All webhook requests sent to your endpoint from Pay Advantage will contain a header x-payadvantage-signature. This signature is created by hashing the raw content of the request using the Endpoint’s secret (as returned in the create response). Your Endpoint should calculate the hash and then compare.
private static string GenerateSignature(string rawContent, string secret)
{
var contentBytes = Encoding.UTF8.GetBytes(rawContent);
byte[] hash;
using (var hmac = new HMACSHA256(Encoding.UTF8.GetBytes(secret)))
{
hash = hmac.ComputeHash(contentBytes);
}
return Convert.ToBase64String(hash);
}
Comments
0 comments
Please sign in to leave a comment.