如何解决Square Webhook 验证
我在使用 Square Webhook 验证时遇到了问题。
官方文档 https://github.com/square/connect-api-examples/blob/master/connect-examples/v1/python/webhooks.py
def is_valid_callback(callback_body,callback_signature):
string_to_sign = webhook_url + callback_body
string_signature = hmac.new(webhook_signature_key,string_to_sign,sha1).digest().encode('base64')
string_signature = string_signature.rstrip('\n')
return hmac.compare_digest(string_signature,callback_signature)
但它不起作用(
所以我用这种方式解决了这个问题。完整的 API 端点
class SquareWebhookEndpoint(APIView):
"""
Endpoint to square webhooks
"""
def initialize_request(self,request,*args,**kwargs):
"""
Returns the initial request object.
"""
return Request(request)
def post(self,**kwargs):
callback_signature = request.Meta.get('HTTP_X_SQUARE_SIGNATURE')
payload = request.body.decode('utf-8')
# Validate the signature
if not is_valid_callback(payload,callback_signature):
return Response(
{'error': 'Webhook event with invalid signature detected!'},status=status.HTTP_400_BAD_REQUEST
)
callback_body_dict = json.loads(payload)
if 'type' in callback_body_dict and callback_body_dict['type'] == 'subscription.updated':
obj = callback_body_dict.get('data',{}).get('object')
try:
(your code)
except Exception as e:
return HttpResponse(e,status=status.HTTP_409_CONFLICT)
return HttpResponse('success',status=status.HTTP_200_OK)
def is_valid_callback(payload,callback_signature):
webhook_signature_key = 'REPLACE_ME'
webhook_url = 'REPLACE_ME'
string_to_sign = bytes(str(webhook_url + payload),'utf8')
key = bytes(str(webhook_signature_key),'utf8')
hashed = hmac.new(key,hashlib.sha1)
string_signature = base64.encodebytes(hashed.digest()).decode('utf-8')
string_signature = string_signature.rstrip('\n')
return hmac.compare_digest(callback_signature,string_signature)
希望能帮到人
版权声明:本文内容由互联网用户自发贡献,该文观点与技术仅代表作者本人。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌侵权/违法违规的内容, 请发送邮件至 dio@foxmail.com 举报,一经查实,本站将立刻删除。
