I am trying to match the Webhook signature received from GoCardless and am having difficulties.
Unfortunately there is no Error message to work with, it is simply that the signature I receive doesn't match any of the hash digests that I generate.
If someone could take a quick look at their docs, https://developer.gocardless.com/api-reference/#webhooks-signing-webhooks, and let me know if I am missing something obvious that would be appreciated.
I am using Flask, hmac, hashlib and base64 modules.
# webhook signature
request.headers.get('Webhook-Signature').encode('utf-8')
# digest generated using the request body and SECRET key
digest = hmac.new(key = SECRET, msg=request.get_data(), digestmod = hashlib.sha256).digest()
base64.b64encode(digest)
Any help would be much appreciated.