Skip to content
/ stripe-multi-environment-webhook-handler Public

Struggling to handle dev, staging, demo, and other environments with a single Stripe Test Environment? You are looking for multiple Stripe Webhook Endpoints or multiple Test environments? Here's an easy and flexible solution!

0 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

adshrc/stripe-multi-environment-webhook-handler

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

15 Commits
.github/workflows
.github/workflows
 
 
README.md
README.md
 
 
worker.js
worker.js
 
 
wrangler.toml
wrangler.toml
 
 

Repository files navigation

Stripe Multi-Environment Webhook Handler (SMEWH) 🌍💳

Struggling to handle dev, staging, demo, and other environments with a single Stripe Test Environment? Here's an easy and flexible solution!

This Cloudflare Worker forwards incoming Stripe webhook events to the appropriate environment based on the returnUrl included in the event's metadata property.

Requirements

  • Create the Cloudflare Worker and upload the worker.js contents or use this Button:

    Deploy to Cloudflare Workers

  • Create a Webhook in your Stripe Dashboard: https://dashboard.stripe.com/test/webhooks. Make sure to replace the original URL's Domain with the Worker Domain. In the end, you should have something like this: https://smewh.worker.dev/<originalPath>

  • Add the returnUrl property in the metadata of every Stripe request your Server sends. It should be the URL of the originating server (e.g. https://dev.your-server.com)

  • Optional: Cloudflare Access Environment Variables

    • CF_ACCESS_CLIENT_ID: Set this environment variable if your forwarded requests require authentication with CF-Access-Client-Id.
    • CF_ACCESS_CLIENT_SECRET: Set this environment variable if your forwarded requests require authentication with CF-Access-Client-Secret.
    • Note: Both environment variables must be set for the headers to be added to the forwarded request.

What the Worker Actually Does

Stripe sends a webhook event to your Worker, e.g., https://smewh.worker.dev/stripe/webhook, then the Worker:

  1. Parses the body, extracts metadata.returnUrl (e.g., https://dev.your-server.com).
  2. Appends the original request path to the returnUrl, forming the targetUrl.
  3. Checks if the request is from an allowed IP address; if not, it denies access.
  4. Adds CF-Access-Client-Id and CF-Access-Client-Secret headers if both environment variables are set.
  5. Forwards the original request (including headers) to the targetUrl (e.g., https://dev.your-server.com/stripe/webhook).
  6. Returns the response back to Stripe.

Security Considerations

  • IP Filtering: The Worker only allows incoming requests from specific IP addresses to prevent unauthorized access.
  • Environment Variables: If CF_ACCESS_CLIENT_ID and CF_ACCESS_CLIENT_SECRET are set, they are used to add authentication headers to the forwarded request.

Ensure you have the correct IP addresses and environment variables set to match your security requirements.

About

Struggling to handle dev, staging, demo, and other environments with a single Stripe Test Environment? You are looking for multiple Stripe Webhook Endpoints or multiple Test environments? Here's an easy and flexible solution!

Topics

environment stripe webhook multiple test-environment stripe-multiple-test-environments

Resources

Readme
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Languages