Not able to match x-airtable-content-mac header from webhook request

Hi,

I am having an issue to match the airtable-content-mac from the header with the one I computed following the instructions from the documentation .

So we tried the following:

const decodedMacSecret = atob('macSecretBase64'); //macSecretBase64 from create webhook
const body = `{
  "base": {
    "id": "appjRdIX59U4YEy4l"
  },
  "webhook": {
    "id": "achXH94CxHYGdUcje"
  },
  "timestamp": "2024-03-06T00:32:58.992Z"
}`

const hmac = createHmac('sha256', decodedMacSecret);
console.log(body)
hmac.update(body.toString(), 'ascii'); // I also tried JSON.stringify(body); 
console.log('received header: hmac-sha256=0fb79298bc57a45a34ca1d04f5237fd4a9a9223fd5c90cc04f35d3c3890180cc');
console.log('computed:        hmac-sha256=' + hmac.digest('hex'));

Thanks

Page 1 / 1

I was using atob to decode the mac secret that is why it was not working.

This piece of code worked !

const macSecretFromCreate = "<mac_secret_string_from_create_endpoint>";
const macSecretDecoded = new Buffer(macSecretFromCreate, 'base64');

// example request body
const requestBody = '{"base":{"id":"<the app id>"},"webhook":
{"id":"<the webhook id>"},"timestamp":"<timestamp value"}'

const hmac = require('crypto').createHmac('sha256', macSecretDecoded);
hmac.update(requestBody.toString(), 'ascii');
const expectedContentHmac = 'hmac-sha256=' + hmac.digest('hex');

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded