Package edu.ucsb.cs156.frontiers.utilities

Class WebhookSecurityUtils

java.lang.Object

edu.ucsb.cs156.frontiers.utilities.WebhookSecurityUtils

public class WebhookSecurityUtils
extends Object

Utility class for webhook security validation

Method Summary

Modifier and Type	Method	Description
static boolean	validateGitHubSignature(String payload, String signature, String secret)	Validates GitHub webhook signature using HMAC-SHA256

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Method Details

validateGitHubSignature

public static boolean validateGitHubSignature(String payload,
 String signature,
 String secret)
                                       throws NoSuchAlgorithmException,
InvalidKeyException

Validates GitHub webhook signature using HMAC-SHA256

Parameters:

payload - the raw payload body as string

signature - the GitHub signature header (e.g., "sha256=abc123...")

secret - the webhook secret

Returns:

true if signature is valid, false otherwise

Throws:

NoSuchAlgorithmException

InvalidKeyException