I’m trying to add a secret token to the webhooks but I’m not able to generate a valid signature following the documentation here: https://developer.shotgunsoftware.com/3d448f5e/#secret-token
Code:
body, _ := ioutil.ReadAll(req.Body)
fmt.Println(GetSignature(string(body), "mytoken"))
func GetSignature(input, key string) string {
key_for_sign := []byte(key)
h := hmac.New(sha1.New, key_for_sign)
h.Write([]byte(input))
return hex.EncodeToString(h.Sum(nil))
}Hey @guilherme.giacchetto—sorry we missed your question. Moving it over to the #webhooks to get the right eyes on it.
What’s the difference between req.Body and body once it has gone through ioutil.ReadAll?
All the bytes in the same order need to be used in the signing process. Some clients have had issues in the pas with the body payload being parsed by a library or it’s data being reordered (because the body would be parsed and then re-serialized to text in a different order). Some have also encountered issues because of extra whitespace.