Method to Generate Signature Based on Params and API Key

[k-macmillan]

User Story - Business Need

We wish to enhance ENP by allowing a callback URL to be specified when a request is made to VA Notify's sms/email paths. We will generate a signature based on the parameters being sent to our client (Service). Adding that signature to the request is part of a separate ticket, this ticket is to create the generate_callback_signature method.

• [x] Ticket is understood, and QA has been contacted (if the ticket has a QA label).

User Story(ies)

As a VA Service authorized to send notifications I want to specify a callback url other than the service-level callback So that we have more agency when deciding how to handle callbacks

Additional Info and Resources

• Digital Signature Algorithm
• Human-readable version
• Secure Hash Algorithms

Acceptance Criteria

• [x] TDD
• [x] generate_callback_signature method takes: ~notification~ api_key_id and callback_params
• [x] Return value of generate_callback_signature is a 64 character, url-safe string (use hexdigest, not digest)
• [x] Key of the signature is the actual secret of the API key (based on the api_key_id that was passed in)
• [x] signature and params are debug logged
• [x] Signature uses HMAC-SHA256 to support 32-bit systems e.g. hmac.Hash(b'key', b'data', digestmod=hashlib.sha256)
• [x] This work is added to the sprint review slide deck (key win bullet point and demo slide)

QA Considerations

Potential Dependencies

[npmartin-oddball]

Hey team! Please add your planning poker estimate with Zenhub @coreycarvalho @cris-oddball @EvanParish @k-macmillan @kalbfled @MackHalliday @mchlwellman

[k-macmillan]

Realized that a Notification or notification_id is unnecessary. The signature itself does not care about that, it just takes data and signs it.

[k-macmillan]

PR merged. Updated slides.