Nifty Direct Debit/Gocardless Module Error

[D9Hosting]

Just wondering if anyone else has noticed problems with this module receiving callbacks from Gocardless since August 11th?

I noticed a few days ago a strange lack of direct debit payments being received and on checking in our GC account any callback sent to the module is generating the following error:

498 Token expired/invalid

I've generated new live tokens and webhook endpoints, re-uploaded all the module files but the issue remains. There is nothing showing up in the WHMCS module log, and in the gateway log all I am seeing are lots of entries saying:

Callback verification failed (Invalid Token) : 

Payment requests and setting up new mandates still work fine, it's just the payment callbacks that aren't working. I've got a ticket open with the creator of the module but so far haven't had a response. 

I did also open a ticket with GC who said:

Quote

 

I have had a look into this for you and I can see that the webhook has returned the error: 498 Token expired/invalid.

It looks like there is some issue with calculating the signature correctly. 

It should be calculated on the entire request body, see here for further detail. As a next step, we would recommend reviewing how the signature is being calculated. 

 

Anyone got any idea what the issue could be? From our end nothing has changed since it stopped working so it's a bit of a head scratcher and for now we are having to go through and manually cross reference all paid invoices in GC with those in WHMCS and mark them as paid.

 

[D9Hosting]

Just to update the thread for anyone else who comes across the same error - I've fixed the issue by disabling Cloudflare on the domain running our WHMCS installation. Neither Gocardless, nor Cloudflare have any idea why Cloudflare would be interfering with the API callbacks but at least things are working again!