function getAppSecretPath(authData, options = {}) { const appSecret = options.appSecret; if (!appSecret) { return ''; } const appsecret_proof = crypto .createHmac('sha256', appSecret) .update(authData.access_token) .digest('hex'); return `&appsecret_proof=${appsecret_proof}`; }
/** * @private */ HMAC(key, data) { return crypto .createHmac(this.digestDefinition.type, key) .update(data) .digest() }
api.post('/hook', function (req, res) { var signature = req.get('X-PDF-Signature', 'sha1=') var bodyCrypted = require('crypto') .createHmac('sha1', '12345') .update(JSON.stringify(req.body)) .digest('hex') if (bodyCrypted !== signature) { res.status(401).send() return } console.log('PDF webhook received', JSON.stringify(req.body)) res.status(204).send() })
// GitHub things // @TODO: get these in to their own files at some point const verifyGitHubSignature = (req = {}, secret = '') => { const sig = _.get(req.headers, 'x-hub-signature', null); const hmac = crypto.createHmac('sha1', secret); const digest = Buffer.from('sha1=' + hmac.update(JSON.stringify(req.body)).digest('hex'), 'utf8'); const checksum = Buffer.from(sig, 'utf8'); if (checksum.length !== digest.length || !crypto.timingSafeEqual(digest, checksum)) { return false; } else { return true; } }
const hmacSHA1 = (key: string, data: string) => { // hmac.digest([encoding]) // If encoding is provided a string is returned; otherwise a Buffer is returned; return crypto.createHmac('sha1', key).update(data).digest().toString('base64'); }
function generateSignature (payload, key) { return crypto.createHmac('sha1', key).update(payload).digest('hex') }
.update(this.app.config.user_pwd_salt_addition) .digest('hex');
.update(this.app.config.user_pwd_salt_addition) .digest('hex');
let hash = crypto.createHmac('sha256', LINE_CHANNEL_SECRET).update( rawBody).digest('base64');
console.error("error making webhook request", response.statusText); db("webhooks").where("id", webhook.id).update({health: response.statusText}).then(result => { .catch(error => { let health = error.errno || error db("webhooks").where("id", webhook.id).update({health}).then(result => { hmac.update(body); return hmac.digest('hex'); };
const facebookComputeSignature = (rawBody, appSecret) => { const properAppSecret = appSecret || getAppSecret() const hmac = createHmac('sha1', properAppSecret) hmac.update(rawBody, 'utf-8') const digest = hmac.digest('hex') return `sha1=${digest}` }
// Each request made by Nylas includes an X-Nylas-Signature header. The header // contains the HMAC-SHA256 signature of the request body, using your client // secret as the signing key. This allows your app to verify that the // notification really came from Nylas. function verify_nylas_request(req) { const digest = crypto .createHmac('sha256', config.nylasClientSecret) .update(req.rawBody) .digest('hex'); return digest === req.get('x-nylas-signature'); }
function getAppSecretPath(authData, options = {}) { const appSecret = options.appSecret; if (!appSecret) { return ''; } const appsecret_proof = crypto.createHmac('sha256', appSecret).update(authData.access_token).digest('hex'); return `&appsecret_proof=${appsecret_proof}`; }
// GitHub things // @TODO: get these in to their own files at some point const verifyGitHubSignature = (req = {}, secret = '') => { const sig = _.get(req.headers, 'x-hub-signature', null); const hmac = crypto.createHmac('sha1', secret); const digest = Buffer.from('sha1=' + hmac.update(JSON.stringify(req.body)).digest('hex'), 'utf8'); const checksum = Buffer.from(sig, 'utf8'); if (checksum.length !== digest.length || !crypto.timingSafeEqual(digest, checksum)) { return false; } else { return true; } }
// Each request made by Nylas includes an X-Nylas-Signature header. The header // contains the HMAC-SHA256 signature of the request body, using your client // secret as the signing key. This allows your app to verify that the // notification really came from Nylas. function verify_nylas_request(req) { const digest = crypto .createHmac('sha256', config.nylasClientSecret) .update(req.rawBody) .digest('hex'); return digest === req.get('x-nylas-signature'); }