I have seen that others have solved this problem, and the solutions do not work for me. I have struggled with this for far too long today, so I hope someone here can help me figure out what I've done wrong.
My Signature Key:
34AD498CD36B7D9BE390EAC08E43964E1D9F04E031F6E4356B726165A5810B2938657BB064CACAE854A294522D67768E4E4DEDB135F106E562415CECF19AB7BA
The body sent by the Webhook Test:
{"notificationId":"b72ec390-8160-4276-8d70-ec279081809d","eventType":"net.authorize.payment.authcapture.created","eventDate":"2024-07-27T16:47:07.675394Z","webhookId":"ac14035d-c32c-4afd-831d-625f20e15e4a","payload":{"responseCode":21,"merchantReferenceId":null,"authCode":"572","avsResponse":"M","authAmount":12.5,"amount":0.0,"entityName":"transaction","id":"245","customerType":null,"name":null,"status":null,"profile":null,"fraudList":null,"paymentProfiles":null,"merchantCustomerId":null,"description":null}}
My computed hash:
d316041849f5de7c68e33d201605999541bdc76203228aa64695ea1738e43c87618e02baafdb2d766a8905b449597743252550e1814c351b0eb8caab3971def9
Hash in the X-ANET-Signature header:
private bool IsEventValid(AuthNotifyEventBody authNotifyEventBody, string Header)
{
var key = Environment.GetEnvironmentVariable(AUTHNET_SECRET);
if (string.IsNullOrEmpty(key))
{
Log.Error(string.Format("Billing.Notification: Missing Environment Variable: {0}", AUTHNET_SECRET));
return false;
}
var body = JsonConvert.SerializeObject(authNotifyEventBody);
var hash = ComputeHmacSha512(key, body);
var isValid = hash.Equals(Header, StringComparison.OrdinalIgnoreCase);
if (!isValid)
{
Log.Error(string.Format("Billing.Notification: Key\n\n{0}", key));
Log.Error(string.Format("Billing.Notification: Body\n\n{0}", body));
Log.Error(string.Format("Billing.Notification: Signature\n\n{0}", Header));
Log.Error(string.Format("Billing.Notification: Hash\n\n{0}", hash));
}
return isValid;
}
private string ComputeHmacSha512(string key, string data)
{
byte[] _key = Encoding.ASCII.GetBytes(key);
using (var myhmacsha1 = new HMACSHA1(_key))
{
var hashArray = new HMACSHA512(_key).ComputeHash(Encoding.ASCII.GetBytes(data));
return hashArray.Aggregate("", (s, e) => s + String.Format("{0:x2}", e), s => s);
}
}
I have used my key and the body sent in the request to generate a hash at https://www.freeformatter.com/hmac-generator.html, and it matches my hash.
I cannot see what I have done incorrectly, and every time I execute a test from the merchant webhooks page, the hash coming through in the request does not match my computed has.
Thanks for any assistance!
07-27-2024 10:17 AM