Created
September 18, 2020 19:04
-
-
Save tlemburg/171730565ae7aa8d3c1b092573ebbf07 to your computer and use it in GitHub Desktop.
Sample Cognito webhook receiver
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| require 'sinatra' | |
| require 'json' | |
| require 'openssl' | |
| require 'base64' | |
| ENDPOINT_SECRET = 'fe1eb40c8e8d2164ffff0316a40e5f237f2e2742877e6c47a969643411547f74' | |
| post '/webhook' do | |
| puts "" | |
| puts 'Webhook received!' | |
| puts "" | |
| json = request.body.read | |
| puts "JSON Hash From Body:" | |
| puts JSON.parse(json) | |
| puts "" | |
| puts "Cognito-Signature Header:" | |
| puts header = request.env['HTTP_COGNITO_SIGNATURE'] | |
| puts "" | |
| # parse down the header | |
| header_hash = header.split(',').each_with_object({}) do |pair_string, hash| | |
| arr = pair_string.split('=', 2) | |
| hash[arr[0]] = arr[1] | |
| end | |
| puts "Timestamp in header:" | |
| puts timestamp = header_hash["t"] | |
| puts "Header signature string:" | |
| puts header_signature = header_hash["v1"] | |
| created_signature = Base64.strict_encode64( | |
| OpenSSL::HMAC.digest( | |
| OpenSSL::Digest::SHA256.new, ENDPOINT_SECRET, "#{timestamp}.#{json}" | |
| ) | |
| ) | |
| puts "Created signature string:" | |
| puts created_signature | |
| if created_signature == header_signature | |
| puts "They match!" | |
| else | |
| puts "THEY DO NOT MATCH!!!" | |
| end | |
| puts "" | |
| end |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment