Nudge Webhook

Send the nudge payload (similar to rewards) to your servers in case of not configuring direct nudges from CustomerGlu to End User Device using Firebase/APNS

A webhook url can be provided to CustomerGlu to receive the nudges to be shown to users in real-time

The app can be configured to open the url present in "clickAction" property in a webview.

A POST request will be made to the specified Webhook URL . Example request body is as follows:

{
   "client":"xyzc-b2e0-4927-8653-cba2babc2",
   "campaignId":"acxscx26-5437-4b37-855f-a3f6edqccqc4",
   "userId":"glutest-1",
   "notificationType":"push",
   "pageType":"full-default",
   "content":{
      "button":{
         "text":"Go to Reward",
         "action":"https://xyz.customerglu.net"
      },
      "title":"Scratch card unlocked! 😍",
      "body":"Check to see how much you've won 🙌",
      "clickAction":"https://xyz.customerglu.net",
      "image":""
   },
   "timeRemaning":"",
   "expiry":""
}

Optionally, to verify the authenticity of request, a secret token can be provided to CustomerGlu.

When you set a token, you'll receive the X-CG-SIGNATURE header in the webhook POST request. value of this header will be a hmac hexdigest of the request body with the provided token. See on how to validate the requests

Validating Nudge Webhook

const verifySignature = (reqBodyDigest, cgHeader) => {
  return crypto.timingSafeEqual(Buffer.from(cgHeader), Buffer.from(`${reqBodyDigest}`));
}


app.use(bodyParser.json());
app.use(bodyParser.urlencoded({ extended: true }));
app.post('/hook', (req, res) => {
  const jsonString = JSON.stringify(req.body);
  const reqBodyDigest = crypto.createHmac('sha1', token)
    .update(jsonString)
    .digest('hex');
  const cgHeader = req.headers['x-cg-signature'];
  const verify = verifySignature(reqBodyDigest, cgHeader)
}

import hmac,hashlib,json

sampleObj = {"campaignId":"6bab1116-ae8e-4644-9cee-7a3d8ee9aff3","type":"direct","userId":"test-8-june-9","rewardId":"acdc71c6-08ad-4cd9-8c1e-3c812487b854","rewardName":"$15","rewardAmount":15,"details":{"currency":"USD","value":15,"reward_reason":"got_referred","userAName":"Test Solve 7","userAId":"test-8-june-7"}}
gluHeader="f2719895b483fbf3f98e1936bc88271cbe74f138"


def generateSignature(incomingBody):
  key="PbTJp694bmgrfJpJPQmrjGfjgq".encode('utf-8')
  incomingBodyString = json.dumps(incomingBody, ensure_ascii=False, separators=(',', ':')).encode('utf-8')
  return hmac.new(key, incomingBodyString, hashlib.sha1).hexdigest()

def verifySignature(cgHeader,incomingBody):
    return hmac.compare_digest(cgHeader,generateSignature(incomingBody))

Note: CustomerGlu requires the raw body of the request to perform signature verification. If you are using a framework/library, make sure it doesn't manipulate the raw body. Any manipulation to the raw body of the request will cause the verification to fail.

private static String toHexString(byte[] bytes) {
        Formatter formatter = new Formatter();
        for (byte b : bytes) {
            formatter.format("%02x", b);
        }
        return formatter.toString();
    }
    public static String calculateSHA1HMAC(String payload, String key)
            throws SignatureException, NoSuchAlgorithmException, InvalidKeyException {
        //
        String HMAC_SHA1_ALGORITHM = "HmacSHA1";
        SecretKeySpec signingKey = new SecretKeySpec(key.getBytes(), HMAC_SHA1_ALGORITHM);
        Mac mac = Mac.getInstance(HMAC_SHA1_ALGORITHM);
        mac.init(signingKey);
        return toHexString(mac.doFinal(payload.getBytes()));
    }

PreviousRewards Webhook NextNotifications

Last updated 2 years ago

Was this helpful?

{ "client":"xyzc-b2e0-4927-8653-cba2babc2", "campaignId":"acxscx26-5437-4b37-855f-a3f6edqccqc4", "userId":"glutest-1", "notificationType":"push", "pageType":"full-default", "content":{ "button":{ "text":"Go to Reward", "action":"https://xyz.customerglu.net" }, "title":"Scratch card unlocked! 😍", "body":"Check to see how much you've won 🙌", "clickAction":"https://xyz.customerglu.net", "image":"" }, "timeRemaning":"", "expiry":"" }

import hmac,hashlib,json sampleObj = {"campaignId":"6bab1116-ae8e-4644-9cee-7a3d8ee9aff3","type":"direct","userId":"test-8-june-9","rewardId":"acdc71c6-08ad-4cd9-8c1e-3c812487b854","rewardName":"$15","rewardAmount":15,"details":{"currency":"USD","value":15,"reward_reason":"got_referred","userAName":"Test Solve 7","userAId":"test-8-june-7"}} gluHeader="f2719895b483fbf3f98e1936bc88271cbe74f138" def generateSignature(incomingBody): key="PbTJp694bmgrfJpJPQmrjGfjgq".encode('utf-8') incomingBodyString = json.dumps(incomingBody, ensure_ascii=False, separators=(',', ':')).encode('utf-8') return hmac.new(key, incomingBodyString, hashlib.sha1).hexdigest() def verifySignature(cgHeader,incomingBody): return hmac.compare_digest(cgHeader,generateSignature(incomingBody))

private static String toHexString(byte[] bytes) { Formatter formatter = new Formatter(); for (byte b : bytes) { formatter.format("%02x", b); } return formatter.toString(); } public static String calculateSHA1HMAC(String payload, String key) throws SignatureException, NoSuchAlgorithmException, InvalidKeyException { // String HMAC_SHA1_ALGORITHM = "HmacSHA1"; SecretKeySpec signingKey = new SecretKeySpec(key.getBytes(), HMAC_SHA1_ALGORITHM); Mac mac = Mac.getInstance(HMAC_SHA1_ALGORITHM); mac.init(signingKey); return toHexString(mac.doFinal(payload.getBytes())); }