[Feature]: Way to test webhook signature

[motz0815]

Tell us about your feature request

I'd like to test my paddle webhooks locally while using the unmarshal function of the sdk.
It would be great to have a way to put that function into test mode, or providing some other way to test handling the event while in development.

What problem are you looking to solve?

In development I have the problem of not really having a way to sign my test requests so that I can use the unmarshal function.

Additional context

No response

How important is this suggestion to you?

Important

[motz0815]

My current solution was a python script with the body at body.json in the same folder (if anyone else needs this)

# send a POST request to localhost:3000/api/paddle imitating a paddle webhook notification
# with the JSON body at body.json
import requests
import json
import time
import hmac
import hashlib

url = "http://localhost:3000/api/paddle"

# construct the paddle signature header with timestamp and sha256-hmac body hash

# unix timestamp
timestamp = int(time.time())

# read the body from body.json
with open("body.json", "r") as f:
    body = f.read()

# construct the hmac signature
key = "YOUR_PADDLE_WEBHOOK_SECRET_KEY"

payloadwithtimestamp = str(timestamp) + ":" + body

signature = hmac.new(key.encode(), payloadwithtimestamp.encode(), hashlib.sha256).hexdigest()

headers = {
    "Content-Type": "application/json",
    "paddle-signature": "ts=" + str(timestamp) + ";h1=" + signature
}

# send the POST request
response = requests.post(url, headers=headers, data=body)
print(response.text)

[vijayasingam-paddle]

Hi @motz0815,
Thank you for raising this feature request.

I can understand the problem you are facing. I am checking with our team on the best way of handling this. I will get back to you once i have a proper solution that will help improve the ways of working with our webhook during local development.