Not able to get web hook signature from redirect URL headers,

devanshu sharma said:

Now web hook signature is not able get from redirect URL headers

Could you elaborate what you mean by this? Is the registered webhook handler issuing a redirect to the Community?

yes

Shouldn't the webhook handler URL be updated in Community? Or is there a reason to maintain the original URL?

Hi Ben,

Below is code snippet as per documentation(https://community.telligent.com/community/12/a/developer-training/c/webhooks ) of webhook.

-------------------------------------------------------------------------

string senderUrl = HttpContext.Request.Headers["X-Telligent-Webhook-Sender"];
string hashSignature = HttpContext.Request.Headers["X-Telligent-Webhook-Signature"];

string rawPostData;
using (var reader = new System.IO.StreamReader(HttpContext.Request.InputStream))
{
rawPostData = reader.ReadToEnd();
}

// Validate the posted data's authenticity
string calculatedSignature = CalculateSignature(rawPostData, SECRET_KEY);
if (!hashSignature.Equals(calculatedSignature))

----------------------------------------------------------------------------

In the last line, we are trying to compare hashSignature which is provided by Telligent framework to the calculatedSignature generated by rawPostData &  SECRET_KEY.

Once this condition matches we proceed further, but in current scenario we are unable to receive any value from HttpContext.Request.Headers["X-Telligent-Webhook-Signature"] 

So, please guide me if i am missing any configuration to receive value successfully.

Thanks

If you are attempting to redirect the response on your side you shouldn't.  There should not be an expectation that when you do a redirect that headers are redirected as well(they generally are not).  

Our only query is we are not getting string value of  hashSignature = HttpContext.Request.Headers["X-Telligent-Webhook-Signature"];

do we need to do some kind of backend configuration for this?

What is you webhook handler doing?  Are you trying to read the headers in the page/endpoint community is calling or are you attempting to redirect the request elsewhere then read the headers?  

I found the solution that is

Use >> HttpContext.Request.Headers["x-telligent-webhook-signature"]

instead of >> HttpContext.Request.Headers["X-Telligent-Webhook-Signature"]

issue with camel case

Do you have a proxy or other code that is affecting/rewriting the headers? The headers are written from Community with the casing in the documentation--they are not lowercase.

Previously I was going with Documentation & use 

Use >> HttpContext.Request.Headers["x-telligent-webhook-signature"]

instead of >> HttpContext.Request.Headers["X-Telligent-Webhook-Signature"] 

but i found that headers are coming null, after that i tried with lower case then i got values.

I don't have any proxy who affecting/rewriting the headers.

For testing of webhook url i use third party url in my local setup

Webhook URL : https://pipedream.com/