development

Stripe, its docs and its tools are amazing, but today I found a shortcoming: it is not possible to easily send arbitary events to a webhook endpoint while having signature verification enabled.

So, I made this little script to make things easier:

	#!/usr/bin/env bash
	WEBHOOK_DESTINATION="http://localhost:3000/stripe/webhook"
	WEBHOOK_SECRET="whsec_ENTER_YOURS_HERE"

	if [[ ! "$#" -eq 1 ]]; then
	echo "USAGE: $0 /path/to/event.json";
	exit 1;
	fi

	timestamp="$(date +%s)."
	echo -n $timestamp > sign.tmp
	cat $1 >> sign.tmp

	signature="$(cat sign.tmp \| openssl dgst -hmac "$WEBHOOK_SECRET" -sha256)"

	curl "$WEBHOOK_DESTINATION" \
	-H "Stripe-Signature: t=$timestamp,v1=$signature" \
	-H "Content-Type: application/json" \
	--data-binary @"$1"

view raw sign-stripe-webhook-request.sh hosted with ❤ by GitHub

You just need to adjust the webhook URL and secret, then point it to a json file containing the event you wish to send.

Thanks, as always, to a StackOverflow question.