Not able to match x-airtable-content-mac header from webhook request

Hi,

I am having an issue to match the airtable-content-mac from the header with the one I computed following the instructions from the documentation .

So we tried the following:

const decodedMacSecret = atob('macSecretBase64'); //macSecretBase64 from create webhook


const body = `{


  "base": {


    "id": "appjRdIX59U4YEy4l"


  },


  "webhook": {


    "id": "achXH94CxHYGdUcje"


  },


  "timestamp": "2024-03-06T00:32:58.992Z"


}`





const hmac = createHmac('sha256', decodedMacSecret);


console.log(body)


hmac.update(body.toString(), 'ascii'); // I also tried JSON.stringify(body); 


console.log('received header: hmac-sha256=0fb79298bc57a45a34ca1d04f5237fd4a9a9223fd5c90cc04f35d3c3890180cc');


console.log('computed:        hmac-sha256=' + hmac.digest('hex'));

Thanks

Page 1 / 1

I was using atob to decode the mac secret that is why it was not working.

This piece of code worked !

const macSecretFromCreate = "<mac_secret_string_from_create_endpoint>";


const macSecretDecoded = new Buffer(macSecretFromCreate, 'base64');





// example request body


const requestBody = '{"base":{"id":"<the app id>"},"webhook":


{"id":"<the webhook id>"},"timestamp":"<timestamp value"}'





const hmac = require('crypto').createHmac('sha256', macSecretDecoded);


hmac.update(requestBody.toString(), 'ascii');


const expectedContentHmac = 'hmac-sha256=' + hmac.digest('hex');

Reply

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded