diff --git a/packages/api/src/@core/@core-services/webhooks/panora-webhooks/webhook.controller.ts b/packages/api/src/@core/@core-services/webhooks/panora-webhooks/webhook.controller.ts index 553b18909..f27d507e4 100644 --- a/packages/api/src/@core/@core-services/webhooks/panora-webhooks/webhook.controller.ts +++ b/packages/api/src/@core/@core-services/webhooks/panora-webhooks/webhook.controller.ts @@ -161,7 +161,7 @@ export class WebhookController { @Post('verifyEvent') async verifyPayloadSignature(@Body() data: SignatureVerificationDto) { const { payload, signature, secret } = data; - return this.webhookService.verifyPayloadSignature( + return await this.webhookService.verifyPayloadSignature( payload, signature, secret, diff --git a/packages/api/src/@core/@core-services/webhooks/panora-webhooks/webhook.processor.ts b/packages/api/src/@core/@core-services/webhooks/panora-webhooks/webhook.processor.ts index 9680b98e0..cc43e3f23 100644 --- a/packages/api/src/@core/@core-services/webhooks/panora-webhooks/webhook.processor.ts +++ b/packages/api/src/@core/@core-services/webhooks/panora-webhooks/webhook.processor.ts @@ -44,27 +44,32 @@ export class WebhookProcessor { webhooks_payloads: true, }, }); - - const event = await this.prisma.events.findUnique({ - where: { - id_event: deliveryAttempt.id_event - } - }) + + const event = await this.prisma.events.findUnique({ + where: { + id_event: deliveryAttempt.id_event, + }, + }); // Check if the endpoint is active if (deliveryAttempt.webhook_endpoints.active) { try { // Send the payload to the endpoint URL + //create a signature + const signature = this.webhookService.generateSignature( + deliveryAttempt.webhooks_payloads.data, + deliveryAttempt.webhook_endpoints.secret, + ); const response = await axios.post( deliveryAttempt.webhook_endpoints.url, { id_event: deliveryAttempt.id_event, data: deliveryAttempt.webhooks_payloads.data, - type: event.type + type: event.type, }, { headers: { - 'Panora-Signature': deliveryAttempt.webhook_endpoints.secret, + 'Panora-Signature': signature, }, }, ); diff --git a/packages/api/src/@core/@core-services/webhooks/panora-webhooks/webhook.service.ts b/packages/api/src/@core/@core-services/webhooks/panora-webhooks/webhook.service.ts index c8e558f30..2b122e0ec 100644 --- a/packages/api/src/@core/@core-services/webhooks/panora-webhooks/webhook.service.ts +++ b/packages/api/src/@core/@core-services/webhooks/panora-webhooks/webhook.service.ts @@ -5,7 +5,7 @@ import { LoggerService } from '@@core/@core-services/logger/logger.service'; import { WebhooksError } from '@@core/utils/errors'; import { WebhookDto } from './dto/webhook.dto'; import axios from 'axios'; -import crypto from 'crypto'; +import { createHmac } from 'crypto'; import { BullQueueService } from '@@core/@core-services/queues/shared.service'; @Injectable() @@ -20,8 +20,8 @@ export class WebhookService { generateSignature(payload: any, secret: string): string { try { - return crypto - .createHmac('sha256', secret) + this.logger.log('PAYLOAD IS ' + JSON.stringify(payload)); + return createHmac('sha256', secret) .update(JSON.stringify(payload)) .digest('hex'); } catch (error) { @@ -295,11 +295,17 @@ export class WebhookService { secret: string, ) { try { - const expected = this.generateSignature(payload, secret); + this.logger.log( + '(verify) PAYLOAD IS ' + + JSON.stringify(payload) + + ' data from payload is ' + + JSON.stringify(payload.data), + ); + const expected = this.generateSignature(payload.data, secret); if (expected !== signature) { throw new WebhooksError({ name: 'INVALID_SIGNATURE_ERROR', - message: `Signature mismatch for the payload received with signature=${signature}`, + message: `Signature mismatch for the payload received with expected=${expected} and signature=${signature}`, }); } return payload;