Component(s)

receiver/webhookevent

Is your feature request related to a problem? Please describe.

The current webhookeventreceiver doesn't support HMAC signature authentication that required by some telemetry such as github and fingerprint.

Github webhook: https://docs.github.com/en/enterprise-cloud@latest/webhooks/using-webhooks/validating-webhook-deliveries
Fingerprint webhook: https://docs.fingerprint.com/docs/webhooks

Describe the solution you'd like

Make webhookeventreceiver support HMAC signature authentication that required by some telemetry such as github and fingerprint.

• reads the raw body,
• computes sha256= + HMAC hex digest with given secret,
• compares it with the sha256 provided in the header
• returns 401/403 on mismatch

Github webhook: https://docs.github.com/en/enterprise-cloud@latest/webhooks/using-webhooks/validating-webhook-deliveries
Fingerprint webhook: https://docs.fingerprint.com/docs/webhooks

Describe alternatives you've considered

No response

Additional context

No response

Tip

_{React with 👍 to help prioritize this issue. Please use comments to provide useful context, avoiding +1 or me too, to help us triage it. Learn more here.}