Validating WebHooks in C#

So, after a little work, I was able to validate web hooks using C#. Here is the method :).

HMACSHA256 hmac = new HMACSHA256(System.Text.Encoding.UTF8.GetBytes(_dwollaOptions.WebHookSecret));

            Stream req = context.HttpContext.Request.Body;
            req.Seek(0, SeekOrigin.Begin);
            string json = new StreamReader(req).ReadToEnd();

            var validationHash = BitConverter.ToString(hmac.ComputeHash(System.Text.Encoding.UTF8.GetBytes(json))).Replace("-", "").ToLower();

            if (context.HttpContext.Request.Headers["X-Request-Signature-Sha-256"].ToString() != validationHash)
            {
                context.Result = new UnauthorizedResult();
            }
1 Like

This is very helpful!

Thank you so much for sharing, @vincentbetro! :slight_smile:

1 Like