Skip to content

Feat/request signing#832

Open
TheCreatorNode wants to merge 5 commits into
SoroScan:mainfrom
TheCreatorNode:feat/request-signing
Open

Feat/request signing#832
TheCreatorNode wants to merge 5 commits into
SoroScan:mainfrom
TheCreatorNode:feat/request-signing

Conversation

@TheCreatorNode

Copy link
Copy Markdown
Contributor

resolves #802

…n#802)

- Add SigningKey model for rotatable HMAC signing keys per webhook
- Create webhook_signing module with sign/verify helpers
- Add rotate_expired_signing_keys Celery task (daily beat schedule)
- Update _build_webhook_signature_header to prefer active SigningKey
- Add SigningKey admin with auto-generation of keys
- Add SDK verification utilities (Python + TypeScript)
- Add SIGNING_KEY_RETENTION_DAYS config (default 7 days)
- Add migration 0045_signingkey.py
- Add 21 tests covering signing, model, rotation, and dispatch
@drips-wave

drips-wave Bot commented Jun 29, 2026

Copy link
Copy Markdown

@TheCreatorNode Great news! 🎉 Based on an automated assessment of this PR, the linked Wave issue(s) no longer count against your application limits.

You can now already apply to more issues while waiting for a review of this PR. Keep up the great work! 🚀

Learn more about application limits

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

Request Signing and Verification (HMAC-SHA256)

1 participant