python - Shopify Webhook HMAC 验证与 Flask
问题描述
我正在尝试验证收到的 Webhook 是否来自 Shopify。他们有这个文档,但它不起作用(出现类型错误)。
这是我到目前为止所拥有的。它不会产生错误,但该verify_webhook
函数总是返回 false。
from flask import Flask, request, abort
import hmac
import hashlib
import base64
app = Flask(__name__)
SECRET = '...'
def verify_webhook(data, hmac_header):
digest = hmac.new(SECRET.encode('utf-8'), data, hashlib.sha256).digest()
genHmac = base64.b64encode(digest)
return hmac.compare_digest(genHmac, hmac_header.encode('utf-8'))
@app.route('/', methods=['POST'])
def hello_world(request):
print('Received Webhook...')
data = request.get_data()
hmac_header = request.headers.get('X-Shopify-Hmac-SHA256')
verified = verify_webhook(data, hmac_header)
if not verified:
return 'Integrity of request compromised...', 401
print('Verified request...')
if __name__ == '__main__':
app.run()
我究竟做错了什么?
解决方案
回答:
from flask import Flask, request, abort
import hmac
import hashlib
import base64
app = Flask(__name__)
SECRET = '...'
def verify_webhook(data, hmac_header):
digest = hmac.new(SECRET.encode('utf-8'), data, hashlib.sha256).digest()
genHmac = base64.b64encode(digest)
return hmac.compare_digest(genHmac, hmac_header.encode('utf-8'))
@app.route('/', methods=['POST'])
def hello_world(request):
print('Received Webhook...')
data = request.data # NOT request.get_data() !!!!!
hmac_header = request.headers.get('X-Shopify-Hmac-SHA256')
verified = verify_webhook(data, hmac_header)
if not verified:
return 'Integrity of request compromised...', 401
print('Verified request...')
if __name__ == '__main__':
app.run()
问题就在这data = request.get_data()
条线上。
推荐阅读
- python - JSONDecodeError at / Expecting value: line 1 column 1 (char 0)
- nginx - 如何配置 nginx 代理 x.example.com/a/xxx 到 a.example.com/xxx
- python - 抓取网站时尝试对位置进行编码/解码
- python - Matplotlib:设置颜色时在 SVG 中绘制圆边的 fill_between
- typescript - 使用 vss-web-extensions-sdk 发布管理 API 和分页
- dart - Flutter VideoPlayerController “在构建期间调用了 setState() 或 markNeedsBuild()。”
- c# - 如何在没有实例化和销毁的情况下切换游戏对象?
- maxima - 如何为符号变量添加双下标?
- matlab - Matlab中的k-means算法给出错误答案?
- python - 如何在 Python 包/扩展中使用 Crystal?