Last active
March 9, 2018 03:55
-
-
Save inabajunmr/8d25bade9016351ca30dd805cd5c82f5 to your computer and use it in GitHub Desktop.
chatwork-webhook-request-validation-on-aws-lambda.js
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| exports.handler = function(event, context, callback) { | |
| console.log('Received event:', JSON.stringify(event, null, 2)); | |
| // Retrieve request parameters from the Lambda function input: | |
| var signature = event.headers['X-ChatWorkWebhookSignature']; | |
| var body = event.body; | |
| if (validate(signature, body)) { | |
| // write operation for webhook | |
| callback(null, {"statusCode": 200, "body": "Success"}) | |
| } else { | |
| // nop and return 403 | |
| callback(null, {"statusCode": 403, "body": "Forbidden"}) } | |
| } | |
| var validate = function(signature, body){ | |
| var cipheredBody = digest(body); | |
| return cipheredBody === signature; | |
| } | |
| var digest = function(value){ | |
| var secret = decode(process.env.TOKEN); | |
| var crypto = require('crypto'); | |
| var hash = crypto.createHmac('SHA256', secret).update(value).digest('base64'); | |
| return hash; | |
| } | |
| var encode = function(value){ | |
| var buffer = new Buffer(value); | |
| var encoded = buffer.toString('base64'); | |
| return encoded; | |
| } | |
| var decode = function(value){ | |
| var buffer = new Buffer(value, 'base64'); | |
| return buffer; | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment