Complete the code to import the module needed for HMAC.
import [1]
The hmac module is used to create and verify message signatures.
Complete the code to create an HMAC object using the secret key and message.
signature = hmac.new([1], message, hashlib.sha256).hexdigest()The secret key is used as the key argument in hmac.new to create the signature.
Fix the error in the code to correctly compare the computed signature with the received signature.
if hmac.compare_digest(signature, [1]): print('Valid signature')
We compare the computed signature with the received_signature from the webhook.
Fill both blanks to decode the received signature from hex and compare it safely.
received_sig_bytes = bytes.fromhex([1]) if hmac.compare_digest(signature_bytes, [2]): print('Signature verified')
The received signature string is converted to bytes using bytes.fromhex. Then we compare the computed signature_bytes with received_sig_bytes.
Fill all three blanks to create a function that verifies a webhook signature.
def verify_signature(secret, message, [1]): computed_sig = hmac.new(secret, message, [2]).hexdigest() return hmac.compare_digest(computed_sig, [3])
The function takes the received signature as an argument. It uses hashlib.sha256 to create the HMAC digest. Finally, it compares the computed signature with the received one.