Last active
July 16, 2019 11:33
-
-
Save jansabbe/ceec3f82c4e81e6532ea0150be29be2d to your computer and use it in GitHub Desktop.
Sample signature generation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| const crypto = require('crypto'); // Standard nodejs library. Tested using v10.15.0 and v8.11.4 | |
| const sparkcentralSecret = process.env['SECRET']; // shared secret as on settings | |
| const expectedSignature = "1d051f7bfd06c7a3702788bb38bbb967109b5389c1f25af4909d0cb7d75d096d"; // take from request header. | |
| const body = ` | |
| { | |
| "email": "fj@example.com" | |
| } | |
| `; // Note: do not parse as json and convert it back to string. Take literally as string from the body including whitespace. | |
| const actualSignature = crypto | |
| .createHmac("sha256", Buffer.from(sparkcentralSecret, "hex")) | |
| .update(body, "utf-8") | |
| .digest("hex"); | |
| if (actualSignature !== expectedSignature) { | |
| console.error(`Signatures don't match. Expected ${expectedSignature} but got ${actualSignature}`); | |
| } else { | |
| console.log("Signatures match!") | |
| } | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Can be run using
node test.jsor viadocker run -it --rm -v "$PWD":/app node:lts node /app/test.js. You should get following output:Signatures match!. Body should match exactly (do not remove spaces or whitespace).