无法验证从PayPal收到的Webhook。可用的示例很多,集成商没有足够的加密知识来完成任务。
遵循的指南是Webhook notifications。
不确定代码段有什么问题,结果始终为假。
调用notifications/verify-webhook-signature端点也会导致错误。
/// <summary>Verify PayPal Webhook Signature</summary>
/// <param name="webhookId">0YF54686R9851380C</param>
/// <param name="transmissionId">785bc690-901d-11ea-8fc5-17f05150a6df</param>
/// <param name="transmissionTime">2020-05-07T04:44:33Z</param>
/// <param name="certUrl">https://api.sandbox.paypal.com/v1/notifications/certs/CERT-.....</param>
/// <param name="transmissionSignature"></param>
/// <param name="webHookEvent">"{\"id\":\"WH-5P8216093E7920426-60J97470GW748563B\",\"create_time\":\"2020-05-07T11:43:48.000Z\",....</param>
private static void VerifyWebhookSignature(string webhookId, string transmissionId, string transmissionTime,
string certUrl, string transmissionSignature, string webHookEvent)
{
Crc32 crc32 = new Crc32();
String hash = string.Empty;
var arrayOfBytes = Encoding.UTF8.GetBytes(webHookEvent);
foreach (byte b in crc32.ComputeHash(arrayOfBytes)) hash += b.ToString("x2").ToLower();
string expectedSignature = String.Format("{0}|{1}|{2}|{3}", transmissionId,
transmissionTime, webhookId, hash);
string certData = new System.Net.WebClient().DownloadString(certUrl);
X509Certificate2 cert = new X509Certificate2(Encoding.UTF8.GetBytes(certData));
try
{
byte[] signature = Convert.FromBase64String(transmissionSignature);
byte[] expectedBytes = Encoding.UTF8.GetBytes(expectedSignature);
using (RSA rsa = cert.GetRSAPublicKey())
{
var verified = rsa.VerifyData(
expectedBytes,
signature,
HashAlgorithmName.SHA256,
RSASignaturePadding.Pkcs1);
Console.WriteLine($"Verified: {verified}");
}
}
catch (Exception ex)
{
throw;
}
}
答案 0 :(得分:0)
我可以确认您的实现可行,但是我不确定您要使用哪个实现来计算CRC32校验和。使用Crc32.NET时,以下代码段已足够:
var arrayOfBytes = Encoding.UTF8.GetBytes(webHookEvent);
string hash = Crc32Algorithm.Compute(arrayOfBytes).ToString();
感谢在这里提供它,我也在努力寻找可行的示例!
PS:刚刚在这里发现了官方实现:https://github.com/paypal/PayPal-NET-SDK/blob/master/Source/SDK/Api/WebhookEvent.cs#L156