Twitter signature does not match the generated

JeisonGonzlez18 · 2020-07-02T20:55:32.073Z

Hi there, I want to protect the requests made to the hook of my application, it could help me validate the twitter Signature, sent by twitter does not match the one generated from consumer_secret, the application is developed in node js.

this is what i am doing.

const twitterSignature = req.headers['X-Twitter-Webhooks-Signature'] || req.headers['x-twitter-webhooks-signature'];
            console.error(twitterSignature)

            
            const hash = crypto.createHmac('sha256', config.TWITTER_CONSUMER_SECRET)
                        .update(JSON.stringify(req.body))
                        .digest('base64');
            const hashstring = 'sha256=' + hash;
            return hashstring;

twitterSignature no match with hashstring
Thnks.

andypiper · 2020-07-02T21:13:36.339Z

Since you are using JavaScript, it may help you to take a look at our “autohook” example code. The file that implements signature validation is here.

system · 2020-07-16T21:13:47.657Z

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.