Reply
Member
Posts: 1
Registered: ‎10-27-2020

Verify webhook payload

[ Edited ]

I have a webhooks endpoint setup in a node project build using Hapi.js. I am using the crypto module to generate the hash to verify the payload. Everything seems to work fine when I do a test webhook, the hash I generate matches the hash in the headers. However, when I turn on the webhook and subscribe to the 'net.authorize.payment.authorization.created' event the hashes don't seem to match. I don't know what I could be doing wrong because the test event works fine, the only difference I can thing of is that the test event is an authCapture instead of an authorization.created. I don't know why that would make a difference, but here is my code.

 

const isValidPayload = (request) => {
  const header = _.get('headers.x-anet-signature', request);
  const payload = JSON.stringify(request.payload);
  const hash = crypto.createHmac('sha512', config.get('authorizenet:signature_key'))
    .update(payload)
    .digest('hex');

  return header === `sha512=${hash.toUpperCase()}`;
};

I've been banging my head against a wall with this problem for the last week. If anyone has some insight please let me know. Thanks.

 

edit: I should probably mention this is in a sandbox environment as well

Member
Posts: 4
Registered: ‎10-27-2020

Re: Verify webhook payload

I have never used this Module to do my job. I will be here waiting for an answer for us Fall guys.