picsoung · October 15, 2024 11:21
diff --git a/index.js b/index.js
 const functions = require('@google-cloud/functions-framework');
 const crypto = require('crypto');

 const SECRET_TOKEN = "abc123"

 functions.http('webhookHandler', (req, res) => {
  // Ensure the request body is available as a string
  const rawBody = req.rawBody ? req.rawBody.toString() : JSON.stringify(req.body);

  const signature = req.headers['typeform-signature'];
  const isValid = verifySignature(signature, rawBody);

  if (isValid) {
    // Process the webhook payload here
    console.log('Webhook signature verified');
    res.status(200).send('Webhook received and verified');
  } else {
    console.error('Invalid webhook signature');
    res.status(403).send('Invalid signature');
  }
 });


 const verifySignature = function (receivedSignature, payload) {
  const hash = crypto
    .createHmac('sha256', SECRET_TOKEN)
    .update(payload)
    .digest('base64');
  return receivedSignature === `sha256=${hash}`;
 };
	const functions = require('@google-cloud/functions-framework');
	const crypto = require('crypto');

	const SECRET_TOKEN = "abc123"

	functions.http('webhookHandler', (req, res) => {
	// Ensure the request body is available as a string
	const rawBody = req.rawBody ? req.rawBody.toString() : JSON.stringify(req.body);

	const signature = req.headers['typeform-signature'];
	const isValid = verifySignature(signature, rawBody);

	if (isValid) {
	// Process the webhook payload here
	console.log('Webhook signature verified');
	res.status(200).send('Webhook received and verified');
	} else {
	console.error('Invalid webhook signature');
	res.status(403).send('Invalid signature');
	}
	});


	const verifySignature = function (receivedSignature, payload) {
	const hash = crypto
	.createHmac('sha256', SECRET_TOKEN)
	.update(payload)
	.digest('base64');
	return receivedSignature === `sha256=${hash}`;
	};