Error occured Invalid payload provided. No JSON object could be decoded Coinbas

Question

I having been battling this error for weeks now, read hundreds of resources that has just proven futtile and contacted coinbase support without getting any response from them. When I try testing the webhook from the coinbase Api I get this error "Remote server at 07b0a16c5735.ngrok.io returned an HTTP 400" and in my console I get "Error occured Invalid payload provided. No JSON object could be decoded"

I have attached screenshots of the errors I am encountering and this my code for the endpoint;

app.post(
  "/endpoint", (request, response) => {
    var event;

    console.log(request.headers);

    try {
      event = Webhook.verifyEventBody(
        request.rawBody,
        request.headers["x-cc-webhook-signature"],
        webhookSecret
      );
    } catch (error) {
      console.log("Error occured", error.message);

      return response.status(400).send("Webhook Error:" + error.message);
    }

    console.log("Success", event.id);
    console.log(request.rawBody);

    response.status(200).send("Signed Webhook Received: " + event.id);
  }
);

I am currently using this line of code to parse the raw body to json:

function rawBody(req, res, next) {
  req.setEncoding("utf8");

  var data = "";

  req.on("data", function (chunk) {
    data += chunk;
  });

  req.on("end", function () {
    req.rawBody = data;

    next();
  });
}

app.use(rawBody);

I tried using express.json() but supplemented it for the above line code when I was still getting the same error. This is the response I am expecting:

Success 00000000-0000-0000-0000-000000000000
{"id":"00000000-0000-0000-0000-000000000000","scheduled_for":"2018-01-01T00:40:00Z","attempt_number":1,"event":{"id":"00000000-0000-0000-0000-000000000000","resource":"event","type":"charge:confirmed","api_version":"2018-03-22","created_at":"2018-01-01T00:40:00Z","data":{"code":"AAAAAAAA","id":"00000000-0000-0000-0000-000000000000","resource":"charge","name":"The Sovereign Individual","description":"Mastering the Transition to the Information Age","hosted_url":"https://commerce.coinbase.com/charges/AAAAAAAA","created_at":"2018-01-01T00:00:00Z","confirmed_at":"2018-01-01T00:40:00Z","expires_at":"2018-01-01T01:00:00Z","support_email":"[email protected]","timeline":[{"time":"2018-01-01T00:00:00Z","status":"NEW"},{"status":"PENDING","payment":{"network":"ethereum","transaction_id":"0x0000000000000000000000000000000000000000000000000000000000000000"},"time":"2018-01-01T00:30:00Z"},{"status":"COMPLETED","payment":{"network":"ethereum","transaction_id":"0x0000000000000000000000000000000000000000000000000000000000000000"},"time":"2018-01-01T00:40:00Z"}],"metadata":{},"payment_threshold":{"overpayment_absolute_threshold":{"amount":"15.00","currency":"USD"},"overpayment_relative_threshold":"0.1","underpayment_absolute_threshold":{"amount":"5.00","currency":"USD"},"underpayment_relative_threshold":"0.1"},"pricing":{"local":{"amount":"100.00","currency":"USD"},"bitcoin":{"amount":"1.00000000","currency":"BTC"},"usdc":{"amount":"10.000000","currency":"USDC"},"bitcoincash":{"amount":"5.00000000","currency":"BCH"},"litecoin":{"amount":"2.00000000","currency":"LTC"}},"pricing_type":"fixed_price","payments":[{"network":"ethereum","transaction_id":"0x0000000000000000000000000000000000000000000000000000000000000000","status":"CONFIRMED","detected_at":"2018-01-01T00:30:00Z","value":{"local":{"amount":"100.0","currency":"USD"},"crypto":{"amount":"10.00","currency":"ETH"}},"block":{"height":100,"hash":"0x0000000000000000000000000000000000000000000000000000000000000000","confirmations_accumulated":8,"confirmations_required":2}}],"addresses":{"bitcoin":"1000000000000000000000000000000000","usdc":"0x0000000000000000000000000000000000000000","litecoin":"3000000000000000000000000000000000","bitcoincash":"bitcoincash:000000000000000000000000000000000000000000"},"exchange_rates":{"BCH-USD":"1000.0","BTC-USD":"100.0","ETH-USD":"10.0","JPY-USD":"0.5","LTC-USD":"50.0","TST-USD":"0.5","BEER-USD":"0.1"}}}}

Answer 1

I had the same issue. What worked for me was downgrading the version of the npm package that handles the payload within the webhook (coinbase-commerce-node) to the version 1.0.0. I also implemented the webhook exactly as shown in the examples of the library: https://github.com/coinbase/coinbase-commerce-node/tree/master/examples/webhook

You also need to make sure your server is properly configured to work with SSL. For example if you have the webhook implemented in Heroku, you can use heroku-ssl-redirect to force the usage of SSL.

Answer 2

Instead of sending the rawBody, you can use stringify object to verify the signature.

app.use(bodyParser.json());

try {
  const event = Webhook.verifyEventBody(JSON.stringify(req.body), signature, webhookSecret);

  if (event.type === 'charge:pending') {
    // TODO
    // user paid, but transaction not confirm on blockchain yet
  }

  if (event.type === 'charge:confirmed') {
    // TODO
    // all good, charge confirmed
  }

  if (event.type === 'charge:failed') {
    // TODO
    // charge failed or expired
  }

  res.send(`success ${event.id}`);
} catch (error) {
  if (error) {
    console.log(error);
  }
  res.status(400).send('failure!');
}