private async Task VerifySignature(HttpRequestMessage requestMessage, string retrievedSignature) { var body = await requestMessage.Content?.ReadAsStringAsync(); var preHash = string.Concat(new List <string?> { _timestamp.ToUnixTimeMilliseconds().ToString(), requestMessage.Method.Method.ToUpperInvariant(), requestMessage.RequestUri?.AbsolutePath, body }); var encodingSecret = Encoding.UTF8.GetBytes(_configuration.ApiSecret); var signature = new HMACSHA256(encodingSecret) .ComputeHash(Encoding.UTF8.GetBytes(preHash)).ToHexString(); signature.Should().Be(retrievedSignature); }