APIs & Integrations

GBulleri
Participant

Troubles in checking v3 signature in the webhook listener

Hi, 

I am in trouble while checking the V3 signature.

My Powershell webhook listener is  called by an Hubspot webhook from the TEST account  and

I am applying the V3 signature rules as per your doc

https://developers.hubspot.com/changelog/introducing-version-3-of-webhook-signatures

but I always see "invalid signature"

 

Can you please confirm that I can use V3 signature in webhook listener?

Any suggestion?

 

Please see below the powershell code

 

Thank You

 

 

# I get the json body
$FormContent = [System.IO.StreamReader]::new($context.Request.InputStream).ReadToEnd()
#I create a utf-8 encoded string of requestMethod + requestUri + requestBody + timestamp. The timestamp is provided by the new X-HubSpot-Request-Timestamp header.

#example: POSThttps://xxxxxxxxxxx/contact[{"eventId":"100","subscriptionId":1334304,"portalId":25205759,"occurredAt":1638463236537,"subscriptionType":"contact.creation","attemptNumber":0,"objectId":123,"changeSource":"CRM","changeFlag":"NEW"}]1638467214429
$my_key=$context.Request.HttpMethod+$context.Request.Url+$FormContent+$context.Request.Headers['X-HubSpot-Request-Timestamp']
$enc = [System.Text.Encoding]::UTF8
$encmy_key= $enc.GetBytes($my_key)
#I create an HMAC SHA-256 hash of the resulting string using the application secret as the secret for the HMAC SHA-256 function.
$secret="xxxxxxxxxxxxxxxxxxxxxxxxxxxxx"
$hmacsha = New-Object System.Security.Cryptography.HMACSHA256
$hmacsha.key = [Text.Encoding]::ASCII.GetBytes($secret)
$signature = $hmacsha.ComputeHash([Text.Encoding]::ASCII.GetBytes($encmy_key))
#Base64 encode the result of the HMAC function
$signature = [Convert]::ToBase64String($signature)
if ($context.Request.Headers['X-HubSpot-Signature-v3'] -ne $signature){
write-output "invalid signature"
}else{
write-output "valid signature"
}

0 Upvotes
GBulleri
Participant

Troubles in checking v3 signature in the webhook listener

I realized that the signature working fine is v1 not v3

..I am confused...

https://developers.hubspot.com/changelog/introducing-version-3-of-webhook-signatures

lI was thinking V3 was effective!

 

 

 

 

0 Upvotes