If a secret was provided when you created the subscription, Twitch signs the notification payload using that secret. We strongly recommend you verify the signature to confirm that the notification is genuine.
To verify payloads, you need to compute the hash properly. A common reason this may fail is unexpected string manipulation (e.g., JSON encoding or character escaping), which is done automatically by some web frameworks. To debug this, verify that the value of the content-length header matches the number of bytes you received in the notification payload. You may discover that notification hashing for payloads is failing due to unusual Unicode.
Using node, how exactly would I do this? What does the api sign the signature with? sha256?
Thanks, however it seems my subscriptions aren’t getting approved even tho I respond to the get request with the “hub.challenge” and challenge token in the 200 reply.
Thanks, that’s pretty much what I’m doing. I’m going to see if changing the content type to text/html will solve the issue.
my handler works similar to this:
if (req.query && req.query["hub.challenge"]) {
//extract the properties and alias them.
const { "hub.challenge": challenge, "hub.topic": topic } = req.query;
const streamerId = topic.substr(topic.indexOf("=")+1, topic.length-1);
//check and make sure the record exists in my database using the user_id;
doStuff();
//send back a response if If the record exists.
return reply.code(200).send({ "hub.challenge": challenge });
Odd enough, it seems my subs are being registered, however on stream up and down events a post request doesn’t get fired off to my back end from twitch.
Hey @Hurt_Box, you’re receiving notifications now? The stream up/down events have an added latency to them (due to consistency requirements of some internal services that should be resolved very soon), so you might need to wait around a few minutes for the events to appear.