K
Q

HMAC-SHA1 hash difference when generated in production: flask-docker based app running in a pod

10/2/2019

webhook dispatcher hash different from receiving client when moved to production on k8s cluster. whereas on local, they it works perfectly.

I implemented a webhook dispatcher, which generates a HMAC-SHA1 signature of the json body before dispatching. when testing on local, the signature and the verified digest are identical, when i deploy the same piece of codes, that's the dispatcher to a k8s pod, same json used for test, generates different hash from the webhook receiver client

Example json

{
  "event": "review.manual", 
  "data": {
    "recommendation": "accept", 
    "author": "Ebot Tabi", 
    "datetime": "02 Oct, 2019, 09:41AM", 
    "transaction": {
      "transaction_score": 37, 
      "transaction_total_price": "4,809.00", 
      "is_fraud": "no", 
      "transaction_id": "zduaevejkjvnjo", 
      "customer_id": "sedeupdgixswil"
    }, 
    "customer": {
      "first_name": "Joseph", 
      "last_name": "Jones", 
      "email": "petersonrobert@gmail.com", 
      "customer_id": "sedeupdgixswil"
    }
  }
}

python code for hash generation:

def generate_digest(data, secret):
    return hmac.new(secret.encode("utf-8"), msg=data, digestmod=hashlib.sha1).hexdigest()
-- Ebot Tabi
docker
flask
hmacsha1
kubernetes
python

Similar Questions

Issue when installing kubectl on window 10 home
Exposing SCDF services from a Kubernetes deployment
Deploying custom Kong plugin in GKE deployed Kong API Gateway
How to redirect packages from 443 port to another port exposed by "ambassador" executed in a kubernetes pod?

0 Answers