sibelius · October 28, 2024 13:18
diff --git a/validateWhatsAppSha256.ts b/validateWhatsAppSha256.ts
 const signature = ctx.request.headers['x-hub-signature-256'];

  if (
    !signature ||
    typeof signature !== 'string' ||
    !config.WHATSAPP_APP_SECRET
  ) {
    ctx.status = 403;
    ctx.body = {
      message: 'invalid signature',
    }

    return;
  }

  const sha256 = signature.split('=')[1];

  // eslint-disable-next-line no-restricted-syntax
  const result = crypto
    .createHmac('sha256', config.WHATSAPP_APP_SECRET)
    .update(ctx.request.rawBody)
    .digest('hex');

  if (!sha256 || sha256 !== result) {
    ctx.status = 403;
    ctx.body = {
      message: 'invalid signature',
    }

    return;
  }
	const signature = ctx.request.headers['x-hub-signature-256'];

	if (
	!signature \|\|
	typeof signature !== 'string' \|\|
	!config.WHATSAPP_APP_SECRET
	) {
	ctx.status = 403;
	ctx.body = {
	message: 'invalid signature',
	}

	return;
	}

	const sha256 = signature.split('=')[1];

	// eslint-disable-next-line no-restricted-syntax
	const result = crypto
	.createHmac('sha256', config.WHATSAPP_APP_SECRET)
	.update(ctx.request.rawBody)
	.digest('hex');

	if (!sha256 \|\| sha256 !== result) {
	ctx.status = 403;
	ctx.body = {
	message: 'invalid signature',
	}

	return;
	}