private async Task VerifySignature(HttpRequestMessage requestMessage, string retrievedSignature)
{
var body = await requestMessage.Content?.ReadAsStringAsync();
var preHash = string.Concat(new List <string?>
{
_timestamp.ToUnixTimeMilliseconds().ToString(),
requestMessage.Method.Method.ToUpperInvariant(),
requestMessage.RequestUri?.AbsolutePath,
body
});
var encodingSecret = Encoding.UTF8.GetBytes(_configuration.ApiSecret);
var signature = new HMACSHA256(encodingSecret)
.ComputeHash(Encoding.UTF8.GetBytes(preHash)).ToHexString();
signature.Should().Be(retrievedSignature);
}
