vikarti.anatra/Skyvern
1
0
Fork 0
mirror of https://github.com/Skyvern-AI/skyvern.git synced 2025-09-11 07:54:37 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 4

webhook request validation doc update (#739)

Browse source
This commit is contained in:
Shuchang Zheng 2024-08-26 18:06:58 -07:00 committed by GitHub
parent 3442bbfa68
commit 32fe08b382
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
1 changed files with 23 additions and 6 deletions
Download patch file Download diff file Expand all files Collapse all files

21
docs/running-tasks/webhooks-faq.mdx
View file

@ -10,9 +10,11 @@ We use Webhooks for executing tasks as the expected runtime of these jobs can ex
## How do we handle webhook authentication? (ie how can we handle callbacks?)
- a python example for how to generate the signature:
<CodeGroup>
```python validate_skyvern_request.py
import hmac
from fastapi import Request
```python
def validate_skyvern_request_headers(request: Request) -> bool:
header_skyvern_signature = request.headers["x-skyvern-signature"]
payload = request.body() # this is a bytes
@ -21,6 +23,21 @@ def validate_skyvern_request_headers(request: Request) -> bool:
return header_skyvern_signature == client_generated_signature
```
```javascript validateSkyvernRequest.js
const crypto = require('crypto');
function validateSkyvernRequestHeaders(req) {
const headerSkyvernSignature = req.headers['x-skyvern-signature'];
const payload = req.body; // assuming req.body is a Buffer or string
const hash = crypto.createHmac('sha256', process.env.SKYVERN_API_KEY)
.update(payload)
.digest('hex');
return headerSkyvernSignature === hash;
}
```
</CodeGroup>
SKYVERN_API_KEY: this is the [api key](/running-tasks/introduction) specific to your organization
# Webhook common parameters