Skip to content

Commit

Permalink
refactor: rename webhook signature functions
Browse files Browse the repository at this point in the history
  • Loading branch information
@TheUnderScorer
TheUnderScorer committed Jun 12, 2024
1 parent 993f3c2 commit 1a2a21a
Show file tree
Hide file tree
Showing 2 changed files with 13 additions and 13 deletions.
10 changes: 5 additions & 5 deletions src/webhook.ts
View file
Original file line number Diff line number Diff line change
@@ -1,10 +1,10 @@
import crypto from 'crypto'

function checkWebhookSignature(signature: string, data: Buffer, secret: string) {
function isValidHmacSignature(signature: string, data: Buffer, secret: string) {
return signature === crypto.createHmac('sha256', secret).update(data).digest('hex')
}

export interface IsValidHmacSignatureParams {
export interface IsValidWebhookSignatureParams {
/**
* The value of the "fpjs-event-signature" header.
* */
Expand All @@ -23,7 +23,7 @@ export interface IsValidHmacSignatureParams {
* Verifies the HMAC signature extracted from the "fpjs-event-signature" header of the incoming request. This is a part of the webhook signing process, which is available only for enterprise customers.
* If you wish to enable it, please contact our support: https://fingerprint.com/support
*
* @param {IsValidHmacSignatureParams} params
* @param {IsValidWebhookSignatureParams} params
* @param {string} params.signatureHeader - The value of the "fpjs-event-signature" header.
* @param {Buffer} params.data - The raw data of the incoming request.
* @param {string} params.secret - The secret key used to sign the request.
Expand Down Expand Up @@ -53,14 +53,14 @@ export interface IsValidHmacSignatureParams {
* }
* ```
*/
export function isValidHmacSignature(params: IsValidHmacSignatureParams): boolean {
export function isValidWebhookSignature(params: IsValidWebhookSignatureParams): boolean {
const { header, data, secret } = params

const signatures = header.split(',')
for (const signature of signatures) {
const [version, hash] = signature.split('=')
if (version === 'v1') {
if (checkWebhookSignature(hash, data, secret)) {
if (isValidHmacSignature(hash, data, secret)) {
return true
}
}
Expand Down
16 changes: 8 additions & 8 deletions tests/unit-tests/webhookTests.spec.ts
View file
Original file line number Diff line number Diff line change
@@ -1,32 +1,32 @@
import { isValidHmacSignature } from '../../src'
import { isValidWebhookSignature } from '../../src'

const secret = 'secret'
const data = Buffer.from('data')

const validHeader = 'v1=1b2c16b75bd2a870c114153ccda5bcfca63314bc722fa160d690de133ccbb9db'

describe('Is valid hmac signature', () => {
describe('Is valid webhook signature', () => {
it('with valid signature', () => {
expect(isValidHmacSignature({ header: validHeader, data: data, secret: secret })).toEqual(true)
expect(isValidWebhookSignature({ header: validHeader, data: data, secret: secret })).toEqual(true)
})

it('with invalid header', () => {
expect(isValidHmacSignature({ header: 'v2=invalid', data: data, secret: secret })).toEqual(false)
expect(isValidWebhookSignature({ header: 'v2=invalid', data: data, secret: secret })).toEqual(false)
})

it('with header without version', () => {
expect(isValidHmacSignature({ header: 'invalid', data: data, secret: secret })).toEqual(false)
expect(isValidWebhookSignature({ header: 'invalid', data: data, secret: secret })).toEqual(false)
})

it('with empty header', () => {
expect(isValidHmacSignature({ header: '', data: data, secret: secret })).toEqual(false)
expect(isValidWebhookSignature({ header: '', data: data, secret: secret })).toEqual(false)
})

it('with empty secret', () => {
expect(isValidHmacSignature({ header: validHeader, data: data, secret: '' })).toEqual(false)
expect(isValidWebhookSignature({ header: validHeader, data: data, secret: '' })).toEqual(false)
})

it('with empty data', () => {
expect(isValidHmacSignature({ header: validHeader, data: Buffer.from(''), secret: secret })).toEqual(false)
expect(isValidWebhookSignature({ header: validHeader, data: Buffer.from(''), secret: secret })).toEqual(false)
})
})

0 comments on commit 1a2a21a

Please sign in to comment.