def validate_webhook(self, key, signature, body):
"""Used to validate incoming webhook messages. When used it guarantees
that the sender is Pusher and not someone else impersonating it.
:param key: key used to sign the body
:param signature: signature that was given with the body
:param body: content that needs to be verified
"""
key = ensure_text(key, "key")
signature = ensure_text(signature, "signature")
body = ensure_text(body, "body")
if key != self.key:
return None
if not verify(self.secret, body, signature):
return None
try:
body_data = json.loads(body, cls=self._json_decoder)
except ValueError:
return None
time_ms = body_data.get('time_ms')
if not time_ms:
return None
if abs(time.time()*1000 - time_ms) > 300000:
return None
return body_data
def validate_webhook(self, key, signature, body):
"""Used to validate incoming webhook messages. When used it guarantees
that the sender is Pusher and not someone else impersonating it.
:param key: key used to sign the body
:param signature: signature that was given with the body
:param body: content that needs to be verified
"""
key = ensure_text(key, "key")
signature = ensure_text(signature, "signature")
body = ensure_text(body, "body")
if key != self.key:
return None
if not verify(self.secret, body, signature):
return None
try:
body_data = json.loads(body, cls=self._json_decoder)
except ValueError:
return None
time_ms = body_data.get('time_ms')
if not time_ms:
return None
if abs(time.time()*1000 - time_ms) > 300000:
return None
return body_data
def _verify(self, message, signature):
if not signature:
return False
return verify(self.client.secret, message, signature)
def _verify(self, message, signature):
if not signature:
return False
return verify(self.client.secret, message, signature)