I am trying to validate the signature of the requests sent by Slack on my webhook. For this, I need to retrieve the rawBody of the request to be able to generate the signature and compare it with the original one. However, whenever I am setting the parameter “rawBody” to true in my webhook, the following error is triggered:
Thank you for this prompt reply. Without passing the option -H "Content-Type: application/json", I can reproduce the error. I am not sure why the “rawBody” option excepts the request payload to be in JSON.
Example: curl -X POST -d '{"key1":"test"}' http://localhost:5678/webhook-test/ed8891c3-114a-43ad-827f-e755556b0887
Sorry for the confusion. I am trying to get the original payload of a POST request sent to my Webhook, but I am struggling. The Webhook is supposed to retrieve all the actions that have been occurred in a Slack channel and for each action, Slack sends a request to the Webhook. However, for validating the requests, Slack is asking us to compute the HMAC SHA256 of the request’s raw body and this is where I am struggling, because if I am enabling the rawBody, I get “req.rawBody is undefined” and if I am disabling it, I am getting a JSON output
POST request sent by Slack to the Webhook
‘host’: ‘…’,
‘x-forwarded-proto’: ‘http’,
‘x-nginx-proxy’: ‘true’,
‘connection’: ‘close’,
‘content-length’: ‘2014’,
‘user-agent’: ‘Slackbot 1.0 (+https://api.slack.com/robots)’,
‘accept-encoding’: ‘gzip,deflate’,
‘accept’: ‘application/json,/’,
‘x-slack-signature’: ‘v0=5996b635b00471da856052823daf540…’,
‘x-slack-request-timestamp’: ‘1598623354’,
‘content-type’: ‘application/x-www-form-urlencoded’
Ah OK. Found the problem. It did not save the rawBody for “application/x-www-form-urlencoded” requests. Did just release a new bug-fix version [email protected] which works now as expected.
Be however aware that the data is really raw. Meaning it is not in the JSON-data of the item it is in the binary-data. So if you want want to “move” it over and get it displayed as “text” you would have to do the following: