github-mirror/n8n
1
0
Fork 0
mirror of https://github.com/n8n-io/n8n.git synced 2026-05-25 22:05:20 +02:00
Code Issues Actions 27 Packages Projects Releases Wiki Activity Graph
episodic-memory-cli-fe
n8n/packages/nodes-base/nodes/Formstack/FormstackTriggerHelpers.ts
Dawid Myslak 4e2865206c
feat(Formstack Trigger Node): Add webhook request verification (#29495) 
Co-authored-by: Claude Opus 4.7 <noreply@anthropic.com>
2026-05-07 08:07:07 +00:00

39 lines
1.3 KiB
TypeScript
Raw Permalink Blame History

import { createHmac } from 'crypto';
import type { IWebhookFunctions } from 'n8n-workflow';
import { verifySignature as verifySignatureGeneric } from '../../utils/webhook-signature-verification';
/**
* Verifies the Formstack webhook signature.
*
* Formstack signs webhooks using HMAC SHA-256 over the raw request body, with
* the resulting hex digest sent in the `X-FS-Signature` header in the format
* `sha256=<hex>`.
*
* @returns true if the signature is valid, or no secret is configured
* (backward compatibility with webhooks created before signing was
* supported)
*/
export function verifySignature(this: IWebhookFunctions): boolean {
const req = this.getRequestObject();
const webhookData = this.getWorkflowStaticData('node');
const secret = webhookData.webhookSecret;
return verifySignatureGeneric({
getExpectedSignature: () => {
if (!secret || typeof secret !== 'string' || !req.rawBody) {
return null;
}
const hmac = createHmac('sha256', secret);
const payload = Buffer.isBuffer(req.rawBody) ? req.rawBody : Buffer.from(req.rawBody);
hmac.update(payload);
return `sha256=${hmac.digest('hex')}`;
},
skipIfNoExpectedSignature: !secret || typeof secret !== 'string',
getActualSignature: () => {
const sig = req.header('x-fs-signature');
return typeof sig === 'string' ? sig : null;
},
});
}
Reference in New Issue View Git Blame Copy Permalink