0.8.1.tgz#5af1be427a524ca5d016205117c1322914c0fbbf"
|
||||||
integrity sha512-GFjm/GjtCsn3M1nhAB4p+0zoJZFw3Ca+djtp3pGqvJSiN2muPaa4N5aZsqf51QTDgAv+5TTkGIBf4HGVUQsY/w==
|
integrity sha512-GFjm/GjtCsn3M1nhAB4p+0zoJZFw3Ca+djtp3pGqvJSiN2muPaa4N5aZsqf51QTDgAv+5TTkGIBf4HGVUQsY/w==
|
||||||
|
|
Loading…
Add table
Reference in a new issue