root/golib
1
0
Fork 0
mirror of https://github.com/therootcompany/golib.git synced 2026-03-02 23:57:59 +00:00
Code Issues Projects Releases Wiki Activity
golib/http/androidsmsgateway/signature.go
copilot-swe-agent[bot] 97e7b9d319 feat: add VerifySignature + webhook decode/signature tests 
Co-authored-by: coolaj86 <122831+coolaj86@users.noreply.github.com>
2026-03-02 08:37:57 +00:00

19 lines
619 B
Go
Raw Blame History

package androidsmsgateway
import (
"crypto/hmac"
"crypto/sha256"
"encoding/hex"
)
// VerifySignature verifies the HMAC-SHA256 signature of a webhook payload.
// The message is payload concatenated with timestamp (the X-Timestamp header value).
// The signature is the hex-encoded HMAC-SHA256 of that message using secretKey.
func VerifySignature(secretKey, payload, timestamp, signature string) bool {
message := payload + timestamp
mac := hmac.New(sha256.New, []byte(secretKey))
mac.Write([]byte(message))
expected := hex.EncodeToString(mac.Sum(nil))
return hmac.Equal([]byte(expected), []byte(signature))
}
Reference in New Issue View Git Blame Copy Permalink