peterkools/gist:9a3f0eab3072cf6d97a8071ec3d47a39

## gistfile1.txt
# Python3 example demonstrating the Poynt webhook signature verification

from base64 import b64encode
import hmac
import hashlib
import json

data = json.loads("""{
  "createdAt": "2017-07-22T16:27:08Z",
  "updatedAt": "2017-07-22T16:27:08Z",
  "links": [
    {
      "href": "https://services.poynt.net/businesses/469e957c-57a7-4d54-a72a-9e8f3296adad/transactions/b88ce811-3e43-4ae4-9d50-c32f9554ef79",
      "rel": "resource",
      "method": "GET"
    }
  ],
  "id": "e79ab430-f3ff-4d24-abcd-a366c74c9138",
  "deviceId": "urn:tid:d23eaeca-675f-3766-9c51-f6a0707e2587",
  "hookId": "174026fd-e185-4930-9917-44323fc98d03",
  "applicationId": "urn:aid:6bdee3b0-ced0-4263-ac4e-f783acc9857e",
  "resource": "/transactions",
  "resourceId": "b88ce811-3e43-4ae4-9d50-c32f9554ef79",
  "eventType": "TRANSACTION_REFUNDED",
  "businessId": "469e957c-57a7-4d54-a72a-9e8f3296adad",
  "storeId": "d1f94f81-6257-41ce-83a8-54bf233fc78d"
}""")
key = 'not-the-secret-you-know'
expected_signature = 'LsLMMShBDVjuPLrejYpkAsCU4YY='

# eliminate all spacing between separators
# utf-8 encode everything so we're dealing with bytes

string_to_sign = json.dumps(data, separators=(',', ':')).encode('utf-8')
key = key.encode('utf-8')
expected_signature = expected_signature.encode('utf-8')

hashed = hmac.new(key, string_to_sign, hashlib.sha1)
signature = b64encode(hashed.digest())
assert signature == expected_signature
	# Python3 example demonstrating the Poynt webhook signature verification

	from base64 import b64encode
	import hmac
	import hashlib
	import json

	data = json.loads("""{
	"createdAt": "2017-07-22T16:27:08Z",
	"updatedAt": "2017-07-22T16:27:08Z",
	"links": [
	{
	"href": "https://services.poynt.net/businesses/469e957c-57a7-4d54-a72a-9e8f3296adad/transactions/b88ce811-3e43-4ae4-9d50-c32f9554ef79",
	"rel": "resource",
	"method": "GET"
	}
	],
	"id": "e79ab430-f3ff-4d24-abcd-a366c74c9138",
	"deviceId": "urn:tid:d23eaeca-675f-3766-9c51-f6a0707e2587",
	"hookId": "174026fd-e185-4930-9917-44323fc98d03",
	"applicationId": "urn:aid:6bdee3b0-ced0-4263-ac4e-f783acc9857e",
	"resource": "/transactions",
	"resourceId": "b88ce811-3e43-4ae4-9d50-c32f9554ef79",
	"eventType": "TRANSACTION_REFUNDED",
	"businessId": "469e957c-57a7-4d54-a72a-9e8f3296adad",
	"storeId": "d1f94f81-6257-41ce-83a8-54bf233fc78d"
	}""")
	key = 'not-the-secret-you-know'
	expected_signature = 'LsLMMShBDVjuPLrejYpkAsCU4YY='

	# eliminate all spacing between separators
	# utf-8 encode everything so we're dealing with bytes

	string_to_sign = json.dumps(data, separators=(',', ':')).encode('utf-8')
	key = key.encode('utf-8')
	expected_signature = expected_signature.encode('utf-8')

	hashed = hmac.new(key, string_to_sign, hashlib.sha1)
	signature = b64encode(hashed.digest())
	assert signature == expected_signature