CryptoJS implementation in serviceNow

Alvin5
Tera Contributor

‎03-28-2022 08:24 PM

I'm trying to create a webhook in github and uses a scripted rest api in my servicenow instance. as part of its security im planning to use the cryptojs to match the secret key from github which is in X-Hub-Signature-256

I copied the cryptojs file to my servicenow instance however I cant make it work as it throws error 500

{"error":{"detail":"Invalid object in scoped script: [object Object]","message":"Invalid object in scoped script: [object Object]"},"status":"failure"}

is there anyone who encountered the same issue ?



Labels:
0 Helpfuls
  • 1,730 Views
2 REPLIES 2

Maik Skoddow
Tera Patron
Tera Patron

‎03-28-2022 09:03 PM

Hi Alvin

what do you mean with "I copied the cryptojs file to my servicenow instance" and what was your approach to use that file?

Kind regards
Maik

0 Helpfuls

Alvin5
Tera Contributor
In response to Maik Skoddow

‎03-28-2022 09:19 PM

i followed the instructions here Facing challenge to bundle the Crypto-js.js file

basically i created a custom app and created the script include for Cryptojs.

the intension is to use for github webhook authentication.

i created a scripted rest api without authentication, inside i have a script to create a hash base on my secret key and compare it to github hash.

sample hash from github  : sha256=9355247e75294bddb50f711e19475394706a9dddec5cefd3873a02b40xxxxxx,


on my scripted rest api im going to generate the hash like this

var key = my_scope.CryptoJS.HmacSHA256(<github payload>,"secret_key");
if key === github_hash
then proceed
else
access denied 
 
the highlighted text throws the error. but its working if i execute it on the script-background 

 

 

0 Helpfuls