/// <summary> /// Assert matching signature /// </summary> /// <param name="httpContext"></param> /// <returns></returns> public override bool AssertSignature(HttpContext httpContext) { var signature = GetSignature(httpContext); if (!string.IsNullOrEmpty(signature)) { var requestBody = RequestBody(httpContext).GetAwaiter().GetResult(); var hash = new HMACSHA1(Encoding.ASCII.GetBytes(_options.ApiKey)) .ComputeHash(Encoding.ASCII.GetBytes(requestBody)) .Aggregate(string.Empty, (s, e) => s + String.Format("{0:x2}", e), s => s); if (!hash.Equals(signature, StringComparison.InvariantCultureIgnoreCase)) { throw new WebHookBadSignatureExpcetion("WebHook Signatures didn't match!"); } } else { throw new WebHookMissedSignatureException("WebHook must be signed"); } return(true); }