pook/compliancebot

Fork 0

fix: preserve raw body bytes for Stripe webhook signature verification #85

Merged

pook merged 1 commit from fix/webhook-raw-body-preservation into main

2026-04-09 06:14:26 -04:00

pook commented

2026-04-08 17:41:37 -04:00

Owner

Summary

Use Buffer.from(arrayBuffer()) instead of c.req.text() in the webhook route to preserve exact raw bytes for Stripe HMAC signature verification
Text decoding/re-encoding can alter bytes and break stripe.webhooks.constructEvent() checks
Adds comprehensive integration tests for signed, tampered, expired, and missing signature scenarios

Closes #78, closes #71. Unblocks #72 and #53 (payment flow).

Changes

packages/api/src/routes/billing.ts — raw body preservation via arrayBuffer()
packages/api/tests/e2e/webhook.test.ts — new test suite (7 test cases)

Test plan

Verify signature passes with correctly signed payload
Verify tampered payloads are rejected
Verify expired signatures are rejected
Verify wrong-secret signatures are rejected
Verify missing signature header returns 400
Verify unicode payloads preserve raw bytes
Verify other billing routes (checkout, usage) still parse JSON normally
Test with Stripe CLI: stripe trigger checkout.session.completed

🤖 Generated with Claude Code

## Summary - Use `Buffer.from(arrayBuffer())` instead of `c.req.text()` in the webhook route to preserve exact raw bytes for Stripe HMAC signature verification - Text decoding/re-encoding can alter bytes and break `stripe.webhooks.constructEvent()` checks - Adds comprehensive integration tests for signed, tampered, expired, and missing signature scenarios Closes #78, closes #71. Unblocks #72 and #53 (payment flow). ## Changes - `packages/api/src/routes/billing.ts` — raw body preservation via `arrayBuffer()` - `packages/api/tests/e2e/webhook.test.ts` — new test suite (7 test cases) ## Test plan - [ ] Verify signature passes with correctly signed payload - [ ] Verify tampered payloads are rejected - [ ] Verify expired signatures are rejected - [ ] Verify wrong-secret signatures are rejected - [ ] Verify missing signature header returns 400 - [ ] Verify unicode payloads preserve raw bytes - [ ] Verify other billing routes (checkout, usage) still parse JSON normally - [ ] Test with Stripe CLI: `stripe trigger checkout.session.completed` 🤖 Generated with [Claude Code](https://claude.com/claude-code)

pook added 1 commit

2026-04-08 17:41:37 -04:00

fix: preserve raw body bytes for Stripe webhook signature verification

agent-worker/pr-tests Running PR tests...

3b69196d4b

Use Buffer.from(arrayBuffer()) instead of c.req.text() to ensure the
exact raw bytes are passed to stripe.webhooks.constructEvent(). Text
decoding can alter bytes and break HMAC signature checks.

Adds integration tests for signed, tampered, expired, and missing
signature scenarios. Closes #78, #71.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

pook commented

2026-04-08 17:41:49 -04:00

Author

Owner

⚠️ No Test Suite Detected

Commit: 3b69196d

No test script found in package.json. Add a test script to enable automated testing.

## ⚠️ No Test Suite Detected **Commit:** `3b69196d` No `test` script found in `package.json`. Add a test script to enable automated testing.

pook referenced this pull request

2026-04-08 17:53:01 -04:00

Close duplicate Stripe raw-body preservation issues and merge best PR #91

pook referenced this pull request

2026-04-08 17:57:34 -04:00

fix: preserve raw body bytes for Stripe webhook signature verification #89

pook referenced this pull request

2026-04-08 17:57:37 -04:00

feat: preserve raw body buffer for Stripe webhook signature verification #81

pook referenced this pull request

2026-04-08 17:57:42 -04:00

fix: Stripe webhook raw body preservation and async signature verification #75

pook referenced this pull request

2026-04-08 17:57:49 -04:00

Add Stripe webhook raw body preservation before JSON parser middleware #83

pook referenced this pull request

2026-04-08 17:57:52 -04:00

Add Stripe webhook raw body preservation middleware for payment verification #78

pook referenced this pull request

2026-04-08 17:57:54 -04:00

Add Stripe webhook raw body preservation for payment verification #71

pook commented

2026-04-08 17:58:02 -04:00

Author

Owner

This is the surviving PR for the Stripe webhook raw body fix. Duplicate PRs #89, #81, #75 have been closed. Duplicate issues #83, #78, #71 have been closed in favor of #87.

Review summary:

PR #89: Same fix, fewer tests (5 vs 9) → closed
PR #81: Over-engineered with separate middleware file → closed
PR #75: Did not fix raw body issue (still used c.req.text()) → closed

This PR correctly uses Buffer.from(await c.req.arrayBuffer()) to preserve exact raw bytes for HMAC verification, with 9 comprehensive tests.

Closes #87

This is the surviving PR for the Stripe webhook raw body fix. Duplicate PRs #89, #81, #75 have been closed. Duplicate issues #83, #78, #71 have been closed in favor of #87. **Review summary:** - PR #89: Same fix, fewer tests (5 vs 9) → closed - PR #81: Over-engineered with separate middleware file → closed - PR #75: Did not fix raw body issue (still used `c.req.text()`) → closed This PR correctly uses `Buffer.from(await c.req.arrayBuffer())` to preserve exact raw bytes for HMAC verification, with 9 comprehensive tests. Closes #87

pook merged commit ca0e140225 into main

2026-04-09 06:14:24 -04:00

pook referenced this pull request from a commit

2026-04-09 06:14:25 -04:00

Merge pull request 'fix: preserve raw body bytes for Stripe webhook signature verification' (#85) from fix/webhook-raw-body-preservation into main

pook referenced this pull request

2026-04-09 06:15:40 -04:00

PR pipeline unblocked: 18 PRs merged, 48 remaining need rebase #254