How do I send my stripe webhook to my Heroku app? - javascript

I've integrated Stripe into my javascript app which works fine in my test environment using ngrok but once I switch to prod, my app is timing out as users attempt to leave the Stripe checkout screen.
The Stripe webhook kicks error Timed out connecting to remote host and I think it's because I have the wrong endpoint.
Testing endpoint
https://6752-136-62-45-90.ngrok.io/users/stripe/webhook
Live endpoint
https://myapp.com/users/stripe/webhook
Everything else in the integration appears to work -- the customer is still created and the billing goes through but I need the endpoint code to run because it builds some critical infrastructure in the user profile.
I also have SSL encryption setup and DNS target on my Heroku application so I'm wondering if I should be using the DNS target or the Heroku app name for the endpoint instead of my domain.
My question
I can't really find any documentation on this but how do I configure my Stripe endpoint with my Heroku-hosted app?

You can test by setting the Heroku app name directly to check if it works to narrow down the issue. If it still doesn't, then most likely it's due to network issue.
Timed out connecting to remote host usually means that the server is not responding. This is likely due to network configuration such as firewall blocking the Stripe IP addresses. I'd recommend checking your network configuration and ensure that Stripe domains/IP addresses are in the allowed list: https://stripe.com/docs/ips

Related

How do I allow Stripe IP addresses in Heroku?

I've integrated Stripe into my javascript app which works fine in my test environment using ngrok but once I switch to prod, my app is timing out as users attempt to leave the Stripe checkout screen.
The API calls going from my app to stripe work so customer is created and billing is setup. However, the Stripe webhook going from stripe back to my app on Heroku kicks error Timed out connecting to remote host.
This leads me to believe it's some sort of networking issue and not the code... a couple people have suggested updating my allowed domains like the stripe docs suggest but I can't figure out how to do that in Heroku?
For context...
Test environment webhook endpoint
https://6752-136-62-45-90.ngrok.io/users/stripe/webhook
Live endpoint
https://myapp.com/users/stripe/webhook
Am I on the right path and how do I configure Heroku to accept webhook post requests from Stripe?

Apollo Explorer Failed to load resource: net::ERR_CERT_AUTHORITY_INVALID

I am running an Apollo Server with express to create an http server:
const express = require("express");
const cors = require('cors');
const app = express();
const server = new ApolloServer({ ... });
server.applyMiddleware({ app });
// enable pre-flight for cors requests
app.options('*', cors());
// Create the HTTP server
let httpServer = http.createServer(app);
httpServer.listen({ port: config.port });
Locally I can run the server and query it on Apollo Explorer without any issues.
However, when I deploy this server on dev environment, and try to access the Explorer page with the dev endpoint, I get a few errors.
The app.options() line with cors argument somehow seems to have solved part of them but not all.
Errors I am getting (on Dev Tools console):
Failed to load resource: net::ERR_CERT_AUTHORITY_INVALID
POST https://dev.endpoint.service/graphql net::ERR_CERT_AUTHORITY_INVALID
Errors I am getting (as popups on the Explorer page):
Unable to reach server
To diagnose the problem, please run:
npx diagnose-endpoint#1.0.12 --endpoint=https://dev.endpoint.service/graphql
I've tried running the command as instructed in the error and got this result:
Diagnosing https://dev.endpoint.service/graphql
Could not find any problems with the endpoint. Would you please to let us know about this > at explorer-feedback#apollographql.com
Frankly, I'm not even sure I understand the problem.
Am I getting these errors because, even though I launch an http server of Apollo without certificates, I am trying to access it via an https endpoint (which requires certificates)? I have to do this, service is stored in AKS cluster, which is only accessible through the endpoint I am calling. But every service that is already there is also an http service, not https, and is accessible through this same endpoint.
Also, even though these errors are showing up frequently, I am also able to query the server successfully most of the time on Explorer, and the data returned is exactly what I expected, which makes even less sense.
I am using edge browser but also tried chrome, and have the same issues.
How can an error like this be intermittent?
Without any intervention on my part, sometimes it's like this:
Any help, hints, ideas, please.
Thank you so much.
As much as it pains me to admit, it seems the issue is related to the VPN my company is using.
There were a few tells that pointed in this direction, once I started paying attention:
We can't access the endpoint I mentioned without the VPN turned on.
Other services in the AKS behave with the same error, if being called constantly through the same endpoint. I did not think to do that test at first, but when I realized that on Apollo server, the server is constantly doing the introspection thing to check the schema, it means it is being called more often than the other services that do not have this functionality.
We have some monitoring tools, to check the pod statuses and so on, and nothing indicated any problems in this service, or that it needed any kind of pod escalation (due to excessive number of requests).
I actually performed kubectl portforward test linking my localhost directly to the AKS cluster. Calling the service this way bypasses that endpoint which I am, under normal circumstances, forced to use before the request actually reaches the cluster. And I was simultaneously seeing on one window where I was calling the service the normal way showing that error on Apollo Studio, and at the same time on another Apollo Studio window performing the same request with this portforward bypass mechanic, and the latter was working just fine. If it really was a problem with the service, it would be down for both windows.
Other colleagues were testing the service at the same time as me and they were saying the service was working fine for them, until it wasn't. So every developer on my team could be accessing the service at the same time, and the error would just randomly show up for some, but not for others.
There are long periods where the error doesn't occur at all, like during lunch hours, or after work hours, and I assume the VPN traffic will be much lower during those hours.

How to authenticate a ip server in firebase authentication?

I tried using auth in firebase for google sign in. I have done it countless times before only though the preview web server was localhost:3000 and so I would get a error saying
This domain localhost:3000 is not authorized to run this operation. go to -> Auth section -> Sign in method tab.
So i would follow the instructions and enter my authorized preview url as localhost and it would be fine. but this time i'm not using localhost, but i'm using some kind of ip address server and when i try to enter it in firebase it would say "app has to end like a for eg: .com" but my ip server doesn't have a .com or something so firebase doesn't allow it
Also there is nothing wrong with the code i have used it many times before in a localhost 3000 server and it works because firebase auth allows localhost but not ip servers. what should i do?
Authorization is for an entire domain, not for a specific port on that domain. So 127.0.0.1 is a valid authorized domain (and is added by default when you create the project), but 127.0.0.1:5500 is not.

Remotely force kill a shared ngrok session forwarding a React app

I share an ngrok account with my coworkers. We are using it to develop a React application (npx create-react-app). We are all using UNIX-like systems. Quite often I go to spin up an http tunnel and I am met with the message
Your account '*****#*********.com' is limited to 1 simultaneous ngrok client session.
Active ngrok client sessions in region 'us':
- ******************************** (**.***.***.***)
ERR_NGROK_108
Or if I am logged in with my own account, but trying to use the same tunnel, I get
The tunnel 'https://*****.ngrok.io' is already bound to another
tunnel session
ERR_NGROK_334
Both of these messages mean my coworker (who I know for a fact is currently asleep) left their ngrok session running. I would like to execute a simple command that tells their system to kill ngrok processes.
Is there an ngrok CLI command to force kill a session running on another machine?
Based on my research so far, I think the answer is no. But please tell me if I am wrong.
Is there a safe way to remotely execute a system command to kill ngrok sessions?
I found a beautiful solution that some Rails developers came up with to remotely kill ngrok sessions in a Rails API.
Their strategy is to include an API endpoint (only in development mode) that executes the system command killall ngrok to kill all ngrok processes on that system.
Is there a way to remotely execute system commands with our client-side rendered React application?
My gut tells me no, at least not without spinning up a server to receive the kill request.
My thought is, maybe I can create a proxy server for my React application using Node and Express. That server can do exactly two things: act as a proxy to the React app, and kill ngrok when it receives a specific request. In the past I have built a proxy server in the same git repository as my React app, so I think this solution is attainable.
How would you recommend I move forward?
So far I have not been able to find an example of this online. I would hate to waste my time building a low quality version of something that already exists.
I see there is an ngrok npm package... maybe that could be useful.
Any thoughts on best practices when configuring/coding the proxy server are much appreciated.
Or if you think I am overcomplicating things, let me know.
Thanks!
Ngrok now has a beta API (for paid plans only I believe?) that can remotely stop agents. Their dashboard now also offers the same functionality, even if you are not part of the beta.

How to share a link to a firebase development environment when using firebase emulators?

In my development local environment, I'm using Firebase emulators for Hosting, Firestore and Functions.
I'm used to share a link with other people during development by using ngrok. I also use it to test on mobile devices during development.
This is the script:
"share": "ngrok http 80 -host-header=\"dev.myproject.com:80\"",
It works fine as far as redirecting to my dev domain host, which is dev.myproject.com.
But the emulators services become unavailable when you are accessing this link through a different device, i.e: a different PC or a mobile device.
Obviously, the firebase package is looking for those localhost emulators, which are only running in my local environment.
What is the workaround in this case? How to share a dev environment with other people / other devices when using firebase emulators? Is there an easy to do this?
Do I have to create an extra Firebase project to deploy the test version and its data and files? How do people usually handle this?
We are currently trying to do this using ngrok as well.
We are barely testing if it works, and so far it is doing so. So I'll share our work around with you.
What we do is
Start emulator firebase emulators:start (--import seedData if using )
Expose your server to the internet using ngrok by first starting it with ./ngrok http http://localhost:5001 (check your firebase.json in order to see what port your emulators.functions are exposed, in my case was port 5001)
This will output two URLs, with the following format https://[TWILIOADRESS].ngrok.io
In order to be able to invoke the implemented https function via its unique URL, append this to the provided ngrok URL: [project-id]/[project-implemented-region]]/[cloud-function-name]
You will end up with an URL that looks like this:
https://92003e41ecb0.ngrok.io/my-project-id/us-central1/cloudFunctionToExecute
Now you can make a request (from postman, in my case) to the exposed function emulator using this URL
If everything went alright, you should see some logs on the terminal where the emulators are running that tell you the function was executed, such as:
functions: Beginning execution of "us-central1-cloudFunctionToExecute
You can also check status and metrics information about connections made over your tunnel from the UI terminal provided when you start ngrok. ngrok provides a real-time web UI where you can introspect all of the HTTP traffic running over your tunnels. After you've started ngrok, just open http://localhost:4040 in a web browser to inspect request details

Categories

Resources