4

我有贝宝集成应用程序,它从贝宝接收 webhook 通知,我想根据文档验证签名:

验证签名 rest api 链接

这是我写的代码:

public async Task<ActionResult> Index()
    {
        var stream = this.Request.InputStream;

        var requestheaders = HttpContext.Request.Headers;
        var reader = new StreamReader(stream);
        var jsonReader = new JsonTextReader(reader);
        var serializer = new JsonSerializer();
        var webhook = serializer.Deserialize<Models.Event>(jsonReader); 

        var webhookSignature = new WebhookSignature();
        webhookSignature.TransmissionId = requestheaders["PAYPAL-TRANSMISSION-ID"];
        webhookSignature.TransmissionTime = requestheaders["PAYPAL-TRANSMISSION-TIME"];
        webhookSignature.TransmissionSig = requestheaders["PAYPAL-TRANSMISSION-SIG"];
        webhookSignature.WebhookId = "My actual webhookid from paypal account";
        webhookSignature.CertUrl = requestheaders["PAYPAL-CERT-URL"];
        webhookSignature.AuthAlgo = requestheaders["PAYPAL-AUTH-ALGO"];
        webhookSignature.WebhookEvent = webhook;
        var jsonStr2 = JsonConvert.SerializeObject(webhookSignature);
        var result = await _webhookService.VerifyWebhookSignatureAsync(webhookSignature);
        var jsonStr3 = JsonConvert.SerializeObject(result);

        return Content(jsonStr3, "application/json");
    }


  public async Task<Models.SignatureResponse> VerifyWebhookSignatureAsync(Models.WebhookSignature webhook, CancellationToken cancellationToken = default(CancellationToken))
    {
        var accessTokenDetails = await this.CreateAccessTokenAsync();
        _httpClient.DefaultRequestHeaders.Add("Authorization", "Bearer " + accessTokenDetails.AccessToken);
        try
        {
            string jsonStr = JsonConvert.SerializeObject(webhook);
            var content = new StringContent(jsonStr, Encoding.UTF8, "application/json");
            string url = $"{_baseUrl}notifications/verify-webhook-signature";
            var response = await _httpClient.PostAsync(url, content);
            if (!response.IsSuccessStatusCode)
            {
                var error = await response.Content.ReadAsStringAsync();
                throw new Exception(error);
            }
            string jsonContent = response.Content.ReadAsStringAsync().Result;
            return JsonConvert.DeserializeObject<Models.SignatureResponse>(jsonContent);
        }
        catch (Exception ex)
        {
            throw new InvalidOperationException("Request to Create payment Service failed.", ex);
        }

    }

Webhook 签名验证响应:

{“验证状态”:“失败”}

我从 api 收到 200K ok 响应,但响应的验证状态始终为 FAILURE。我尝试了许多不同的请求。

我不确定我的请求是否有问题。寻求帮助。

4

0 回答 0