Coverage for fingerprint_server_sdk / webhook_validation.py: 100%

18 statements  

« prev     ^ index     » next       coverage.py v7.13.4, created at 2026-03-11 18:41 +0000

1import hashlib 

2import hmac 

3 

4 

5class WebhookValidation: 

6 """Manages work with webhooks.""" 

7 

8 @staticmethod 

9 def is_valid_hmac_signature(signature: str, data: bytes, secret: str) -> bool: 

10 """Validates an HMAC signature.""" 

11 hmac_instance = hmac.new(secret.encode('utf-8'), data, hashlib.sha256) 

12 computed_hash = hmac_instance.hexdigest() 

13 return signature == computed_hash 

14 

15 @staticmethod 

16 def is_valid_webhook_signature(header: str, data: bytes, secret: str) -> bool: 

17 """Verifies the HMAC signature extracted from the "fpjs-event-signature" header. 

18 

19 This is a part of the webhook signing process, which is available only for 

20 enterprise customers. If you wish to enable it, please contact our support: 

21 https://fingerprint.com/support 

22 """ 

23 

24 signatures = header.split(',') 

25 

26 for signature in signatures: 

27 parts = signature.split('=') 

28 if len(parts) == 2: 

29 version, hash_value = parts 

30 if version == 'v1' and WebhookValidation.is_valid_hmac_signature( 

31 hash_value, data, secret 

32 ): 

33 return True 

34 

35 return False