Failed Validation while setting up LinkedIn Webhook

Question

@app.route('/webhooks/linkedin', methods=['GET'])
def webhook_challenge_linkedIn():
    
  # creates HMAC SHA-256 hash from incomming token and your consumer secret
  sha256_hash_digest = hmac.new(bytes({api_secret},'utf-8'), msg=bytes(request.args.get('challengeCode'),'utf-8'), digestmod=hashlib.sha256)

  # construct response data with base64 encoded hash
  print((sha256_hash_digest))
  val = {
 "challengeCode" : request.args.get('challengeCode'),
 "challengeResponse" : sha256_hash_digest.hexdigest()
  }

  return json.dumps(val)

When I try to set up the server and send an authentication request from LinkedIn for webhook to this endpoint it says Failed Validation

all i need to do for the verification is return the challenge code in

challengeResponse = Hex-encoded(HMACSHA256(challengeCode, clientSecret))

I think this is what I did but the still validation gets failed.

I don't seem to see the issue.

Answer 1

Try the following:

@app.route('/webhooks/linkedin', methods=['GET'])
def webhook_challenge_linkedIn():
    challenge_code = request.args.get('challengeCode')  

    # creates HMAC SHA-256 hash from incoming token and your consumer secret
    sha256_hash_digest = hmac.new(api_secret.encode(), challenge_code.encode(), hashlib.sha256).hexdigest()

    # construct response data with base64 encoded hash
    # print(sha256_hash_digest)
    val = {
        "challengeCode" : challenge_code,
        "challengeResponse" : sha256_hash_digest
    }

    return json.dumps(val)

See this answer from How to use SHA256-HMAC in python code?