Package ai.nightfall.scan
Class WebhookSignatureValidator
java.lang.Object
ai.nightfall.scan.WebhookSignatureValidator
A class that implements Nightfall webhook signature validation. This class can be used in a request middleware
to validate the authenticity of a request before processing it. Validation is implemented with an SHA-256
HMAC signature.
-
Constructor Summary
ConstructorsConstructorDescriptionInstantiates the validator with the default threshold.WebhookSignatureValidator(TemporalAmount threshold) Instantiates the validator with the provided threshold. -
Method Summary
-
Constructor Details
-
WebhookSignatureValidator
public WebhookSignatureValidator()Instantiates the validator with the default threshold. -
WebhookSignatureValidator
Instantiates the validator with the provided threshold.- Parameters:
threshold- the time threshold within which webhook requests should be considered valid.
-
-
Method Details
-
validate
public boolean validate(String requestBody, byte[] signingSecret, String requestSignature, String requestTime) Validates that the provided request payload is an authentic request that originated from Nightfall. If this method returns false, request handlers shall not process the provided body any further.- Parameters:
requestBody- the entire, raw request payload, encoded in UTF-8.signingSecret- the signing secret used as the key for HMAC.requestSignature- the signature provided by Nightfall to compare against the locally-computed value.requestTime- the Unix timestamp of when this request was sent, i.e. the number of seconds since the Unix epoch.- Returns:
- true if the signature is valid and the request occurred within the allowed time threshold, otherwise false.
- Throws:
NumberFormatException- ifrequestTimeis not parsable as an integer
-