Created
August 29, 2017 15:11
-
-
Save kerinin/5e609a4e670b8176ef0702e320560b99 to your computer and use it in GitHub Desktop.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| var parsedEvent = JsonParser.Default.Parse<ParsedDataEventWebhook>(json); | |
| //verify the signature to validate the webhook came from RP | |
| var key = "CIO_SECRET"; //this should be your CIO auth secret | |
| var encoding = BinaryStringEncoding.Utf8; | |
| var algorithmProvider = MacAlgorithmProvider.OpenAlgorithm("HMAC_SHA256"); | |
| var contentBuffer = | |
| CryptographicBuffer.ConvertStringToBinary(parsedEvent.checksum, | |
| encoding); | |
| var keyBuffer = CryptographicBuffer.ConvertStringToBinary(key, encoding); | |
| var signatureKey = algorithmProvider.CreateKey(keyBuffer); | |
| var signedBuffer = CryptographicEngine.Sign(signatureKey, contentBuffer); | |
| if (CryptographicBuffer.EncodeToHexString(signedBuffer) != | |
| parsedEvent.signature) { | |
| //reject signature | |
| return false; | |
| } | |
| //verify the checksum to validate the body wasn't tampered with | |
| var encoding = BinaryStringEncoding.Utf8; | |
| var algorithmProvider = MacAlgorithmProvider.OpenAlgorithm("HMAC_SHA256"); | |
| var webhookIdBuffer = | |
| CryptographicBuffer.ConvertStringToBinary(parsedEvent.webhook_id, | |
| encoding); | |
| var eventBuffer = | |
| CryptographicBuffer.ConvertStringToBinary(parsedEvent.data_event, | |
| encoding); | |
| if (CryptographicBuffer.EncodeToHexString(webhookIdBuffer + | |
| eventBuffer) != parsedEvent.checksum) { | |
| //reject checksum | |
| return false; | |
| } | |
| //now you can process the rest of your webhook data |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment