Webhook Validation

Hey, I am validating my user.create webhook as per the webhooks guide, checking the id and timestamp against the

api/v1/events/{event_id}

api/v1/events/{event_id}

api/v1/events/{event_id}

api/v1/events/{event_id} endpoint, but I am getting a

403

403 status code response. I am using the content of the webhook (the encoded JWT) as my token for the validation. Am I doing something wrong?

public async Task<bool> ValidateWebhook(string eventId, DateTime timestamp, string accessToken, CancellationToken cToken = default)
{
  try
  {
      ArgumentNullException.ThrowIfNullOrEmpty(nameof(eventId));
      ArgumentNullException.ThrowIfNull(nameof(timestamp));

      string endpoint = $"api/v1/events/{eventId}";
      string domain = _kindeSettings.Domain;

      string absoluteUrl = $"{domain}/{endpoint}";
      bool uriIsValid = Uri.TryCreate(absoluteUrl, UriKind.Absolute, out Uri uri);
      if (!uriIsValid) throw new Exception("The uri is not valid");
      using (HttpClient client = new HttpClient())
      {
          HttpRequestMessage request = new HttpRequestMessage(HttpMethod.Get, uri);
          request.Headers.Accept.Add(new System.Net.Http.Headers.MediaTypeWithQualityHeaderValue("application/json"));
          request.Headers.Authorization = new System.Net.Http.Headers.AuthenticationHeaderValue("Bearer", accessToken);
          cToken.ThrowIfCancellationRequested();

          HttpResponseMessage message = await client.SendAsync(request, cToken);
      }
      return true; //not yet finished
  }
  catch(Exception ex)
  {
      _logger.LogError(ex, ex.Message);
      throw;
  }
}

public async Task<bool> ValidateWebhook(string eventId, DateTime timestamp, string accessToken, CancellationToken cToken = default)
{
  try
  {
      ArgumentNullException.ThrowIfNullOrEmpty(nameof(eventId));
      ArgumentNullException.ThrowIfNull(nameof(timestamp));

      string endpoint = $"api/v1/events/{eventId}";
      string domain = _kindeSettings.Domain;

      string absoluteUrl = $"{domain}/{endpoint}";
      bool uriIsValid = Uri.TryCreate(absoluteUrl, UriKind.Absolute, out Uri uri);
      if (!uriIsValid) throw new Exception("The uri is not valid");
      using (HttpClient client = new HttpClient())
      {
          HttpRequestMessage request = new HttpRequestMessage(HttpMethod.Get, uri);
          request.Headers.Accept.Add(new System.Net.Http.Headers.MediaTypeWithQualityHeaderValue("application/json"));
          request.Headers.Authorization = new System.Net.Http.Headers.AuthenticationHeaderValue("Bearer", accessToken);
          cToken.ThrowIfCancellationRequested();

          HttpResponseMessage message = await client.SendAsync(request, cToken);
      }
      return true; //not yet finished
  }
  catch(Exception ex)
  {
      _logger.LogError(ex, ex.Message);
      throw;
  }
}

public async Task<bool> ValidateWebhook(string eventId, DateTime timestamp, string accessToken, CancellationToken cToken = default)
{
  try
  {
      ArgumentNullException.ThrowIfNullOrEmpty(nameof(eventId));
      ArgumentNullException.ThrowIfNull(nameof(timestamp));

      string endpoint = $"api/v1/events/{eventId}";
      string domain = _kindeSettings.Domain;

      string absoluteUrl = $"{domain}/{endpoint}";
      bool uriIsValid = Uri.TryCreate(absoluteUrl, UriKind.Absolute, out Uri uri);
      if (!uriIsValid) throw new Exception("The uri is not valid");
      using (HttpClient client = new HttpClient())
      {
          HttpRequestMessage request = new HttpRequestMessage(HttpMethod.Get, uri);
          request.Headers.Accept.Add(new System.Net.Http.Headers.MediaTypeWithQualityHeaderValue("application/json"));
          request.Headers.Authorization = new System.Net.Http.Headers.AuthenticationHeaderValue("Bearer", accessToken);
          cToken.ThrowIfCancellationRequested();

          HttpResponseMessage message = await client.SendAsync(request, cToken);
      }
      return true; //not yet finished
  }
  catch(Exception ex)
  {
      _logger.LogError(ex, ex.Message);
      throw;
  }
}

public async Task<bool> ValidateWebhook(string eventId, DateTime timestamp, string accessToken, CancellationToken cToken = default)
{
  try
  {
      ArgumentNullException.ThrowIfNullOrEmpty(nameof(eventId));
      ArgumentNullException.ThrowIfNull(nameof(timestamp));

      string endpoint = $"api/v1/events/{eventId}";
      string domain = _kindeSettings.Domain;

      string absoluteUrl = $"{domain}/{endpoint}";
      bool uriIsValid = Uri.TryCreate(absoluteUrl, UriKind.Absolute, out Uri uri);
      if (!uriIsValid) throw new Exception("The uri is not valid");
      using (HttpClient client = new HttpClient())
      {
          HttpRequestMessage request = new HttpRequestMessage(HttpMethod.Get, uri);
          request.Headers.Accept.Add(new System.Net.Http.Headers.MediaTypeWithQualityHeaderValue("application/json"));
          request.Headers.Authorization = new System.Net.Http.Headers.AuthenticationHeaderValue("Bearer", accessToken);
          cToken.ThrowIfCancellationRequested();

          HttpResponseMessage message = await client.SendAsync(request, cToken);
      }
      return true; //not yet finished
  }
  catch(Exception ex)
  {
      _logger.LogError(ex, ex.Message);
      throw;
  }
}

Webhook Validation

Similar Threads

Similar Threads

Similar Threads