Python: Cannot create correct signature for webhook security

Hello,

I know that there have been a few questions on this already, but none of the supplied answers seem to work.

I have:

1. A webhook setup with a signature that I have provided.
2. The webhook calls an ngrok endpoint so that I can see exactly what is passed in.
3. The passed in body, when used with the code in the following example throws an “TypeError: Unicode-objects must be encoded before hashing” error:
    

   import hashlib
   import hmac
   import json
   import base64
   import os
   def verifySignature(receivedSignature: str, payload):
       WEBHOOK_SECRET = os.environ.get('TYPEFORM_SECRET_KEY')
       digest = hmac.new(WEBHOOK_SECRET.encode('utf-8'), payload, hashlib.sha256).digest()
       e = base64.b64encode(digest).decode()
       if(e == receivedSignature):
         return True
       return False

4. I have modified the code, this is mine, to encode the payload:

   def validate_signature(actual_signature: str, payload, config: Configuration):
       security_key = config.typeform_security_key
   
       digest = hmac.new(security_key.encode('utf-8'), payload.encode('utf-8'), hashlib.sha256).digest()
       expected_sha = base64.b64encode(digest).decode()
       expected_signature = f'sha256={expected_sha}'
   
       is_valid = expected_signature == actual_signature
       if not is_valid:
           raise InvalidSignatureException(expected_signature, actual_signature)

However, here I get the wrong signature. Thank you if you can help.

This is the full request that nGrok receives, I am copying and pasting the body as a string for testing.

POST / HTTP/1.1

Host: f9bd-109-249-185-22.ngrok.io

User-Agent: Typeform Webhooks

Content-Length: 2842

Accept-Encoding: gzip

Cache-Control: max-age=259200

Content-Type: application/json

Typeform-Signature: sha256=dBJZO2LzK2T5zZcgUAinD0wushEdtBndnlsZGxqmWtc=

Via: 1.1 0e5c06814c83 (squid/3.5.27)

X-Forwarded-For: 35.169.151.81

X-Forwarded-Proto: http



{"event_id":"01FPTDQT7PHZWFKKM6ZY8QKKTK","event_type":"form_response","form_response":{"form_id":"mFPlsuGO","token":"01FPTDQT7PHZWFKKM6ZY8QKKTK","landed_at":"2021-12-13T17:34:11Z","submitted_at":"2021-12-13T17:34:11Z","hidden":{"category":"hidden_value","portfolio_id":"hidden_value","session_id":"hidden_value","sub_category":"hidden_value","user_id":"hidden_value"},"definition":{"id":"mFPlsuGO","title":"Visitor Registration","fields":[{"id":"BGrXJ2HX8GZV","title":"What's your Name?","type":"short_text","ref":"880d0a8a-5748-4a62-8ee3-125d8ceccd9c","properties":{}},{"id":"F6MCrElqY6bi","title":"And what's your Email?","type":"email","ref":"4497c6bf-4aef-462c-94a5-997ed8147648","properties":{}},{"id":"lWbghWk5Ku7M","title":"What's your apartment number?","type":"short_text","ref":"bfef5699-ddd6-4243-8a8c-bc41daa76cce","properties":{}},{"id":"nDeiv5kZ9Rdt","title":"What is your relationship with your guest?","type":"multiple_choice","allow_other_choice":true,"ref":"a8293bd2-039f-48bd-b04e-1de32f96af8f","properties":{},"choices":[{"id":"NZaHlfpGcyRE","label":"Family"},{"id":"l0fm8srUOzBD","label":"Friend"},{"id":"SvWtJRvdaydL","label":"Cleaner"},{"id":"UaSBRrw1SRl6","label":"Childcare"}]},{"id":"dfInYFcc8Kkv","title":"What is the full name of your guest?","type":"short_text","ref":"e0515534-3585-402c-b1de-62ede68a8d51","properties":{}},{"id":"VBCRRZlPiDRo","title":"Will you need an additional set of keys for your guest?","type":"yes_no","ref":"0673ade1-9a7c-44be-a4c5-2c9db1a542d0","properties":{}},{"id":"wNrTsrn0SmqX","title":"Please upload a state issued ID for your guest to complete the registration","type":"file_upload","ref":"aba03682-b3e6-4322-b194-09dcfdec3f5b","properties":{}}],"hidden":["portfolio_id","user_id","category","sub_category","session_id"]},"answers":[{"type":"text","text":"Lorem ipsum dolor","field":{"id":"BGrXJ2HX8GZV","type":"short_text","ref":"880d0a8a-5748-4a62-8ee3-125d8ceccd9c"}},{"type":"email","email":"an_account@example.com","field":{"id":"F6MCrElqY6bi","type":"email","ref":"4497c6bf-4aef-462c-94a5-997ed8147648"}},{"type":"text","text":"Lorem ipsum dolor","field":{"id":"lWbghWk5Ku7M","type":"short_text","ref":"bfef5699-ddd6-4243-8a8c-bc41daa76cce"}},{"type":"choice","choice":{"label":"Barcelona"},"field":{"id":"nDeiv5kZ9Rdt","type":"multiple_choice","ref":"a8293bd2-039f-48bd-b04e-1de32f96af8f"}},{"type":"text","text":"Lorem ipsum dolor","field":{"id":"dfInYFcc8Kkv","type":"short_text","ref":"e0515534-3585-402c-b1de-62ede68a8d51"}},{"type":"boolean","boolean":true,"field":{"id":"VBCRRZlPiDRo","type":"yes_no","ref":"0673ade1-9a7c-44be-a4c5-2c9db1a542d0"}},{"type":"file_url","file_url":"https://admin.typeform.com/form/mFPlsuGO/field/wNrTsrn0SmqX/results/file.ext/download","field":{"id":"wNrTsrn0SmqX","type":"file_upload","ref":"aba03682-b3e6-4322-b194-09dcfdec3f5b"}}]}}