Back to Waitwhile ↗︎

Discussions

Ask a Question
Back to All

Invalid signature with Webhook

10 months ago by Pierre Marais

Hello,

We try to use webhook signature with NodeJs but it is always invalid. Can you confirm us expected parameter formats ?

Now, we use for example : 

const secret =  't5cU9SoudXtxfVRw1Z4wr9TS' // provide from webhook configuration. Here it's fake  value
const signature = 'vI5Ut452kZyrZrmFIBq7Xu3mFPWr1g0sqlQZfU4ki1E' //provide header
const url = 'https://api-staging-eva-xxxx.eva.gg/my-webhook-url'//good format ?
const payload = '{\"id\":\"0TiYj71yYPBUNfppNB0E\",\"created\":\"2023-06-29T09:10:23.758Z\",\"accountId\":\"UpAwC7kELkvTCzFdA8fr\",\"type\":\"visit.created\",\"data\":{\"id\":\"cpnhrOit9OQ93HKInPTb\",\"locationId\":\"iQjqtEeWJ50DRaTv05OZ\",\"state\":\"WAITING\",\"customerId\":\"PmBgUqEPfVXzvcvFEs9AIR\",\"firstName\":\"Pierre\",\"lastName\":\"Marais\",\"name\":\"Pierre Marais\",\"phone\":\"+33621626157\",\"email\":\"[email protected]\",\"externalCustomerId\":\"\",\"notes\":\"\",\"publicId\":\"cpnhrO\",\"isAnonymized\":false,\"created\":\"2023-06-29T09:10:23.587Z\",\"createdBy\":\"QK09NV3HImXelgH9J73YrkXWGX03\",\"updated\":\"2023-06-29T09:10:23.587Z\",\"updatedBy\":\"QK09NV3HImXelgH9J73YrkXWGX03\",\"pendingExpireTime\":null,\"remoteIp\":\"82.216.37.75\",\"country\":\"FR\",\"region\":\"bre\",\"city\":\"rennes\",\"isBlock\":false,\"source\":\"WEB-APP\",\"locale\":\"fr-FR\",\"partySize\":1,\"resources\":{},\"resourceIds\":[],\"services\":{},\"serviceIds\":[],\"fields\":{\"ulPPzfE7de2QaHYz9Si6\":[\"test\"],\"skdOlHhyAik7BcdhJBSd\":[true]},\"dataFields\":[{\"id\":\"ulPPzfE7de2QaHYz9Si6\",\"values\":[\"test\"]},{\"id\":\"skdOlHhyAik7BcdhJBSd\",\"values\":[true]}],\"tags\":[],\"waitlistTime\":\"2023-06-29T09:10:23.587Z\",\"bookingReminderSmsTime\":null,\"bookingReminderEmailTime\":null,\"bookingReminderAppTime\":null,\"followUpSmsTime\":null,\"followUpEmailTime\":null,\"followUpAppTime\":null,\"ngrams\":[\"pie\",\"pier\",\"pierr\",\"pierre\",\"mar\",\"mara\",\"marai\",\"marais\",\"336\",\"3362\",\"33621\",\"336216\",\"3362162\",\"33621626\",\"336216261\",\"3362162615\",\"33621626157\",\"062\",\"0621\",\"06216\",\"062162\",\"0621626\",\"06216261\",\"062162615\",\"0621626157\",\"piem\",\"piema\",\"piemar\",\"piemara\",\"piemarai\",\"piemarais\",\"wai\",\"wait\",\"wait3\",\"gma\",\"gmai\",\"gmail\",\"com\",\"a048\",\"p:1\",\"r:\",\"d:ulPPzfE7de2QaHYz9Si6=test\",\"d:skdOlHhyAik7BcdhJBSd=true\"],\"estWaitDuration\":0,\"position\":1,\"lastWaitingPosition\":1,\"originalPosition\":1,\"ticket\":\"A048\",\"numVisits\":16,\"prevEstWaitDuration\":0,\"originalEstWaitDuration\":0}}'

// we get payload with json.stringify(req.body) we already try to get payload from req.body only

return (
      signature ===
      crypto
        .createHmac('sha256', secret)
        .update(Buffer.from(url + payload, 'utf-8'))
        .digest('base64')
    );