Python examples

Here is calling API example :


#register global web hook for All operations

url = api_url+"/wep/webhooks"

payload = {'method':'POST',
           'format':2,
           'allowedEntries':0,
           'url':'https://webhook.site/06f3d21d-0568-4951-97ae-af703cae1891'
           }

headers = {
    "api-version": "1.0",
    "x-api-version": "1.0",
    "accept": "application/json",
    "content-type": "application/json",
    "authorization": "Bearer "+token
}

response = requests.post(url, json=payload, headers=headers, verify=False)

print(response.text)
data = response.json()
id = str(data["id"])

    
url = api_url+"/wep/webhooks/"+id+"/test"

headers = {
    "api-version": "1.0",
    "x-api-version": "1.0",
    "authorization": "Bearer "+token
}

response = requests.get(url, headers=headers, verify=False)

print(response.text)

Here is example of receiving and validating webhooks (Python3/Flask)

from flask import Flask, request, abort  
import hmac  
import hashlib  
import base64

app = Flask(**name**)

WORKLIO_WEBHOOK_SECRET = '...returned from API call...'

def _verify_webhook(data, hmac_header):  
        digest = hmac.new(WORKLIO_WEBHOOK_SECRET.encode("utf-8"), data, hashlib.sha256).hexdigest()
    return hmac.compare_digest(digest, hmac_header)
  
@app.route('/', methods=['POST'])  
def hello_world():  
    print('Received Webhook...')
    
data = request.data # NOT request.get_data() !!!!!
hmac_header = request.headers.get('WEP-Sign')
verified = _verify_webhook(data, hmac_header)

if not verified:
    return 'Integrity of request compromised...', 401

print('Verified request...')

if **name** == '**main**':  
    app.run()

Sample Implementation