我有一个Webhook订阅,我需要使用散列的秘密(X-Raas-Webhook-Signature)对它进行身份验证。
由网络挂钩生成的POST如下所示:
POST /api-listener.php HTTP/1.1
Host: d47f3520.ngrok.io
Content-Type: application/json
X-Raas-Event: sender_created
X-Raas-Webhook-Signature: 4ccc4a9cc7368b4293d8d4bac4ea0ecff6c92d405b381cad039f6ecc2c519242
User-Agent: PostmanRuntime/7.20.1
Accept: */*
Cache-Control: no-cache
Postman-Token: d2edb722-ece0-449c-85c8-1e04e03200de,d799fa21-4d25-40a2-b9da-02fe61be64c4
Host: d47f3520.ngrok.io
Accept-Encoding: gzip, deflate
Content-Length: 328
Connection: keep-alive
cache-control: no-cache
{
"event_name": "sender_created",
"persisted_object_id": "eed8ebf9-81a4-432f-acd1-450744748d0c",
"resource_id": "8f7bb4db-7b15-4df2-8062-e1088f84cab9",
"sender_id": "8f7bb4db-7b15-4df2-8062-e1088f84cab9",
"subscription_id": "00eb5fae-4495-4ff5-ba98-e7328e260156",
"timestamp": "2019-12-18T22:12:52.289"
}
api-listener.php的PHP代码
<?php
$secret = "a550e6f1-22bc-456f-801c-9369883a76bb"; //the secret code assigned to our website
$arr = json_decode($body, true);
$txt = "";
$txt = $txt . "event_name" . " => " . $arr["event_name"] . "\n";
$txt = $txt . "persisted_object_id" . " => " . $arr["persisted_object_id"] .
$txt = $txt . "resource_id" . " => " . $arr["resource_id"] . "\n";
$txt = $txt . "sender_id" . " => " . $arr["sender_id"] . "\n";
$txt = $txt . "subscription_id" . " => " . $arr["subscription_id"] . "/n";
$txt = $txt . "timestamp" . " => " . $arr["timestamp"] . "\n";
$myfile = fopen("newfile.txt", "w") or die("Unable to open file!");
fwrite($myfile, $txt);
fclose($myfile);
?>