Box.V2.Managers.BoxWebhooksManager.VerifyWebhook C# (CSharp) Method

BoxWebhooksManager Class Documentation Show file Open project: box/box-windows-sdk-v2

VerifyWebhook() public static method

Used to validate an incoming webhook by computing cryptographic digests of the notification's payload and comparing them to the digests computed by Box and placed in the BOX-SIGNATURE-PRIMARY and BOX-SIGNATURE-SECONDARY request headers. For more information about validating webhooks see https://docs.box.com/reference#signatures
public static VerifyWebhook ( string deliveryTimestamp, string signaturePrimary, string signatureSecondary, string payload, string primaryWebhookKey, string secondaryWebhookKey ) : bool
deliveryTimestamp string Value in BOX-DELIVERY-TIMESTAMP header.
signaturePrimary string Value in BOX-SIGNATURE-PRIMARY header.
signatureSecondary string Value in BOX-SIGNATURE-SECONDARY header.
payload string Body of the incoming webhook request.
primaryWebhookKey string Primary webhook signature key.
secondaryWebhookKey string Secondary webhook signature key.
return bool 
        public static bool VerifyWebhook(string deliveryTimestamp, string signaturePrimary, string signatureSecondary, string payload, 
                                         string primaryWebhookKey, string secondaryWebhookKey)
        {
            var primaryKeyBytes = Encoding.UTF8.GetBytes(primaryWebhookKey);
            var secondaryKeyBytes = Encoding.UTF8.GetBytes(secondaryWebhookKey);
            var bodyBytes = Encoding.UTF8.GetBytes(payload);
            var allBytes = bodyBytes.Concat(Encoding.UTF8.GetBytes(deliveryTimestamp)).ToArray();
            using (var hmacsha256Primary = new HMACSHA256(primaryKeyBytes))
            using (var hmacsha256Secondary = new HMACSHA256(secondaryKeyBytes))
            {
                byte[] hashBytes = hmacsha256Primary.ComputeHash(allBytes);
                var hashPrimary = Convert.ToBase64String(hashBytes);

                hashBytes = hmacsha256Secondary.ComputeHash(allBytes);
                var hashSecondary = Convert.ToBase64String(hashBytes);

                if (hashPrimary != signaturePrimary && hashSecondary != signatureSecondary)
                {
                    return false;
                }
            }

            return true;

        }
    }
BoxWebhooksManager
BoxWebhooksManager
CreateWebhookAsync
DeleteWebhookAsync
GetAllWebhooksAsync
GetWebhookAsync
GetWebhooksAsync
UpdateWebhookAsync
VerifyWebhook