HTTP_X_HUBSPOT_SIGNATURE validation fails
Monday - last edited Monday
I just created a new app and add it to our hubspot account. The app is using a different endpoint on the server that we already have.
I can't seem to validate the signature of the webhook and I am basically doing the same that with a previous app that has been running for the last 2 years. I am checking the HTTP_X_HUBSPOT_SIGNATURE_VERSION to make sure that is the same version and it is (v1).
The server is done in ruby and I am using the code below to validate the signature and as I said, it works for one endpoint but not for the new one.
if Rails.env.production? unless request.headers['CONTENT_TYPE'] == 'application/json' && request.headers['HTTP_USER_AGENT'].downcase.include?('hubspot') && request.headers['X-HUBSPOT-SIGNATURE-VERSION'] == 'v1' && request.headers['X-HUBSPOT-SIGNATURE'] == Digest::SHA256.hexdigest(ENV['HUBSPOT_APP_SECRET'] + request.body.read) render status: 404 nil end end