WooCommerce webhook c# - 比较哈希 [英] WooCommerce webhook c# - compare hash
问题描述
有人能告诉我如何从 WooCommerce webhook 重新创建哈希以与请求中的X-WC-Webhook-Signature"标头哈希进行比较?
Can someone tell me how I can recreate the hash from WooCommerce webhook to compare with the "X-WC-Webhook-Signature" header hash from the request?
文档指定哈希是从有效负载"生成的,但我无法生成相同的哈希.
The documentation specifies the hash is generated from the 'payload', but I am unable to generate the same hash.
我的 API 是 .NET Core 3.1
My API is .NET Core 3.1
我尝试的第一件事:
var secret = "XXX";
var requestHash = Request.Headers["X-WC-Webhook-Signature"];
var generatedHash = "";
Stream byteContent = Request.Body;
byte[] keyByte = encoding.GetBytes(secret);
using(var hmacsha256 = new HMACSHA256(keyByte))
{
byte[] hashmessage = hmacsha256.ComputeHash(byteContent);
generatedHash = Convert.ToBase64String(hashmessage);
}
if(requestHash == generatedHash)
{
// Succes
}
第二:
using(StreamReader reader = new StreamReader(Request.Body, Encoding.UTF8))
{
String json = await reader.ReadToEndAsync();
var generatedHash = "";
byte[] messageBytes = encoding.GetBytes(json);
keyByte = encoding.GetBytes(secret);
using(var hmacsha256 = new HMACSHA256(keyByte))
{
byte[] hashmessage = hmacsha256.ComputeHash(messageBytes);
generatedHash = Convert.ToBase64String(hashmessage);
}
if(requestHash == generatedHash)
{
// Succes
}
}
推荐答案
我遇到了同样的问题,这是我所做的:
I had the same problem and here's what I did:
using System.Security.Cryptography;
if (Request.Headers.TryGetValue("X-WC-Webhook-Signature", out var headerValues))
{
XWCWebhookSignature = headerValues.FirstOrDefault();
}
var encoding = new UTF8Encoding();
var key = "yourKeyValue";
var keyBytes = encoding.GetBytes(key);
var hash = new HMACSHA256(keyBytes);
var computedHash = hash.ComputeHash(Request.Body);
var computedHashString = System.Convert.ToBase64String(computedHash);
if (XWCWebhookSignature != computedHashString)
{
return Unauthorized();
}
更新:为此,您需要转到 Startup.cs 文件并找到services.Configure"部分.添加 options.AllowSynchronousIO = true;
Update: For this to work you will need to go to Startup.cs file and find "services.Configure" section. Add options.AllowSynchronousIO = true;
它应该是这样的:
services.Configure<IISServerOptions>(options =>
{
options.AllowSynchronousIO = true;
});
这篇关于WooCommerce webhook c# - 比较哈希的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!