LatticeStripe.Webhook.SignatureVerificationError exception (LatticeStripe v0.2.0)

Copy Markdown View Source

Exception raised when Stripe webhook signature verification fails.

This exception is raised by the bang variants LatticeStripe.Webhook.verify_signature!/3 and LatticeStripe.Webhook.construct_event!/3 when verification fails. The reason field contains a machine-matchable atom describing why verification failed.

Reason Atoms

  • :missing_header — the Stripe-Signature header was absent or empty
  • :invalid_header — the Stripe-Signature header was present but malformed (missing t= or v1=)
  • :no_matching_signature — none of the provided secrets produced a matching HMAC
  • :timestamp_expired — the webhook timestamp is older than the configured tolerance (default 300s)

Example

try do
  LatticeStripe.Webhook.construct_event!(payload, sig_header, secret)
rescue
  e in LatticeStripe.Webhook.SignatureVerificationError ->
    IO.inspect(e.reason)  # :no_matching_signature
end

Summary

Types

t()
verify_error()

Types

t()

@type t() :: %LatticeStripe.Webhook.SignatureVerificationError{
  __exception__: true,
  message: String.t(),
  reason: verify_error()
}

verify_error()

@type verify_error() ::
  :missing_header
  | :invalid_header
  | :no_matching_signature
  | :timestamp_expired