Hi
i was wondering if there were any examples of verifying the webhook response, using nodejs.
Thanks,
kodjo
Unfortunately no, but if you see any error, please let us know.
Hey @dino I am trying to verify binance pay webhook signature in node js by creating new endpoint which listen binance webhook success/failed response and save it to databse. I have followed this document Webhook Common Rules | Binance Open Platform but i am unable to get the webhook success/Error response in return getting bad request. I also followed this FAQ | Binance Open Platform but still fails.
hi @dino thanks again, the main issue I am having is, I do not have a public certificate which I can use to verify the call. Was wondering if you know where I could find it.
import { Injectable, CanActivate, ExecutionContext } from ‘@nestjs/common’;
import { Request } from ‘express’;
import * as crypto from ‘crypto’;
// PUT YOUR PUBLIC KEY HERE
const publicKey =
‘-----BEGIN PUBLIC KEY-----\n’ +
‘-----END PUBLIC KEY-----’;
@Injectable()
export class BinancePayGuard implements CanActivate {
canActivate(context: ExecutionContext): boolean {
const request: Request = context.switchToHttp().getRequest();
const signatureHeader: string = request.headers[
'binancepay-signature'
] as string;
const decodedSignature: Buffer = Buffer.from(signatureHeader, 'base64');
if (request.body.bizIdStr) {
request.body.bizId = request.body.bizIdStr;
}
const payload: string = `${request.headers['binancepay-timestamp']}\n${
request.headers['binancepay-nonce']
}\n${JSON.stringify(request.body)}\n`.replace(
/"bizId":"([^"]*)"/g,
'"bizId":$1',
);
const signature: Buffer = Buffer.from(decodedSignature);
const data: Buffer = Buffer.from(payload);
const isVerified: boolean = crypto.verify(
'sha256',
data,
{
key: publicKey,
padding: crypto.constants.RSA_PKCS1_PADDING,
},
signature,
);
return isVerified;
}
}