[Error]: signature does not match event payload and secret
mike-pisman opened this issue · comments
Hi, just set up hookshot, tried to send 2 events but got errors. Should webhook secret be a random value or a secrete generated by GitHub app aka "client secrets"?
ERROR 00:34:46:245 [Webhooks] Failed handle GitHubEvent: AggregateError:
Error: [@octokit/webhooks] signature does not match event payload and secret
at verifyAndReceive (/usr/bin/matrix-hookshot/node_modules/@octokit/webhooks/dist-node/index.js:259:19)
at process.processTicksAndRejections (node:internal/process/task_queues:95:5)
ERROR 00:37:50:204 [Webhooks] Failed handle GitHubEvent: AggregateError:
Error: [@octokit/webhooks] signature does not match event payload and secret
at verifyAndReceive (/usr/bin/matrix-hookshot/node_modules/@octokit/webhooks/dist-node/index.js:259:19)
at process.processTicksAndRejections (node:internal/process/task_queues:95:5)
What should be the content type of the webhook(application/json or application/x-www-form-url-encoded)?
Do I need to specify room for registration? And if I do do I keep the exclamation mark, i.e. !yVrxYIBfoOPIdTwbEX
?
Can someone share their configs for GitHub please, the registration file for synapse and the registration/configuration for hookshot. I do not understand what I should be putting in url for registration configs.
Sorry, this took a long time to get back to. So this error is because the github.webhook.secret
in your config does not match what GitHub has configured in the App settings. Each request from GitHub is signed to prevent forgery, so it will error if there is a mismatch.