Cybersource Developer Community Cybersource Developer Community

nan40411 · ‎05-25-2023

Hello,

I found this post https://community.developer.cybersource.com/t5/Integration-and-Testing/Verify-WebHook-Notifications-... I replied there but it marked "Solved" and no one continue to reply it, so I would like to ask here. I am sorry if it is inconvenient because of my action. I try to verify the notifications but my code just doesn't work. Here is the code

const crypto = require('crypto');

app.post("/authorize/payment/created", (req, res)=> {

const hash = crypto.createHmac('sha512', signature_key)

.update(JSON.stringify(req.body))

.digest('hex')

.toUpperCase();

if ("sha512="+hash != req.headers["x-anet-signature"]) {

console.log({

result: false,

header: req.headers["x-anet-signature"],

hash

})

// do something

return;

}

// do something

});

Please give me a guidance

nan40411 · ‎05-31-2023

Hello,

Thank you very much for the reply. So in a way, the code I posted was correct? We generated new signature key so the key should be correct. I logged all the payload and sometimes it matches and sometimes it doesn't

sera_nikulin · ‎12-15-2023

Hey @nan40411

If it randomly matches and sometimes it doesn't - then probably you faced with the same issues as I.
Auth.net create a signature with authAmount #.## format (2 digits after period) but send in webhook in another format (for example 2 or 2.1) Try change manually authAmount to 2.00 or 2.10 - then you'll have valid signature.

Cybersource Developer Community Cybersource Developer Community

How to verify webhook notification in nodejs