question

quantfive avatar image
quantfive asked Raymond Lee Deactivated commented

Clover Webhooks Wrong Callback

Hey guys, we're trying to setup webhooks on Sandbox and we were able to get there except the callback URL is strange.

We're using Django as a backend, and our route exists, but it looks like whatever Clover is calling isn't 100% correct.

Not Found: /https:/solestage.ngrok.io/api/clover/[28/Aug/2018 07:42:09]

"POST <a href="https://solestage.ngrok.io/api/clover/HTTP/1.1"> 404 1726</a>

Our webhook URL is https://solestage.ngrok.io/api/clover/ but the URL Clover seems to be hitting isn't so.

If we POST to our own URL, our logs look like this:

POST /api/clover - 403

Forbidden: /api/clover

[28/Aug/2018 17:10:42] "POST /api/clover HTTP/1.1" 403 0

So it looks like it's hitting something like: https://solestage.ngrok.io/ https://solestage.ngrok.io/api/clover/ -- anyone know what's up?
SandboxWebhooks
5 comments
10 |2000

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

zgreathouse avatar image zgreathouse commented ·

The url you set in your app's webhook settings is the one notifications would be pushed to. A quick way to verify your Clover webhook configuration is working would be to use this webhook tester.

Additionally, the "/" at the beginning of your url may be causing the 404 error. I would try removing that before testing your url with the webhook tester.

0 Likes 0 ·
quantfive avatar image quantfive zgreathouse commented ·

Replied below! Here's an image of my correct webhook setting (I was able to get the verificationCode)

0 Likes 0 ·
Raymond Lee avatar image Raymond Lee commented ·

Can you provide the raw POST request using ngrok's inspection url?

For example here is one I pulled from my experimentation:

POST https://7447b44e.ngrok.io/webhook HTTP/1.1
X-Clover-Auth: ab9437d2-3085-4bb1-9aaf-71ac1ab7c049
Host: 7447b44e.ngrok.io
Connection: close
Content-Type: application/json
Content-Length: 285
X-Forwarded-Proto: https
X-Forwarded-For: 107.155.123.25

{"appId":"ZVMA96V1KCBZG","merchants":{"T0JQJVBQJTH1Y":[{"objectId":"E:","type":"UPDATE","ts":1535581269863,"object":{"id":"2CT9T0M0M6C2E","name":"Raymond Lee","customId":"1535581269594","email":"dev@clover.com","inviteSent":false,"claimedTime":1506543518000,"role":"ADMIN"}}]}}
0 Likes 0 ·
quantfive avatar image quantfive Raymond Lee commented ·

Hey @Raymond Lee, here is the example:

POST https://solestage.ngrok.io/api/clover/ HTTP/1.1
X-Clover-Auth: 8979c006-ee99-471b-91b5-911828e90601
Host: solestage.ngrok.io
Connection: close
Content-Type: application/json
Content-Length: 123
X-Forwarded-Proto: https
X-Forwarded-For: 107.155.123.25

{"appId":"JM54E71SRR9N2","merchants":{"9DY3RR12PCQP1":[{"objectId":"O:YXH7NAZ6DSCYY","type":"CREATE","ts":1535588040205}]}}<br>

Here's one where I just ping the URL myself with

curl -X POST https://solestage.ngrok.io/api/clver/

POST /api/clover/ HTTP/1.1
Host: solestage.ngrok.io
User-Agent: curl/7.54.0
Accept: */*
X-Forwarded-Proto: https
X-Forwarded-For: 98.248.250.170<br>

So it looks like the POST path shouldn't hit https://solestage.ngrok.io/api/clover/, but instead should just be /api/clover/, as the Host is already accounted for.

Are you guys POST'ing to the proper webhook URL's? The POST request that's coming from your webhooks don't look standard.

0 Likes 0 ·
quantfive avatar image quantfive quantfive commented ·

For example, this is your guys' POST for the verification code:

POST /api/clover/ HTTP/1.1
Host: solestage.ngrok.io
Content-Type: application/json
Content-Length: 59
User-Agent: Apache-HttpClient/4.5.2 (Java/1.8.0_51)
Accept-Encoding: gzip,deflate
X-Forwarded-Proto: https
X-Forwarded-For: 107.155.123.25

{"verificationCode":"09bcc289-7a9c-4347-841a-3fbb20e388a1"}

Which looks like it's a proper HTTP request where the Host is not included in the path.

0 Likes 0 ·
quantfive avatar image
quantfive answered
Hey @zgreathouse thanks for the reply. So I've set my webhook to https://solestage.ngrok.io/api/clover/

There is no / in the beginning of the URL. Will try out the webhook tester.

10 |2000

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

Raymond Lee avatar image
Raymond Lee Deactivated answered
Both types of POST requests are valid, its just a matter of the request using the relative url vs the absolute url.

The reason you are getting a 404 is on the django side, as you should be able to handle both types of urls.

I would double check that you are not assuming your url will be relative, and building an absolute path out of it, as that would cause the " https://solestage.ngrok.io/ https://solestage.ngrok.io/api/clover/" url that you are suspecting.

Django by default should already handle both absolute and relative urls correctly (see here), as long as your urlpatterns are set up correctly.
10 |2000

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

quantfive avatar image
quantfive answered Raymond Lee Deactivated commented
Hey @Raymond Lee, can you give me a CURL or some kind of request that demonstrates this absolute URL? I'm unable to reproduce the request that you guys are making.

My URL patterns are standard and setup correctly. There's no assumption made of an absolute URL vs a relative URL, so I'm not sure that's the issue. Will do digging about this though.

1 comment
10 |2000

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

Raymond Lee avatar image Raymond Lee commented ·

Unfortunately it looks like CURL does not support sending a request with an absolute URL. The only time it does is if you specify a proxy (see here).

0 Likes 0 ·

Welcome to the
Clover Developer Community