Hello @Adamski
I have flagged this question internally with a Dev expert and i will keep you posted on their update.
Kind regards
Albert Williams
Hello @Adamski
My dev has responding with the following:
We use HMAC-SHA256 to calculate digest -
echo -n '<PAYLOAD>' | openssl dgst -sha256 -hmac '<SECRET_KEY>'
I hope this answers your questions?
Kind regards
Albert Williams
Hi @Albert Williams ,
thank you for the confirmation, I now see where my problem is. Commvault appends a trailing space to the PAYLOAD before the signature is calculated.
I have set my alert template for the webhook as follows, all info is static, no tokens, no trailing spaces or new lines:
{"alertCategoryAlertType": "testtype","alertEventId": "123","clientDisplayName": "testclient","utcTime": "Mon Sep 23 13:53:27 2024"}
When I test the webhook, I see the digest in the header coming in as:
"x-cv-signature-256": "9dc53ebcdd55a34ae4e6b8b732305ab7c1f2ef4e79303f1fbf2457bcb1c2f7ec",
With the payload shown in the log as
"body": "{\"alertCategoryAlertType\": \"testtype\",\"alertEventId\": \"123\",\"clientDisplayName\": \"testclient\",\"utcTime\": \"Mon Sep 23 13:53:27 2024\"} ",
Here are my digest calculations
# PAYLOAD copied from the alert template
echo -n '{"alertCategoryAlertType": "testtype","alertEventId": "123","clientDisplayName": "testclient","utcTime": "Mon Sep 23 13:53:27 2024"}' | openssl dgst -sha256 -hmac 'TestSecret'
SHA2-256(stdin)= f74dec8dc8c5ea22bc8e56c42a01ff500205c185c77249709adcc9a9bb3ab094
# PAYLOAD copied from the alert template and a trailing space added
# this one corresponds to the digest calculated by Commvault
echo -n '{"alertCategoryAlertType": "testtype","alertEventId": "123","clientDisplayName": "testclient","utcTime": "Mon Sep 23 13:53:27 2024"} ' | openssl dgst -sha256 -hmac 'TestSecret'
SHA2-256(stdin)= 9dc53ebcdd55a34ae4e6b8b732305ab7c1f2ef4e79303f1fbf2457bcb1c2f7ec
I will raise a support ticket for this.