Twitch hmac verification in python

I couldn’t find any python hmac signature verification example, so here it is:

import hmac

def verify_message(id: str, timestamp: str, signature: str, body: bytes):

    message = id.encode() + timestamp.encode() + body

    hmac_signature = HMAC_PREFIX + \
        hmac.new(APP_SECRET.encode(), message, digestmod='sha256').hexdigest()

    return hmac.compare_digest(hmac_signature, signature)

The id, timestamp and signature are simply the headers, all as strings, and the body is the body in bytes. If you have it in bytes just remove the ‘.encode()’