svix · tasn · Jul 13, 2022 · Jul 12, 2022 · Jul 12, 2022 · Jul 12, 2022
@@ -39,6 +39,18 @@ func NewWebhook(secret string) (*Webhook, error) {
 	}, nil
 }
 
+func NewWebhookFromRaw(secret []byte) (*Webhook, error) {
+	return &Webhook {
+		key: secret,
+	}, nil
+}
+
+func NewWebhookFromRawString(secret string) (*Webhook, error) {
+	return &Webhook {
+		key: []byte(secret),
+	}, nil
+}
+
 // Verify validates the payload against the svix signature headers
 // using the webhooks signing secret.
 //

@@ -36,6 +36,14 @@ public Webhook(final String secret) {
 		this.key = Base64.getDecoder().decode(sec);
 	}
 
+	public WebhookRaw(final byte[] secret) {
+		this.key = secret;
+	}
+
+	public WebhookRaw(final String secret) {
+		this.key = secret.getBytes();
+	}
+
 	public void verify(final String payload, final HttpHeaders headers) throws WebhookVerificationException {
 		Optional<String> msgId = headers.firstValue(SVIX_MSG_ID_KEY);
 		Optional<String> msgSignature = headers.firstValue(SVIX_MSG_SIGNATURE_KEY);

@@ -590,18 +590,33 @@ export interface WebhookUnbrandedRequiredHeaders {
   "webhook-signature": string;
 }
 
+export interface WebhookOptions {
+  format?: "raw";
+}
+
 export class Webhook {
   private static prefix = "whsec_";
   private readonly key: Uint8Array;
 
-  constructor(secret: string) {
+  constructor(secret: string | Uint8Array, options?: WebhookOptions) {
     if (!secret) {
       throw new Error("Secret can't be empty.");
     }
-    if (secret.startsWith(Webhook.prefix)) {
-      secret = secret.substring(Webhook.prefix.length);
+    if (options?.format === "raw") {
+      if (secret instanceof Uint8Array) {
+        this.key = secret;
+      } else {
+        this.key = Uint8Array.from(secret, (c) => c.charCodeAt(0));
+      }
+    } else {
+      if (!(secret instanceof String)) {
+        throw new Error("Expected secret to be of type string");
+      }
+      if (secret.startsWith(Webhook.prefix)) {
+        secret = secret.substring(Webhook.prefix.length);
+      }
+      this.key = base64.decode(secret as string);
     }
-    this.key = base64.decode(secret);
   }
 
   public verify(

@@ -100,11 +100,20 @@ class Webhook(secret: String) {
         }
     }
 
-    init {
-        var sec = secret
-        if (sec.startsWith(SECRET_PREFIX)) {
-            sec = sec.substring(SECRET_PREFIX.length)
+    constructor(secret: String) {
+        if (secret.startsWith(SECRET_PREFIX)) {
+            secret = secret.substring(SECRET_PREFIX.length)
         }
-        key = Base64.getDecoder().decode(sec)
+        key = Base64.getDecoder().decode(secret)
+    }
+
+    constructor(secret: String, format: String) {
+        if (format === "raw") {
+            key = secret.toByteArray()
+        }
+    }
+
+    constructor(secret: ByteArray) {
+        key = secret
     }
 }
@@ -16,6 +16,13 @@ public function __construct($secret)
         $this->secret = base64_decode($secret);
     }
 
+    public static function fromRaw($secret)
+    {
+        $obj = new self();
+        $obj->secret = $secret;
+        return $obj;
+    }
+
     public function verify($payload, $headers)
     {
         if (

@@ -29,6 +29,16 @@ def __init__(self, whsecret: str, *, enc_key: t.Optional[str] = None):
         self._whsecret = base64.b64decode(whsecret)
         self._enc_key = base64.b64decode(enc_key) if enc_key is not None else None
 
+    def from_raw(whsecret: bytes):
+        wh = Webhook()
+        wh._whsecret = whsecret
+        return wh
+
+    def from_raw(whsecret: str):
+        wh = Webhook()
+        wh._whsecret = str.encode(whsecret)
+        return wh
+
     def verify(self, data: t.Union[bytes, str], headers: t.Dict[str, str]) -> t.Any:
         data = data if isinstance(data, str) else data.decode()
         headers = {k.lower(): v for (k, v) in headers.items()}