({
request,
rawBody,
requestId,
providerConfig,
}: AuthContext)
| 61 | |
| 62 | export const resendHandler: WebhookProviderHandler = { |
| 63 | async verifyAuth({ |
| 64 | request, |
| 65 | rawBody, |
| 66 | requestId, |
| 67 | providerConfig, |
| 68 | }: AuthContext): Promise<NextResponse | null> { |
| 69 | const signingSecret = providerConfig.signingSecret as string | undefined |
| 70 | if (!signingSecret?.trim()) { |
| 71 | logger.warn(`[${requestId}] Resend webhook missing signing secret in provider configuration`) |
| 72 | return new NextResponse('Unauthorized - Resend signing secret is required', { status: 401 }) |
| 73 | } |
| 74 | |
| 75 | const svixId = request.headers.get('svix-id') |
| 76 | const svixTimestamp = request.headers.get('svix-timestamp') |
| 77 | const svixSignature = request.headers.get('svix-signature') |
| 78 | |
| 79 | if (!svixId || !svixTimestamp || !svixSignature) { |
| 80 | logger.warn(`[${requestId}] Resend webhook missing Svix signature headers`) |
| 81 | return new NextResponse('Unauthorized - Missing Resend signature headers', { status: 401 }) |
| 82 | } |
| 83 | |
| 84 | if (!verifySvixSignature(signingSecret, svixId, svixTimestamp, svixSignature, rawBody)) { |
| 85 | logger.warn(`[${requestId}] Resend Svix signature verification failed`) |
| 86 | return new NextResponse('Unauthorized - Invalid Resend signature', { status: 401 }) |
| 87 | } |
| 88 | |
| 89 | return null |
| 90 | }, |
| 91 | |
| 92 | matchEvent({ body, providerConfig, requestId }: EventMatchContext): boolean { |
| 93 | const triggerId = providerConfig.triggerId as string | undefined |
nothing calls this directly
no test coverage detected