我正在努力使签名事件webhook工作:
https://docs.sendgrid.com/for-developers/tracking-events/getting-started-event-webhook-security-features
我已经启用了它们,并且可以看到标头,但是verifySignature()总是返回false。
这是我的:
$eventWebhook = new EventWebhook();
$ecPublicKey = $eventWebhook->convertPublicKeyToECDSA($publicKey));
$payload = json_encode( $request->all()[0] ) . "rn";
$valid = $eventWebhook->verifySignature(
$ecPublicKey,
$payload,
$request->header('X-Twilio-Email-Event-Webhook-Signature'),
$request->header('X-Twilio-Email-Event-Webhook-Timestamp')
);
我得到多个事件,所以添加了[0]
让它像这样工作:
$eventWebhook = new EventWebhook();
$ecPublicKey = $eventWebhook->convertPublicKeyToECDSA(Cache::get('sendgrid-key'));
$payload = $request->getContent();
return $eventWebhook->verifySignature(
$ecPublicKey,
$payload,
$request->header('X-Twilio-Email-Event-Webhook-Signature'),
$request->header('X-Twilio-Email-Event-Webhook-Timestamp')
);