MCPcopy Index your code
hub / github.com/simstudioai/sim / verifyAuth

Function verifyAuth

apps/sim/lib/webhooks/providers/whatsapp.ts:201–222  ·  view source on GitHub ↗
({ request, rawBody, requestId, providerConfig })

Source from the content-addressed store, hash-verified

199
200export const whatsappHandler: WebhookProviderHandler = {
201 verifyAuth({ request, rawBody, requestId, providerConfig }) {
202 const appSecret = providerConfig.appSecret as string | undefined
203 if (!appSecret) {
204 logger.warn(
205 `[${requestId}] WhatsApp webhook missing appSecret in providerConfig — rejecting request`
206 )
207 return new NextResponse('Unauthorized - WhatsApp app secret not configured', { status: 401 })
208 }
209
210 const signature = request.headers.get('x-hub-signature-256')
211 if (!signature) {
212 logger.warn(`[${requestId}] WhatsApp webhook missing signature header`)
213 return new NextResponse('Unauthorized - Missing WhatsApp signature', { status: 401 })
214 }
215
216 if (!validateWhatsAppSignature(appSecret, signature, rawBody)) {
217 logger.warn(`[${requestId}] WhatsApp signature verification failed`)
218 return new NextResponse('Unauthorized - Invalid WhatsApp signature', { status: 401 })
219 }
220
221 return null
222 },
223
224 async handleChallenge(_body: unknown, request: NextRequest, requestId: string, path: string) {
225 const url = new URL(request.url)

Callers

nothing calls this directly

Calls 3

warnMethod · 0.65
getMethod · 0.65

Tested by

no test coverage detected