MCPcopy Index your code
hub / github.com/simstudioai/sim / verifyAuth

Function verifyAuth

apps/sim/lib/webhooks/providers/zoom.ts:107–130  ·  view source on GitHub ↗
({ request, rawBody, requestId, providerConfig }: AuthContext)

Source from the content-addressed store, hash-verified

105 },
106
107 verifyAuth({ request, rawBody, requestId, providerConfig }: AuthContext) {
108 const secretToken = providerConfig.secretToken as string | undefined
109 if (!secretToken) {
110 logger.warn(
111 `[${requestId}] Zoom webhook missing secretToken in providerConfig — rejecting request`
112 )
113 return new NextResponse('Unauthorized - Zoom secret token not configured', { status: 401 })
114 }
115
116 const signature = request.headers.get('x-zm-signature')
117 const timestamp = request.headers.get('x-zm-request-timestamp')
118
119 if (!signature || !timestamp) {
120 logger.warn(`[${requestId}] Zoom webhook missing signature or timestamp header`)
121 return new NextResponse('Unauthorized - Missing Zoom signature', { status: 401 })
122 }
123
124 if (!validateZoomSignature(secretToken, signature, timestamp, rawBody)) {
125 logger.warn(`[${requestId}] Zoom webhook signature verification failed`)
126 return new NextResponse('Unauthorized - Invalid Zoom signature', { status: 401 })
127 }
128
129 return null
130 },
131
132 async matchEvent({ webhook: wh, workflow, body, requestId, providerConfig }: EventMatchContext) {
133 const triggerId = providerConfig.triggerId as string | undefined

Callers

nothing calls this directly

Calls 3

validateZoomSignatureFunction · 0.85
warnMethod · 0.65
getMethod · 0.65

Tested by

no test coverage detected