Trait WebhookHmac 

pub trait WebhookHmac: Webhook {
    type MAC: Mac + KeyInit + Send;

    // Required methods
    fn secret_key(&self) -> &[u8] ;
    fn expected_signatures(
        &self,
        req: &Request<'_>,
    ) -> Outcome<'_, Vec<Vec<u8>>, WebhookError>;

    // Provided methods
    fn body_prefix(
        &self,
        req: &Request<'_>,
        time_bounds: (u32, u32),
    ) -> Outcome<'_, Option<Vec<u8>>, WebhookError> { ... }
    fn body_suffix(
        &self,
        req: &Request<'_>,
        time_bounds: (u32, u32),
    ) -> Outcome<'_, Option<Vec<u8>>, WebhookError> { ... }
    fn validate_with_hmac(
        &self,
        req: &Request<'_>,
        body: impl AsyncRead + Unpin + Send + Sync,
        time_bounds: (u32, u32),
    ) -> impl Future<Output = Outcome<'_, Vec<u8>, WebhookError>> + Send + Sync
       where Self: Sync,
             Self::MAC: Sync { ... }
}

Available on crate feature hmac only.

Trait for webhooks that use HMAC signature validation.

Required Associated Types

type MAC: Mac + KeyInit + Send

MAC algorithm (from the hmac crate) used to calculate the signature

Required Methods

fn secret_key(&self) -> &[u8]

Get the secret key used to sign the webhook

fn expected_signatures( &self, req: &Request<'_>, ) -> Outcome<'_, Vec<Vec<u8>>, WebhookError>

Get the expected signature(s) from the request. To obtain required headers, you can use the self.get_header() utility.

Provided Methods

fn body_prefix( &self, req: &Request<'_>, time_bounds: (u32, u32), ) -> Outcome<'_, Option<Vec<u8>>, WebhookError>

Get an optional prefix to attach to the raw body when calculating the signature. Timestamps should be validated against the given bounds.

fn body_suffix( &self, req: &Request<'_>, time_bounds: (u32, u32), ) -> Outcome<'_, Option<Vec<u8>>, WebhookError>

Get an optional suffix to attach to the raw body when calculating the signature. Timestamps should be validated against the given bounds.

fn validate_with_hmac( &self, req: &Request<'_>, body: impl AsyncRead + Unpin + Send + Sync, time_bounds: (u32, u32), ) -> impl Future<Output = Outcome<'_, Vec<u8>, WebhookError>> + Send + Sync

where Self: Sync, Self::MAC: Sync,

Read the request body and verify the HMAC signature. Calculates the HMAC directly from the raw streamed body (with a prefix if configured).

Dyn Compatibility

This trait is not dyn compatible.

In older versions of Rust, dyn compatibility was called "object safety", so this trait is not object safe.

Implementors

impl WebhookHmac for GitHubWebhook

Available on crate feature github only.

type MAC = CoreWrapper<HmacCore<CoreWrapper<CtVariableCoreWrapper<Sha256VarCore, UInt<UInt<UInt<UInt<UInt<UInt<UTerm, B1>, B0>, B0>, B0>, B0>, B0>, OidSha256>>>>

impl WebhookHmac for ShopifyWebhook

Available on crate feature shopify only.

type MAC = CoreWrapper<HmacCore<CoreWrapper<CtVariableCoreWrapper<Sha256VarCore, UInt<UInt<UInt<UInt<UInt<UInt<UTerm, B1>, B0>, B0>, B0>, B0>, B0>, OidSha256>>>>

impl WebhookHmac for SlackWebhook

Available on crate feature slack only.

type MAC = CoreWrapper<HmacCore<CoreWrapper<CtVariableCoreWrapper<Sha256VarCore, UInt<UInt<UInt<UInt<UInt<UInt<UTerm, B1>, B0>, B0>, B0>, B0>, B0>, OidSha256>>>>

impl WebhookHmac for StandardWebhook

Available on crate feature standard only.

type MAC = CoreWrapper<HmacCore<CoreWrapper<CtVariableCoreWrapper<Sha256VarCore, UInt<UInt<UInt<UInt<UInt<UInt<UTerm, B1>, B0>, B0>, B0>, B0>, B0>, OidSha256>>>>

impl WebhookHmac for StripeWebhook

Available on crate feature stripe only.

type MAC = CoreWrapper<HmacCore<CoreWrapper<CtVariableCoreWrapper<Sha256VarCore, UInt<UInt<UInt<UInt<UInt<UInt<UTerm, B1>, B0>, B0>, B0>, B0>, B0>, OidSha256>>>>

impl WebhookHmac for Hmac256Webhook

type MAC = CoreWrapper<HmacCore<CoreWrapper<CtVariableCoreWrapper<Sha256VarCore, UInt<UInt<UInt<UInt<UInt<UInt<UTerm, B1>, B0>, B0>, B0>, B0>, B0>, OidSha256>>>>