Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Code Sample for computing webhook signature in Python #469

Open
ShadiNM opened this issue Jul 4, 2022 · 2 comments
Open

Code Sample for computing webhook signature in Python #469

ShadiNM opened this issue Jul 4, 2022 · 2 comments

Comments

@ShadiNM
Copy link

ShadiNM commented Jul 4, 2022

Hello,
i am working with the webhooks and trying to verify the signature. Here you have examples on how to do that with PHP and Ruby. Could you give me an example for how to achieve it in Python? I tried the following

verify_signature(request.META["HTTP_SIGNATURE"], request.body)

def verify_signature(received_signature: str, payload: bytes) -> bool:

    digest = hmac.new(
    os.getenv("SECRET_KEY").encode(),
    payload,
    hashlib.sha256,
    ).hexdigest()

signature = received_signature.lstrip("sha256 ")

if digest == signature:
    return True
return False

I understand that the payload has to be unicode escaped. However the example on the docs does not make sense for me. No matter what I do in Python the <> characters are not unicode escaped. Other special characters are however correctly escaped to their unicode representation like \u016f. So I know how to do the escaping but it seems that Python does not escape <> characters. What can I do?

@gat786
Copy link

gat786 commented Oct 15, 2022

This is required. I have been struggling with this as well.

@MuhammadNomanIqbal
Copy link

this is required i am also struggling for this isssue

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

3 participants