Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Verify webhook signature #12

Open
RobRoseKnows opened this issue Feb 7, 2022 · 2 comments
Open

Verify webhook signature #12

RobRoseKnows opened this issue Feb 7, 2022 · 2 comments

Comments

@RobRoseKnows
Copy link

I was thinking of submitting a PR to verify webhook signatures since this Engine doesn't do that already.

I was wondering what the best behavior would be for invalid signatures though:

  1. Return a bad status code
  2. Log an error
  3. Raise an exception

Do you have any thoughts?
@asgerb
Copy link
Owner

asgerb commented Aug 21, 2024

@RobRoseKnows sorry for not getting to this until now. My initial hunch is to go for raising an exception, that feels like the most visible way of dealing with it. Do you have any thoughts and arguments for the different approaches?

@asgerb
Copy link
Owner

asgerb commented Aug 21, 2024

@RobRoseKnows I was looking for some prior art and it seems in the mux node sdk they raise an error too:
https://github.com/muxinc/mux-node-sdk/blob/5b63e5bebb948c095b8593c8d4acc976ed8158a4/src/resources/webhooks.ts#L115

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@RobRoseKnows @asgerb