Module: Webhookdb::Front

Includes:
Appydays::Configurable
Defined in:
lib/webhookdb/front.rb

Constant Summary collapse

CHANNEL_EVENT_TYPES = 
Set.new(["authorization", "delete", "message", "message_autoreply", "message_imported"])

Class Method Summary collapse

Class Method Details

.auth_headers(token) ⇒ Object 



56
57
58
 
# File 'lib/webhookdb/front.rb', line 56

def self.auth_headers(token)
  return {"Authorization" => "Bearer #{token}"}
end

.channel_jwt_jtiObject 



60
 
# File 'lib/webhookdb/front.rb', line 60

def self.channel_jwt_jti = SecureRandom.hex(4)

.initial_verification_request_response(request, secret) ⇒ Object 



45
46
47
48
49
50
51
52
53
54
 
# File 'lib/webhookdb/front.rb', line 45

def self.initial_verification_request_response(request, secret)
  from_front = self.verify_signature(request, secret)
  if from_front
    return Webhookdb::WebhookResponse.ok(
      json: {challenge: request.env["HTTP_X_FRONT_CHALLENGE"]},
      status: 200,
    )
  end
  return Webhookdb::WebhookResponse.error("invalid credentials")
end

.verify_signature(request, secret) ⇒ Object 



29
30
31
32
33
34
35
 
# File 'lib/webhookdb/front.rb', line 29

def self.verify_signature(request, secret)
  request.body.rewind
  body = request.body.read
  base_string = "#{request.env['HTTP_X_FRONT_REQUEST_TIMESTAMP']}:#{body}"
  calculated_signature = OpenSSL::HMAC.base64digest(OpenSSL::Digest.new("sha256"), secret, base_string)
  return calculated_signature == request.env["HTTP_X_FRONT_SIGNATURE"]
end

.webhook_response(request, secret) ⇒ Object 



37
38
39
40
41
42
43
 
# File 'lib/webhookdb/front.rb', line 37

def self.webhook_response(request, secret)
  return Webhookdb::WebhookResponse.error("missing signature") unless request.env["HTTP_X_FRONT_SIGNATURE"]

  from_front = self.verify_signature(request, secret)
  return Webhookdb::WebhookResponse.ok(status: 200) if from_front
  return Webhookdb::WebhookResponse.error("invalid signature")
end