Using Postman to test webhook

[cbloss]

This really isn't an issue but more of a question that I have no idea where to turn to and google is failing me right now. I'm trying to use Postman to test my webhook on a Laravel application and I'm trying to get away with not setting up the webhook-server. I got the client all setup but I keep getting the error "signature is invalid" in Postman. I have the env set with a WEBHOOK_CLIENT_SECRET and the handler but everything else is set to the defaults of the config provided. I've tried quite a few different "authorization" options in Postman. I saw someone created a customed signature to get around it if the env is staging or local. I was trying to get away from that if I could.

I know this is out of scope of the package. I am just kind of not sure where to go for answers on this.

[cbloss]

I was able to figure it out by using the DefaultSignature and tweaking it. It looked like it was trying to compare the full request and not just the signature. Not sure if this is a good fix, but it works. Sorry about this!

[Crowly34]

@cbloss if you don't want to tinker with the DefaultSignatureValidator (and still need this a year later) seems like it uses an HMAC/SHA-256, and this article explains pretty well how to configure your Postman to do exactly that.

[mzahirr]

@cbloss if you don't want to tinker with the DefaultSignatureValidator (and still need this a year later) seems like it uses an HMAC/SHA-256, and this article explains pretty well how to configure your Postman to do exactly that.

THANK YOU