Having gone through all the Tutorial Steps here (https://www.adobe.io/apis/experiencecloud/cloud-manager/docs.html), and having my Slack webhook App in place, when a Pipeline job runs, it does hit the Webhook, however, in the Response Body, I get this (403) error back:
Error: x-adobe-signature HMAC check failed
Has anyone successfully got Adobe Cloud Manager Pipeline notifications working with Slack? If so, any ideas would be greatly appreciated.
To be clear, I built the App using Glitch.com per the instructions. The App is working. My Slack Webhook is working and installed. Please do not direct me back to the Documentation... I've already completed the tasks and read the documentation numerous times. Thanks!
Solved! Go to Solution.
Topics help categorize Community content and increase your ability to discover relevant content.
Views
Replies
Total Likes
Hi @jasonhampleman: The error that you are encountering is because of a signature mismatch as mentioned in step 2 of the tutorial. However, since you are using Glitch, can you please make sure that the .env file is properly populated, because when you click on "Remix this" it resets the .env file settings. The reset results in a blank CLIENT_SECRET which inturn results into the error - "Error: x-adobe-signature HMAC check failed".
I would advise trying till step 2 with the proper .env file and see if you are still running into the same issue.
Views
Replies
Total Likes
Hi @jasonhampleman: The error that you are encountering is because of a signature mismatch as mentioned in step 2 of the tutorial. However, since you are using Glitch, can you please make sure that the .env file is properly populated, because when you click on "Remix this" it resets the .env file settings. The reset results in a blank CLIENT_SECRET which inturn results into the error - "Error: x-adobe-signature HMAC check failed".
I would advise trying till step 2 with the proper .env file and see if you are still running into the same issue.
Views
Replies
Total Likes
Views
Replies
Total Likes
If the CLIENT_SECRET is correctly configured, then can you add some logs here and see what exactly is going wrong. I am unable to reproduce the issue on my end. You can see the logs in Glitch by clicking on Tools > Logs.
As a last resort, can you try and uncomment the signature verification part to see if we can circumvent this problem. Even though this is not recommended, but this will help us pinpoint where things are going wrong.
Views
Replies
Total Likes
Thanks again for the help. I commented out the Signature Verification portion of the JS in Glitch (index.js file). The Pipeline is hitting my webhook URL as it completes jobs. I now get a 200 success with each (not a 403), however, the Response Body only says "pong" and I get no notifications in Slack. For reference, when I use Curl to hit my Slack App, it works.
Log says:
TypeError: Cannot read property 'event' of undefined
at app.post (index.js:119:26)
Line 119 is:
const event = req.body.event
I've included a screen of .env variables (do not reveal the actual vars) to see if those are okay.
Views
Replies
Total Likes
I am not sure what's going wrong at your end. Could you please check what you are getting in the Debug Tracing tab of your console integration (created in step 0).
The tutorial has been coded to respond with a simple "pong" message for every event delivered to the webhook, so I don't see any issue here.
however, the Response Body only says "pong" and I get no notifications in Slack
I think debug tracing will really help in understanding what is really going on with your integration.
TypeError: Cannot read property 'event' of undefined
at app.post (index.js:119:26)
Line 119 is:
const event = req.body.event
For example, this is what I see for in the "Debug Tracing" tab of my test integration -
Views
Replies
Total Likes
Thank you. I've attached my debug results as well. While they are similar to yours and I am getting a 200, it appears that much of the Header information in yours is not being sent in mine. I assume that you are connecting to a Slack App and getting a message there correctly in your test?
Views
Replies
Total Likes
When I posted my debug results, I included a snapshot of both the request and response tabs (see below for a better image). That's where you see the difference of headers. But looking at your traces, it seems that the events are being delivered just fine.
Regarding the slack integration, I did not test that, but I believe it should work.
Views
Replies
Total Likes
I really don't know what to do from here! A summary of where I'm at:
In Glitch logs, I get this error:
TypeError: Cannot read property '@type' of undefined at app.post (/app/index.js:119:24)
line 119 is: if (STARTED === event['@type'] &&
I get no Slack message.
What I know is working:
1. My Webhook is active (green) in Adobe Console
2. I get 200 Success.
3. Pipeline updates successfully trigger my Event in console
4. My Slack App is live and working. I can trigger it with a CURL call.
5. My Credentials are included correctly in the .env file in Glitch. I've built this multiple times now with the same result. I used the Step 7 with Slack "Remix This" option and then made sure to add my env vars.
I'm running out of ideas.
Views
Replies
Total Likes
@jasonhamplemanLooking at https://glitch.com/edit/#!/candy-gifted-hallway, I believe the problem is in how you commented out the signature verification. You appear to have commented out the injection of the body-parser express middleware. The result of this is that the body is, well, not parsed and thus req.body is undefined.
What you should do instead is to have this minimal piece:
app.use(bodyParser.json());
In other words, the bit to comment out is actually the object passed to bodyParser.json().Which is essentially going back to what is in Step 1 of the tutorial.
So if you wanted to leave that code in place, it would look like
app.use(bodyParser.json(/*{
verify: (req, res, buf, encoding) => {
const signature = req.header('x-adobe-signature')
if (signature) {
const hmac = crypto.createHmac('sha256', process.env.CLIENT_SECRET)
hmac.update(buf)
const digest = hmac.digest('base64')
if (signature !== digest) {
throw new Error('x-adobe-signature HMAC check failed')
}
} else if (!process.env.DEBUG && req.method === 'POST') {
throw new Error('x-adobe-signature required')
}
}
}*/))
As to your original issue, this is a bit of a mystery. I just retested this with a slightly more minimized version of the tutorial code (https://glitch.com/edit/#!/illustrious-peat-candytuf) and was able to check the signature. At the risk of repeating @shikhartanwar , I'd suggest doublechecking the value. I did observe that even adding a space at the end of the value in the Glitch UI can cause this. It wouldn't be a bad idea to trim the variable before passing it to crypto.createHmac().
Views
Replies
Total Likes
Views
Replies
Total Likes
Views
Replies
Total Likes
Views
Replies
Total Likes
Views
Replies
Total Likes
Views
Replies
Total Likes
Views
Replies
Total Likes
Views
Replies
Total Likes
Views
Replies
Total Likes
Views
Replies
Total Likes
Views
Likes
Replies
Views
Likes
Replies