verify-quickbooks-webhooks

A simple function to quickly see if the webhook is from QuickBooks.

Usage no npm install needed!

<script type="module">
  import verifyQuickbooksWebhooks from 'https://cdn.skypack.dev/verify-quickbooks-webhooks';
</script>

README

Verify A QuickBooks (Intuit) Webhook

A simple function to quickly see if the webhook is from QuickBooks.

Blazing Fast Blazing Fast Blazing Fast

QuickBooks can send webhooks to your application. These webhooks include a header that you should verify to avoid allowing anyone to trigger your code.

View On NPM View On GitHub

Verifying that these webhooks are coming from QuickBooks can be an annoying task. This function tackles it all for you.

To Use

import verifyWebhookSignature from 'verify-quickbooks-webhooks';
// or
const verifyWebhookSignature = require('verify-quickbooks-webhooks');

const isValidRequest = verifyWebhookSignature(
  verificationTokenFromQuickBooksDashboard, // store this as an env variable or something. You get it from the QB dashboard
  incomingQuickBooksSignatureFromHeaders, // request.headers['intuit-signature'];
  payload // the request.body string
);

if (!isValidRequest) {
  throw new Error('Sorry, this does not look to be a valid action');
}

// typescript example including webhook type def
import verifyWebhookSignature, {
  QuickBooksEventNotificationsType,
} from 'verify-quickbooks-webhooks';

const isValidRequest = verifyWebhookSignature(
  verificationTokenFromQuickBooksDashboard, // store this as an env variable or something. You get it from the QB dashboard
  incomingQuickBooksSignatureFromHeaders, // request.headers['intuit-signature'];
  payload // the request.body string
);

if (!isValidRequest) {
  throw new Error('Sorry, this does not look to be a valid action');
}

const body = JSON.parse(event.body);
const eventNotifications: QuickBooksEventNotificationsType =
  body.eventNotifications;