Bug: get_adcp_signed_headers_for_webhook signs compact JSON but wire body uses default JSON

[EmmaLouise2018]

Summary

get_adcp_signed_headers_for_webhook() in src/adcp/webhooks.py computes the HMAC signature over compact JSON (no spaces), but callers send the HTTP body via requests.post(url, json=payload) which uses default JSON (with spaces). Receivers that verify against raw HTTP body bytes (per the AdCP spec) will always get a signature mismatch.

Root Cause

In get_adcp_signed_headers_for_webhook():

payload_bytes = json.dumps(payload_dict, separators=(",", ":"), sort_keys=False).encode("utf-8")
signed_message = f"{timestamp}.{payload_bytes.decode('utf-8')}"

This signs over compact JSON: {"contextId":"msg_123","final":false}

But the caller sends the body with requests.post(url, json=payload), which internally uses json.dumps(payload) with default separators, producing: {"contextId": "msg_123", "final": false}

The receiver verifies HMAC(secret, "{timestamp}.{raw_http_body}") — since the raw body has spaces but the signature was computed without spaces, they never match.

Reference Implementation Mismatch

The official @adcp/client JS library (the reference implementation) uses JSON.stringify(payload) for signing, which produces default serialization with spaces — matching what goes on the wire.

From the JS test suite:

const message = `${timestamp}.${JSON.stringify(payload)}`;
const hmac = crypto.createHmac('sha256', webhookSecret);
hmac.update(message);
const signature = `sha256=${hmac.digest('hex')}`;

JSON.stringify output: {"contextId": "msg_123", "final": false} (with spaces after : and ,)

The Python client should match this behavior.

Reproduction

import json, hashlib, hmac

payload = {"contextId": "msg_123", "final": False, "kind": "status-update"}
secret = "my-test-webhook-secret-that-is-32chars!"
timestamp = "1773185740"

# What get_adcp_signed_headers_for_webhook signs (compact):
compact = json.dumps(payload, separators=(",", ":"), sort_keys=False)
# '{"contextId":"msg_123","final":false,"kind":"status-update"}'

# What requests.post(json=payload) sends on the wire (default):
default = json.dumps(payload)
# '{"contextId": "msg_123", "final": false, "kind": "status-update"}'

sig_compact = hmac.new(secret.encode(), f"{timestamp}.{compact}".encode(), hashlib.sha256).hexdigest()
sig_default = hmac.new(secret.encode(), f"{timestamp}.{default}".encode(), hashlib.sha256).hexdigest()

print(f"Match: {sig_compact == sig_default}")  # False

Suggested Fix

# In get_adcp_signed_headers_for_webhook(), change:
payload_bytes = json.dumps(payload_dict, separators=(",", ":"), sort_keys=False).encode("utf-8")

# To:
payload_bytes = json.dumps(payload_dict).encode("utf-8")

This aligns with the JS reference implementation's JSON.stringify() behavior.

Alternatively, the function's docstring could be updated to instruct callers to pre-serialize and send with data= instead of json=, but that's a larger change for all consumers.

Impact

All consumers of get_adcp_signed_headers_for_webhook() that use requests.post(json=...) or httpx.post(json=...) will have webhook HMAC validation failures on the receiver side. This is currently breaking create_media_buy, update_media_buy, and sync_creatives webhook callbacks.

[EmmaLouise2018]

The spec (now on main) explicitly requires raw bytes:

The rawBody must be the exact bytes sent on the wire. Implementations must sign the same serialization that goes in the HTTP body — signing a re-serialized or reformatted version of the payload will cause verification failures.

See: https://docs.adcontextprotocol.org/docs/building/implementation/webhooks#hmac-sha256-recommended-for-production

Raw bytes is the only correct approach because the raw HTTP body is the one string both sender and receiver are guaranteed to have in common. The sender created it, the receiver received it. The moment either side re-serializes a parsed object, you lose that guarantee — JSON.stringify() in JS and json.dumps() in Python produce different output for the same logical data (key ordering, whitespace, number formatting like 1.0 vs 1, unicode escaping). This is how GitHub, Stripe, and Slack all implement webhook HMAC verification.

get_adcp_signed_headers_for_webhook currently takes a dict/model and calls json.dumps(payload_dict, separators=(",", ":")). It needs to either accept pre-serialized bytes, or the caller must use the same serialized bytes for both signing and requests.post(data=..., ...) instead of requests.post(json=..., ...).