Expand description
Outbound webhook delivery following the Standard Webhooks specification.
This module provides signed outbound HTTP POST requests using HMAC-SHA256, plus verification helpers for incoming webhook requests.
§Provides
| Type | Purpose |
|---|---|
WebhookSender | Signs and delivers webhook payloads via HTTP POST. Clone-cheap (Arc inside). |
WebhookSecret | HMAC-SHA256 signing key. Serialized as whsec_<base64>. Debug output is redacted. |
WebhookResponse | HTTP status code and body bytes returned by the endpoint. |
SignedHeaders | The three Standard Webhooks request headers produced by sign_headers(). |
sign() | Compute a raw HMAC-SHA256 signature (base64-encoded). |
verify() | Verify a raw HMAC-SHA256 signature with constant-time comparison. |
sign_headers() | Build the three Standard Webhooks headers from id, timestamp, body, and secrets. |
verify_headers() | Verify incoming Standard Webhooks headers with replay-attack protection. |
§Quick start
use modo::webhook::{WebhookSender, WebhookSecret};
let sender = WebhookSender::default_client();
let secret: WebhookSecret = "whsec_dGVzdC1rZXktYnl0ZXM=".parse()?;
let response = sender.send(
"https://example.com/webhooks",
"msg_01HXYZ",
b"{\"event\":\"user.created\"}",
&[&secret],
).await?;
println!("endpoint returned {}", response.status);Structs§
- Signed
Headers - The three Standard Webhooks headers produced by
sign_headers. - Webhook
Response - Response returned after a webhook delivery attempt.
- Webhook
Secret - A webhook signing secret stored as raw bytes.
- Webhook
Sender - High-level webhook sender that signs and delivers payloads using the Standard Webhooks protocol.
Functions§
- sign
- Compute HMAC-SHA256 of
contentusingsecret, returned as standard base64. - sign_
headers - Build Standard Webhooks signed content and sign it with every secret in
secrets. - verify
- Verify a base64-encoded HMAC-SHA256 signature against
contentusingsecret. - verify_
headers - Parse Standard Webhooks headers from an incoming request and verify the signature.