worldline-direct-support-team
commented
1 year ago Hello Siva,
Thanks for reaching out with this information. We''ll investigate the first issue and make the necessary changes.
For the second issue, have you ensured you're using the Webhooks API key? This is a separate API key from the one used in your communication to Direct.
The SDK source code contains a WebhooksHelper unit test which you could use as reference until the documentation is up to date. The helper automatically verifies the signature.
Kind regards, Worldline Direct support team
sivakrishna2018
Hi,
My name is Siva. I am working on Webhooks implementation for one of our customer.
As part of the development, we have gone through the below links and setup all necessary configuration in the Ingenico Direct portal.
https://support.direct.worldline-solutions.com/en/documentation/api/webhooks https://support.direct.worldline-solutions.com/en/documentation/sdk/server/java/
When I was going through the pseudo code given for Java, under the section,
https://support.direct.worldline-solutions.com/en/documentation/sdk/server/java/#webhooks
I have observed that, instead of retrieving that header('X-GCS-Signature') value from the webhook's request, the link says that, we need to create a signature and pass it on to the Ingenico libraries( helper.unmarshal(bodyOfRequest, requestHeaders); )
Again in the Webhooks helper, the java code creates another signature and validates to the one which is passed from our code.
Thus, the signature will always be same.
Ideally, comparison of signatures should have been done between source and destination servers. But it is not happening like that.
In my opinion, there are two issues to it.
1) Documentation is wrong.
2) I have also generated the signature and tried to compare it with the request header value received from Webhooks system. This also doesn't match. So, the JSON body that is used to create signature at Ingenico direct end could be different to the one which is sent to our server.
Please clarify these issues.
Thanks, Siva.