CTC-2213 Add samples for webhook validation

Kontent-ai-Learn · Dec 12, 2023 · ac7e681 · ac7e681
1 parent c7b137c
commit ac7e681
Show file tree

Hide file tree

Showing 5 changed files with 60 additions and 0 deletions.
diff --git a/java/use-webhooks/webhooks_vnext_validate_signature.java b/java/use-webhooks/webhooks_vnext_validate_signature.java
@@ -0,0 +1,13 @@
+// Tip: Find more about Java SDK at https://kontent.ai/learn/java
+import javax.crypto;
+import javax.crypto.spec;
+import javax.xml.bind;
+
+// Generates a payload hash to compare with the 'X-Kontent-ai-Signature' header value
+public static String generateHash(String message, String secret) throws Exception {
+    Mac sha256Hmac = Mac.getInstance("HmacSHA256");
+    SecretKeySpec secretKeySpec = new SecretKeySpec(secret.getBytes(StandardCharsets.UTF_8), "HmacSHA256");
+    sha256Hmac.init(secretKeySpec);
+
+    return Base64.getEncoder().encodeToString(sha256Hmac.doFinal(message.getBytes(StandardCharsets.UTF_8)));
+}
diff --git a/js/using-webhooks/webhooks_vnext_validate_signature.js b/js/using-webhooks/webhooks_vnext_validate_signature.js
@@ -0,0 +1,11 @@
+// Tip: Find more about JS/TS SDKs at https://kontent.ai/learn/javascript
+const signatureHelper = require('@kontent-ai/webhook-helper');
+
+// Generates a payload hash and compares it to the payload signature
+const isValidSignature = (req, secret) => {
+  return signatureHelper.isValidSignatureFromString(
+    req.body, // Use raw body data from the request, i.e., by using body-parser
+    secret,
+    req.headers['x-kontent-ai-signature']
+  );
+};
diff --git a/net/using-webhooks/webhooks_vnext_validate_signature.cs b/net/using-webhooks/webhooks_vnext_validate_signature.cs
@@ -0,0 +1,18 @@
+// Tip: Find more about .NET SDKs at https://kontent.ai/learn/net
+using System;
+using System.Security.Cryptography;
+using System.Text;
+
+// Generates a payload hash to compare with the 'X-Kontent-ai-Signature' header value
+private static string GenerateHash(string message, string secret)
+{
+    secret = secret ?? "";
+    UTF8Encoding SafeUTF8 = new UTF8Encoding(encoderShouldEmitUTF8Identifier: false, throwOnInvalidBytes: true);
+    byte[] keyBytes = SafeUTF8.GetBytes(secret);
+    byte[] messageBytes = SafeUTF8.GetBytes(message);
+    using (HMACSHA256 hmacsha256 = new HMACSHA256(keyBytes))
+    {
+        byte[] hashmessage = hmacsha256.ComputeHash(messageBytes);
+        return Convert.ToBase64String(hashmessage);
+    }
+}
diff --git a/php/use-webhooks/webhooks_vnext_validate_signature.php b/php/use-webhooks/webhooks_vnext_validate_signature.php
@@ -0,0 +1,7 @@
+<?php
+// Example of generating the hash to verify the notification
+$givenSignature = $_SERVER['HTTP_X_KONTENT_AI_SIGNATURE'];
+$computedSignature = base64_encode(hash_hmac('sha256', $json_message, $secret, true));
+
+$result = hash_equals($givenSignature, $computedSignature);
+?>
diff --git a/ts/use-webhooks/webhooks_vnext_validate_signature.ts b/ts/use-webhooks/webhooks_vnext_validate_signature.ts
@@ -0,0 +1,11 @@
+// Tip: Find more about JS/TS SDKs at https://kontent.ai/learn/javascript
+import { signatureHelper } from '@kontent-ai/webhook-helper';
+
+// Example of generating the hash to verify the notification
+const isValidSignature = (req, secret) => {
+  return signatureHelper.isValidSignatureFromString(
+    req.body, // Use raw body data from the request, i.e., by using body-parser
+    secret,
+    req.headers['x-kontent-ai-signature']
+  );
+};