MCPcopy Index your code
hub / github.com/simstudioai/sim / verifyAuth

Function verifyAuth

apps/sim/lib/webhooks/providers/resend.ts:63–90  ·  view source on GitHub ↗
({
    request,
    rawBody,
    requestId,
    providerConfig,
  }: AuthContext)

Source from the content-addressed store, hash-verified

61
62export const resendHandler: WebhookProviderHandler = {
63 async verifyAuth({
64 request,
65 rawBody,
66 requestId,
67 providerConfig,
68 }: AuthContext): Promise<NextResponse | null> {
69 const signingSecret = providerConfig.signingSecret as string | undefined
70 if (!signingSecret?.trim()) {
71 logger.warn(`[${requestId}] Resend webhook missing signing secret in provider configuration`)
72 return new NextResponse('Unauthorized - Resend signing secret is required', { status: 401 })
73 }
74
75 const svixId = request.headers.get('svix-id')
76 const svixTimestamp = request.headers.get('svix-timestamp')
77 const svixSignature = request.headers.get('svix-signature')
78
79 if (!svixId || !svixTimestamp || !svixSignature) {
80 logger.warn(`[${requestId}] Resend webhook missing Svix signature headers`)
81 return new NextResponse('Unauthorized - Missing Resend signature headers', { status: 401 })
82 }
83
84 if (!verifySvixSignature(signingSecret, svixId, svixTimestamp, svixSignature, rawBody)) {
85 logger.warn(`[${requestId}] Resend Svix signature verification failed`)
86 return new NextResponse('Unauthorized - Invalid Resend signature', { status: 401 })
87 }
88
89 return null
90 },
91
92 matchEvent({ body, providerConfig, requestId }: EventMatchContext): boolean {
93 const triggerId = providerConfig.triggerId as string | undefined

Callers

nothing calls this directly

Calls 3

verifySvixSignatureFunction · 0.70
warnMethod · 0.65
getMethod · 0.65

Tested by

no test coverage detected