using System;
using System.Collections.Generic;
using System.Diagnostics;
using RestSharp;
using Plivo.Utilities;
using Nancy;

namespace validateSignature
{
    public class Program : NancyModule
    {
        public Program()
        {
            Get["/receive_sms/"] = x =>
            {
                IEnumerable<string> signature = Request.Headers["X-Plivo-Signature-V2"];
                String[] sign = (String[])signature;
                String actualsignature = sign[0];

                IEnumerable<string> nonce = Request.Headers["X-Plivo-Signature-V2-Nonce"];
                String[] key = (String[])nonce;
                String actualnonce = key[0];

                String auth_token = "<auth_token>";
                String url = Request.Url.SiteBase + Request.Url.Path;

                bool valid = Plivo.Utilities.XPlivoSignatureV2.VerifySignature(url, actualnonce, actualsignature, auth_token);
                Debug.WriteLine("Valid : " + valid);
                
                String from_number = Request.Query["From"];
                String to_number = Request.Query["To"];
                String text = Request.Query["Text"];

                Debug.WriteLine("From : {0}, To : {1}, Text : {2}", from_number, to_number, text);
                Console.ReadLine(); 
                return "OK";
            };
        }
    }
}

  True

All requests made by Plivo to your server URLs consist of X-Plivo-Signature-V2 and X-Plivo-Signature-V2-Nonce HTTP headers. To validate a request and to verify that the request to your server originated from Plivo, you must generate a signature at your end and compare it with X-Plivo-Signature-V2 parameter in the HTTP header to check whether they match. Read more about signature validation.

Methods to compute and verify X-Plivo-Signature-V2 are available in the latest server SDKs. Choose the SDK for the programming language of your choice to see how to use these methods.

Arguments

NameTypeDescription
uristringThe callback that you want to validate.
Allowed values: answer_url, message_url, callback_url, action_url, hangup_url
X-Plivo-Signature-V2-NoncestringRandom numeric digits posted to the callback_url, used for validation purposes.
X-Plivo-Signature-V2 or X-Plivo-Signature-Ma-V2stringRandom alphanumeric characters used for validation. You can get this from the relevant event details posted to your callback. See note below.
auth_tokenstringYour account Auth Token, which you can find on the Overview page of the Plivo console.

Note: You can either use X-Plivo-Signature-V2 or X-Plivo-Signature-Ma-V2 to validate the signature.

  • X-Plivo-Signature-V2 is generated using the Auth Token of the associated account or subaccount. To validate using the X-Plivo-Signature-V2 request header, generate the signature at your end using the same account or subaccount.
  • X-Plivo-Signature-Ma-V2 is always generated using the Auth Token of the account. To validate using the X-Plivo-Signature-Ma-V2 request header, generate the signature using the main account.
using System;
using System.Collections.Generic;
using System.Diagnostics;
using RestSharp;
using Plivo.Utilities;
using Nancy;

namespace validateSignature
{
    public class Program : NancyModule
    {
        public Program()
        {
            Get["/receive_sms/"] = x =>
            {
                IEnumerable<string> signature = Request.Headers["X-Plivo-Signature-V2"];
                String[] sign = (String[])signature;
                String actualsignature = sign[0];

                IEnumerable<string> nonce = Request.Headers["X-Plivo-Signature-V2-Nonce"];
                String[] key = (String[])nonce;
                String actualnonce = key[0];

                String auth_token = "<auth_token>";
                String url = Request.Url.SiteBase + Request.Url.Path;

                bool valid = Plivo.Utilities.XPlivoSignatureV2.VerifySignature(url, actualnonce, actualsignature, auth_token);
                Debug.WriteLine("Valid : " + valid);
                
                String from_number = Request.Query["From"];
                String to_number = Request.Query["To"];
                String text = Request.Query["Text"];

                Debug.WriteLine("From : {0}, To : {1}, Text : {2}", from_number, to_number, text);
                Console.ReadLine(); 
                return "OK";
            };
        }
    }
}

  True