import express, { Request, Response } from 'express';
import crypto from 'crypto';
const app = express();
const port = 3000;
const webhookSecret = 'orq_wk_...';
function verifySignature(payload: string, signature: string, secret: string): boolean {
const expected = crypto.createHmac('sha256', secret).update(payload).digest('hex');
return crypto.timingSafeEqual(Buffer.from(signature), Buffer.from(expected));
}
app.post('/webhooks', express.json(), (req: Request, res: Response) => {
const signature = req.headers['x-orq-signature'] as string;
const { id, created, type } = req.body;
const signaturePayload = JSON.stringify({ id, created, type });
if (!verifySignature(signaturePayload, signature, webhookSecret)) {
return res.status(400).send('Invalid signature');
}
switch (type) {
case 'deployment.invoked':
console.log('Deployment invoked:', req.body);
break;
}
res.json({ received: true });
});
app.listen(port, () => {
console.log(`Server running at http://localhost:${port}`);
});
AI Studio
Control Tower
AI Router