Hash verification

We use blake2b(opens new window) to encode hashes of confirmation and notification messages.

Hash verification in Python

In order to verify a message by comparing hashes:

1. Construct a _hash object by calling the "blake2b" function.

2. Pass the "digest_size" and "key" arguments to the "blake2b" function:

• "digest_size": size of the resulting hash in bytes. It needs to be set to 32 bytes (digest_size=32).
• "key": for keyed hashing. It is a concatenation of UTF-8 encoded "client_secret" (provided in the webhook_subscribe request) and UTF-8 encoded "server_secret" (returned in the response to the webhook_subscribe if the "client_secret" was provided in the request). In our example it is called "hash_seed".

3. UTF-8 encode message keys. The keys to be encoded depend on the message type. The confirmation message keys are as follows:

The notification message keys are as follows:

For example, in case of a confirmation message the keys to be UTF-8 encoded are "type", "message", "sent_ts", "confirmation_url" and "subscription":

4. Construct a calculated_hash object by returning the digest of the data fed to the _hash object by using the digest() method. Next, UTF-8 decode the digest of the data.

5. Compare the "calculate_hash" with hash passed in the message in the "hash" field.

Example of hash verification in Python