Discussions
Invalid signature with Webhook
over 1 year ago by Pierre Marais
Hello,
We try to use webhook signature with NodeJs but it is always invalid. Can you confirm us expected parameter formats ?
Now, we use for example :
const secret = 't5cU9SoudXtxfVRw1Z4wr9TS' // provide from webhook configuration. Here it's fake value
const signature = 'vI5Ut452kZyrZrmFIBq7Xu3mFPWr1g0sqlQZfU4ki1E' //provide header
const url = 'https://api-staging-eva-xxxx.eva.gg/my-webhook-url'//good format ?
const payload = '{\"id\":\"0TiYj71yYPBUNfppNB0E\",\"created\":\"2023-06-29T09:10:23.758Z\",\"accountId\":\"UpAwC7kELkvTCzFdA8fr\",\"type\":\"visit.created\",\"data\":{\"id\":\"cpnhrOit9OQ93HKInPTb\",\"locationId\":\"iQjqtEeWJ50DRaTv05OZ\",\"state\":\"WAITING\",\"customerId\":\"PmBgUqEPfVXzvcvFEs9AIR\",\"firstName\":\"Pierre\",\"lastName\":\"Marais\",\"name\":\"Pierre Marais\",\"phone\":\"+33621626157\",\"email\":\"[email protected]\",\"externalCustomerId\":\"\",\"notes\":\"\",\"publicId\":\"cpnhrO\",\"isAnonymized\":false,\"created\":\"2023-06-29T09:10:23.587Z\",\"createdBy\":\"QK09NV3HImXelgH9J73YrkXWGX03\",\"updated\":\"2023-06-29T09:10:23.587Z\",\"updatedBy\":\"QK09NV3HImXelgH9J73YrkXWGX03\",\"pendingExpireTime\":null,\"remoteIp\":\"82.216.37.75\",\"country\":\"FR\",\"region\":\"bre\",\"city\":\"rennes\",\"isBlock\":false,\"source\":\"WEB-APP\",\"locale\":\"fr-FR\",\"partySize\":1,\"resources\":{},\"resourceIds\":[],\"services\":{},\"serviceIds\":[],\"fields\":{\"ulPPzfE7de2QaHYz9Si6\":[\"test\"],\"skdOlHhyAik7BcdhJBSd\":[true]},\"dataFields\":[{\"id\":\"ulPPzfE7de2QaHYz9Si6\",\"values\":[\"test\"]},{\"id\":\"skdOlHhyAik7BcdhJBSd\",\"values\":[true]}],\"tags\":[],\"waitlistTime\":\"2023-06-29T09:10:23.587Z\",\"bookingReminderSmsTime\":null,\"bookingReminderEmailTime\":null,\"bookingReminderAppTime\":null,\"followUpSmsTime\":null,\"followUpEmailTime\":null,\"followUpAppTime\":null,\"ngrams\":[\"pie\",\"pier\",\"pierr\",\"pierre\",\"mar\",\"mara\",\"marai\",\"marais\",\"336\",\"3362\",\"33621\",\"336216\",\"3362162\",\"33621626\",\"336216261\",\"3362162615\",\"33621626157\",\"062\",\"0621\",\"06216\",\"062162\",\"0621626\",\"06216261\",\"062162615\",\"0621626157\",\"piem\",\"piema\",\"piemar\",\"piemara\",\"piemarai\",\"piemarais\",\"wai\",\"wait\",\"wait3\",\"gma\",\"gmai\",\"gmail\",\"com\",\"a048\",\"p:1\",\"r:\",\"d:ulPPzfE7de2QaHYz9Si6=test\",\"d:skdOlHhyAik7BcdhJBSd=true\"],\"estWaitDuration\":0,\"position\":1,\"lastWaitingPosition\":1,\"originalPosition\":1,\"ticket\":\"A048\",\"numVisits\":16,\"prevEstWaitDuration\":0,\"originalEstWaitDuration\":0}}'
// we get payload with json.stringify(req.body) we already try to get payload from req.body only
return (
signature ===
crypto
.createHmac('sha256', secret)
.update(Buffer.from(url + payload, 'utf-8'))
.digest('base64')
);