CircleCI Webhook payload signature

John_Chen · September 16, 2022, 10:15pm

Describe the issue/error/question

I’m trying to configure my n8n to accept webhooks from CircleCI’s webhooks. CircleCI offers the ability to associate a Secret token to each payload, documentation listed here: Webhooks - CircleCI
If you specify a Secret token, CircleCI uses that Secret token to generate a digest that’s based off the Secret token and the content of the request.
What this actually looks like is a header called “circleci-signature” with a value like “v1=somethingsomethingsomething”
Since the content of the request will likely never be the same, the resulting header value will also never be the same.
A little lower in the documentation actually shows an implementation in Python of how to verify a signature. Is such a thing possible in n8n?

What is the error message (if any)?

No error message, but n8n isn’t able to auth with headers since the “circleci-signature” header is never the same between runs.

Please share the workflow

Share the output returned by the last node

No output since I can’t auth

Information on your n8n setup

n8n version: 0.193.5
Database you’re using (default: SQLite): SQLite
Running n8n with the execution process [own(default), main]: default
Running n8n via [Docker, npm, n8n.cloud, desktop app]: Docker

MutedJam · September 19, 2022, 6:22am

Hi @John_Chen, welcome to the community!

To run custom code in n8n (and perform calculations not supported by n8n’s existing Crypto node) you can use the Function or Function Item nodes. I don’t have any experience with CircleCI specifically unfortunately, so don’t have a suitable snippet ready though

John_Chen · September 19, 2022, 6:05pm

I was able to figure it out:

I used the crypto node to encode the body and then passed that result as well as the signature into a function node and did a comparison to the two and was able to get the result I wanted. Thank you!

MutedJam · September 20, 2022, 6:02am

Awesome, thanks so much for confirming and for sharing your solution!

sirdavidoff · September 20, 2022, 2:56pm

Thanks for posting, @John_Chen! I noticed that your function node will run twice because it has two input connectors going into it. Do you need the bottom one or does the workflow also work without it?

John_Chen · September 20, 2022, 6:42pm

You’re right. I removed that redundant input connector and it works as intended