search

muxinc / mux-node-sdk

Official Mux API wrapper for Node projects, supporting both Mux Data and Mux Video.
https://mux.com/for/node
Apache License 2.0
152 stars 60 forks source link

No signatures found matching the expected signature for payload #161

Closed ghost closed 2 years ago

ghost commented 2 years ago

Hello,

Mux webhook signature validation does not appear to be working for my Node/express service, or it's possible I am making a mistake somewhere! I am following the webhook validation guide on Mux GitHub for Node SDK. Here is my controller that Mux is successfully invoking in the development environment.

const { Webhooks } = Mux
const webhook = asyncHandler(async (req: Request, res: Response) => {
  try {
    console.log(`Mux Signature is ${req.headers['mux-signature']}`)
    console.log(`Mux body is ${JSON.stringify(req.body)}`)
    console.log(`MUX_WEBHOOK_SECRET is ${MUX_WEBHOOK_SECRET}`)
    const sig = req.headers['mux-signature'] as string
    Webhooks.verifyHeader(req.body, sig, MUX_WEBHOOK_SECRET)
    const jsonFormattedBody = JSON.parse(req.body)
    if (jsonFormattedBody.type === 'video.asset.ready') {
      await VideoModel.findOneAndUpdate(req.body.data.passthrough, { assetId: req.body.data.id })
    }
  } catch (err: any) {
    return res.status(400).send(`Webhook Error: ${err.message}`)
  }
  return res.status(200).json({ success: true, data: {} })
})
export { webhook }

Here is the server output

Mux Signature is t=1652463851,v1=af3d5ae111b82be67addcc5f8b559ea22ac38f5cbde9a9557e5f878c7db9c424

MUX_WEBHOOK_SECRET is <>

Mux body is {"type":"video.upload.created","request_id":null,"object":{"type":"upload","id":"i024lBXuvCcaaTyOx6m5f4jFsnRaurpvSVvV3tHDkIjg"},"id":"4821381f-1caa-475e-a12f-923e3209249e","environment":{"name":"Development","id":"fodthr"},"data":{"url":"https://storage.googleapis.com/video-storage-us-east1-uploads/i024lBXuvCcaaTyOx6m5f4jFsnRaurpvSVvV3tHDkIjg?Expires=1652466970&GoogleAccessId=direct-uploads-writer-prod%40mux-cloud.iam.gserviceaccount.com&Signature=ZqZvwIAtPZVe82q4BZ6I0uU6Y7RSZM3nwxX79akZ7aO88nV8qh4u8CXv3rLCeb4JpZgz2RlH0hzlHRgP%2B482eVGPkkVOJsae9gSjwt2oW5hof3zOaZaosbb9xtw3D0ru5Fgf2H1BauYcdKCQT8cWXG2QAvjMkQHjuMe7af7oCEh66kadWf1%2FJcaajsEUWpa1xtromKNjU3xBijHnbhatYbZvpKo3CwUJawB%2FleoK4VFGGOycy5fJazmhsCge%2F1REmxOmqJNPifmKANio2laOhjjn%2F8J5zkouaVQqXPCpCn1%2BP7aK%2BZtS3y817r1mbeC9UsROqeAsWYwVoZm5TrGrvw%3D%3D&upload_id=ADPycduPCfUilP-wNV37M7d6vh27oLhe8dWlk8z_XDTrCjIyjX8fbPPrulcmVwzDCVIP_9S5Oqc4AeKOsRD-yA9ybohjgg","timeout":3600,"status":"waiting","new_asset_settings":{"playback_policies":["public"],"passthrough":"5fa96044-3b80-4bc2-bb10-93eb863de173"},"id":"i024lBXuvCcaaTyOx6m5f4jFsnRaurpvSVvV3tHDkIjg"},"created_at":"2022-05-13T17:36:11.000000Z","attempts":[{"webhook_id":24494,"response_status_code":400,"response_headers":{"x-powered-by":"Express","vary":"Origin","ngrok-trace-id":"287a6d40cd33981fdef9fa911f77c0c8","etag":"W/\"4f-DkfDr22GwbEWIl8UeufGfjqzZqA\"","date":"Fri, 13 May 2022 17:36:11 GMT","content-type":"text/html; charset=utf-8","content-length":"79","access-control-allow-credentials":"true"},"response_body":"Webhook Error: No signatures found matching the expected signature for payload.","max_attempts":30,"id":"3be4550f-95af-4d9d-8483-5dd75df1c731","created_at":"2022-05-13T17:36:11.000000Z","address":"https://0a1d-2600-1700-23d2-3200-9c75-d8fd-e17b-6ba7.ngrok.io/api/v1/mux"},{"webhook_id":24494,"response_status_code":400,"response_headers":{"x-powered-by":"Express","vary":"Origin","ngrok-trace-id":"e9a9417c413cd6381db2783284b70478","etag":"W/\"4f-DkfDr22GwbEWIl8UeufGfjqzZqA\"","date":"Fri, 13 May 2022 17:38:11 GMT","content-type":"text/html; charset=utf-8","content-length":"79","access-control-allow-credentials":"true"},"response_body":"Webhook Error: No signatures found matching the expected signature for payload.","max_attempts":30,"id":"0fa168cb-910d-42ee-ab2f-b99fce2b2faa","created_at":"2022-05-13T17:38:11.000000Z","address":"https://0a1d-2600-1700-23d2-3200-9c75-d8fd-e17b-6ba7.ngrok.io/api/v1/mux"},{"webhook_id":24494,"response_status_code":400,"response_headers":{"x-powered-by":"Express","vary":"Origin","ngrok-trace-id":"3cd8e0f17ebe84f696f10425b7d988ea","etag":"W/\"4f-DkfDr22GwbEWIl8UeufGfjqzZqA\"","date":"Fri, 13 May 2022 17:40:11 GMT","content-type":"text/html; charset=utf-8","content-length":"79","access-control-allow-credentials":"true"},"response_body":"Webhook Error: No signatures found matching the expected signature for payload.","max_attempts":30,"id":"b53da5b3-51fe-4f4d-9e21-e4228218bf9e","created_at":"2022-05-13T17:40:11.000000Z","address":"https://0a1d-2600-1700-23d2-3200-9c75-d8fd-e17b-6ba7.ngrok.io/api/v1/mux"}],"accessor_source":null,"accessor":null}

My web server is returning a 400 Bad Request to Mux with the following error:

""Webhook Error: No signatures found matching the expected signature for payload.""

Do you have any tips for how to troubleshoot this further?

Thank you.

aminamos commented 2 years ago

@bubblesmakesrecords if you console.log(Webhooks) - what is the output? Thanks!

ghost commented 2 years ago 
import Mux from '@mux/mux-node/dist'
console.log(`Mux webhooks is ${JSON.stringify(Mux.Webhooks)}`)

Result is undefined

eropple commented 2 years ago

Hi - can you try again on the latest release and let me know if that helps?