klbr/n8nworkflows.xyz
1
0
Fork 0
mirror of https://github.com/khoaliber/n8nworkflows.xyz.git synced 2026-04-28 00:29:22 +00:00
Code Issues Packages Projects Releases Wiki Activity

creation

Browse Source
This commit is contained in:
nusquama
2025-11-12 13:15:34 +01:00
parent 5d55bea019
commit f9a1e8ec9b
1 changed files with 163 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
workflows/Handle verification for Twitter webhook-1440/readme-1440.md
+163
View File
@@ -0,0 +1,163 @@
Handle verification for Twitter webhook
https://n8nworkflows.xyz/workflows/handle-verification-for-twitter-webhook-1440
# Handle verification for Twitter webhook
### 1. Workflow Overview
This n8n workflow is designed to handle the verification process for Twitter webhooks when integrating with the Twitter Account Activity API. Its primary purpose is to respond correctly to Twitter's webhook verification requests by generating the required HMAC SHA-256 response token that Twitter expects. This ensures that the webhook URL is verified and active, allowing Twitter to send events securely.
The workflow consists of three main logical blocks:
- **1.1 Input Reception:** Receives incoming webhook requests from Twitter with a CRC (challenge-response check) token.
- **1.2 Signature Generation:** Processes the CRC token by generating an HMAC SHA-256 hash using the Twitter API Key Secret.
- **1.3 Response Construction:** Formats the hashed value into the expected JSON response format to send back to Twitter.
---
### 2. Block-by-Block Analysis
#### 1.1 Input Reception
- **Overview:**
This block receives HTTP requests from Twitter to the webhook URL. It captures incoming verification requests that contain the CRC token needed to verify the webhook.
- **Nodes Involved:**
- Webhook
- **Node Details:**
- **Webhook**
- *Type & Role:* HTTP Webhook node; entry point for Twitter API requests.
- *Configuration:*
- Path: A unique identifier string (`0db0a40c-e5d1-463f-8252-03599f1303e6`) used to form the webhook URL that Twitter calls.
- Response Mode: Set to "lastNode," meaning the final response is generated by the last node executed downstream.
- *Expressions/Variables:*
- Accesses the CRC token from the query parameters at `{{$json["query"]["crc_token"]}}`.
- *Input/Output Connections:*
- No inputs (starting node).
- Output connected to the Crypto node.
- *Version Requirements:* Compatible with n8n version 0.95.0+ due to webhook node features.
- *Potential Failures:*
- If Twitter does not send the `crc_token` as a query parameter, downstream nodes may fail.
- Webhook URL misconfiguration can cause connection errors.
- *Sub-workflow:* None.
#### 1.2 Signature Generation
- **Overview:**
This block generates the HMAC SHA-256 hash of the CRC token using the Twitter API Key Secret. This hash acts as a signature proving the webhooks authenticity.
- **Nodes Involved:**
- Crypto
- **Node Details:**
- **Crypto**
- *Type & Role:* Crypto node; performs cryptographic operations.
- *Configuration:*
- Action: HMAC (Hash-based Message Authentication Code).
- Hash Type: SHA256.
- Value: Evaluates expression to extract the CRC token from the webhook input (`={{$json["query"]["crc_token"]}}`).
- Secret: The Twitter API Key Secret (entered by the user in the "Secret" field).
- Encoding: Base64 (Twitter expects the signature base64-encoded).
- *Expressions/Variables:*
- Uses dynamic expression to pull CRC token from the incoming request.
- *Input/Output Connections:*
- Input from Webhook node.
- Output connected to Set node.
- *Version Requirements:* No special requirements; standard Crypto node features.
- *Potential Failures:*
- Incorrect or missing API Key Secret leads to invalid signature.
- If the CRC token is missing or malformed, the Crypto node will produce errors or invalid output.
- *Sub-workflow:* None.
#### 1.3 Response Construction
- **Overview:**
This block formats the HMAC hash into the response JSON format Twitter requires to verify the webhook.
- **Nodes Involved:**
- Set
- **Node Details:**
- **Set**
- *Type & Role:* Set node; constructs the response JSON object.
- *Configuration:*
- Creates a string field named `response_token`.
- Value is set using the expression: `=sha256={{$json["data"]}}`, where `data` is the output from the Crypto node (the base64 encoded HMAC SHA256 hash).
- Keeps only the set fields in the output (removes all other fields).
- *Expressions/Variables:*
- Uses the output of the Crypto node to build the response token string as expected by Twitter, prefixing with `sha256=`.
- *Input/Output Connections:*
- Input from Crypto node.
- Output sent back as HTTP response to Twitter (due to Webhook nodes responseMode).
- *Version Requirements:* None.
- *Potential Failures:*
- If the Crypto node output is missing or invalid, the response token will be malformed.
- *Sub-workflow:* None.
---
### 3. Summary Table
| Node Name | Node Type | Functional Role | Input Node(s) | Output Node(s) | Sticky Note |
|-----------|-----------------|-----------------------------|---------------|----------------|--------------------------------------------------------------------------------------------------------------------------------|
| Webhook | Webhook | Receives incoming Twitter webhook calls with CRC token | None | Crypto | Use the displayed URL to register with the Account Activity API. |
| Crypto | Crypto | Generates HMAC SHA256 hash of CRC token using Twitter API Key Secret | Webhook | Set | In the ***Secret*** field, enter your API Key Secret from Twitter. |
| Set | Set | Formats the HMAC hash into Twitters expected response JSON | Crypto | HTTP Response | This node generates the response expected by the Twitter API. |
---
### 4. Reproducing the Workflow from Scratch
1. **Create a Webhook node:**
- Type: Webhook
- Parameters:
- Path: Use a unique string identifier (e.g., `0db0a40c-e5d1-463f-8252-03599f1303e6`), which will form your webhook URL (e.g., `https://<n8n-domain>/webhook/0db0a40c-e5d1-463f-8252-03599f1303e6`).
- Response Mode: Set to "lastNode" to allow a downstream node to generate the HTTP response.
- No credentials required.
- Connect output to the next node (Crypto).
2. **Create a Crypto node:**
- Type: Crypto
- Parameters:
- Action: HMAC
- Type: SHA256
- Value: Use expression to extract Twitters CRC token: `={{$json["query"]["crc_token"]}}`
- Secret: Enter your Twitter API Key Secret here (replace `"API KEY SECRET"`). This credential must be kept confidential.
- Encoding: Base64 (Twitter expects base64-encoded output).
- Connect output to the next node (Set).
3. **Create a Set node:**
- Type: Set
- Parameters:
- Add a string field named `response_token`.
- Set value with expression: `=sha256={{$json["data"]}}` where `data` is the base64-encoded hash from the Crypto node.
- Enable "Keep Only Set" to ensure only this field is returned in the response.
- This nodes output will be sent back as the HTTP response to Twitter (because the Webhook nodes responseMode is "lastNode").
- No credentials required.
4. **Connect nodes:**
- Webhook → Crypto → Set
5. **Register the webhook URL:**
- Use the URL from the Webhook node (e.g., `https://<your-n8n-instance>/webhook/0db0a40c-e5d1-463f-8252-03599f1303e6`) when registering your webhook with Twitters Account Activity API.
6. **Testing & Validation:**
- Twitter will send a CRC check request with a `crc_token` query parameter.
- The workflow will respond with the correct `response_token` JSON, allowing Twitter to verify the webhook.
---
### 5. General Notes & Resources
| Note Content | Context or Link |
|------------------------------------------------------------------------------------------------|---------------------------------------------------------------------------------------------------------|
| Learn more about connecting n8n with Twitter in the Getting Started with Twitter Webhook article. | https://harshil.dev/writings/getting-started-with-twitter-webhook |
| The webhook URL generated by the Webhook node must be publicly accessible and registered in Twitters Account Activity API. | Twitter webhook registration requirements |
| Keep your Twitter API Key Secret confidential; do not hardcode it in workflows shared publicly. | Security best practice |
---
This document fully describes the "Handle verification for Twitter webhook" workflow, enabling reproduction, extension, or integration troubleshooting.