CodeMirror/appwrite
1
0
Fork 0
mirror of synced 2024-06-14 00:34:51 +12:00
Code Issues Projects Releases Wiki Activity

Small fix

Browse source
This commit is contained in:
shimon 2022-06-08 10:19:50 +03:00
parent 71c7a48075
commit 64ba33f3aa
5 changed files with 49 additions and 134 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
app/controllers/api/projects.php
View file

@ -718,11 +718,13 @@ App::put('/v1/projects/:projectId/webhooks/:webhookId')
->setAttribute('security', $security)
->setAttribute('httpUser', $httpUser)
->setAttribute('httpPass', $httpPass)
->setAttribute('signatureKey', empty($signatureKey) ? \bin2hex(\random_bytes(64)) : $signatureKey)
;
$dbForConsole->updateDocument('webhooks', $webhook->getId(), $webhook);
if(!empty($signatureKey)){
$webhook->setAttribute('signatureKey', $signatureKey);
}
$dbForConsole->updateDocument('webhooks', $webhook->getId(), $webhook);
$dbForConsole->deleteCachedDocument('projects', $project->getId());
$response->dynamic($webhook, Response::MODEL_WEBHOOK);

2
app/workers/webhooks.php
View file

@ -70,7 +70,7 @@ class WebhooksV1 extends Worker
'X-' . APP_NAME . '-Webhook-Name: ' . $webhook->getAttribute('name', ''),
'X-' . APP_NAME . '-Webhook-User-Id: ' . $user->getId(),
'X-' . APP_NAME . '-Webhook-Project-Id: ' . $project->getId(),
'X-' . APP_NAME . '-Webhook-Signature: ' . $webhook->getAttribute('signature', $signature),
'X-' . APP_NAME . '-Webhook-Signature: ' . $signature,
]
);

2
src/Appwrite/Utopia/Response/Model/Webhook.php
View file

@ -60,7 +60,7 @@ class Webhook extends Model
])
->addRule('signatureKey', [
'type' => self::TYPE_STRING,
'description' => 'random string to be used as key to encrypt signature',
'description' => 'Signature key which can be used to validated incoming requests',
'default' => '',
'example' => 'ad3d581ca230e2b7059c545e5a0d1defd8c349f8979b12579e03890aab973bcd23318e4b0ff6190fa3be09d746358821e19147d995210d45855eb3c069f6fd6e',
])

94
tests/e2e/Services/Webhooks/WebhooksBase.php
View file

@ -7,6 +7,15 @@ use Tests\E2E\Client;
trait WebhooksBase
{
public static function getWebhookSignature($webhook, $signatureKey) :string
{;
$payload = json_encode($webhook['data']);
$url = $webhook['url'];
return base64_encode(hash_hmac('sha1', $url . $payload, $signatureKey, true));
}
public function testCreateCollection(): array
{
/**
@ -30,10 +39,7 @@ trait WebhooksBase
$this->assertNotEmpty($actors['body']['$id']);
$webhook = $this->getLastRequest();
$signatureKey = $this->getProject()['signatureKey'];
$payload = json_encode($webhook['data']);
$url = $webhook['url'];
$signatureExpected = base64_encode(hash_hmac('sha1', $url . $payload, $signatureKey, true));
$signatureExpected = self::getWebhookSignature($webhook, $this->getProject()['signatureKey']);
$this->assertEquals($webhook['method'], 'POST');
$this->assertEquals($webhook['headers']['Content-Type'], 'application/json');
@ -106,10 +112,7 @@ trait WebhooksBase
sleep(10);
$webhook = $this->getLastRequest();
$signatureKey = $this->getProject()['signatureKey'];
$payload = json_encode($webhook['data']);
$url = $webhook['url'];
$signatureExpected = base64_encode(hash_hmac('sha1', $url . $payload, $signatureKey, true));
$signatureExpected = self::getWebhookSignature($webhook, $this->getProject()['signatureKey']);
$this->assertEquals($webhook['method'], 'POST');
$this->assertEquals($webhook['headers']['Content-Type'], 'application/json');
@ -139,10 +142,7 @@ trait WebhooksBase
$this->assertEquals(204, $removed['headers']['status-code']);
$webhook = $this->getLastRequest();
$signatureKey = $this->getProject()['signatureKey'];
$payload = json_encode($webhook['data']);
$url = $webhook['url'];
$signatureExpected = base64_encode(hash_hmac('sha1', $url . $payload, $signatureKey, true));
$signatureExpected = self::getWebhookSignature($webhook, $this->getProject()['signatureKey']);
// $this->assertEquals($webhook['method'], 'DELETE');
$this->assertEquals($webhook['headers']['Content-Type'], 'application/json');
@ -195,10 +195,7 @@ trait WebhooksBase
$this->assertNotEmpty($document['body']['$id']);
$webhook = $this->getLastRequest();
$signatureKey = $this->getProject()['signatureKey'];
$payload = json_encode($webhook['data']);
$url = $webhook['url'];
$signatureExpected = base64_encode(hash_hmac('sha1', $url . $payload, $signatureKey, true));
$signatureExpected = self::getWebhookSignature($webhook, $this->getProject()['signatureKey']);
$this->assertEquals($webhook['method'], 'POST');
$this->assertEquals($webhook['headers']['Content-Type'], 'application/json');
@ -258,10 +255,7 @@ trait WebhooksBase
$this->assertNotEmpty($document['body']['$id']);
$webhook = $this->getLastRequest();
$signatureKey = $this->getProject()['signatureKey'];
$payload = json_encode($webhook['data']);
$url = $webhook['url'];
$signatureExpected = base64_encode(hash_hmac('sha1', $url . $payload, $signatureKey, true));
$signatureExpected = self::getWebhookSignature($webhook, $this->getProject()['signatureKey']);
$this->assertEquals($webhook['method'], 'POST');
$this->assertEquals($webhook['headers']['Content-Type'], 'application/json');
@ -328,10 +322,7 @@ trait WebhooksBase
$this->assertEquals($document['headers']['status-code'], 204);
$webhook = $this->getLastRequest();
$signatureKey = $this->getProject()['signatureKey'];
$payload = json_encode($webhook['data']);
$url = $webhook['url'];
$signatureExpected = base64_encode(hash_hmac('sha1', $url . $payload, $signatureKey, true));
$signatureExpected = self::getWebhookSignature($webhook, $this->getProject()['signatureKey']);
$this->assertEquals($webhook['method'], 'POST');
$this->assertEquals($webhook['headers']['Content-Type'], 'application/json');
@ -385,10 +376,7 @@ trait WebhooksBase
$this->assertNotEmpty($bucket['body']['$id']);
$webhook = $this->getLastRequest();
$signatureKey = $this->getProject()['signatureKey'];
$payload = json_encode($webhook['data']);
$url = $webhook['url'];
$signatureExpected = base64_encode(hash_hmac('sha1', $url . $payload, $signatureKey, true));
$signatureExpected = self::getWebhookSignature($webhook, $this->getProject()['signatureKey']);
$this->assertEquals($webhook['method'], 'POST');
$this->assertEquals($webhook['headers']['Content-Type'], 'application/json');
@ -434,10 +422,7 @@ trait WebhooksBase
$this->assertNotEmpty($bucket['body']['$id']);
$webhook = $this->getLastRequest();
$signatureKey = $this->getProject()['signatureKey'];
$payload = json_encode($webhook['data']);
$url = $webhook['url'];
$signatureExpected = base64_encode(hash_hmac('sha1', $url . $payload, $signatureKey, true));
$signatureExpected = self::getWebhookSignature($webhook, $this->getProject()['signatureKey']);
$this->assertEquals($webhook['method'], 'POST');
$this->assertEquals($webhook['headers']['Content-Type'], 'application/json');
@ -498,10 +483,7 @@ trait WebhooksBase
$this->assertNotEmpty($file['body']['$id']);
$webhook = $this->getLastRequest();
$signatureKey = $this->getProject()['signatureKey'];
$payload = json_encode($webhook['data']);
$url = $webhook['url'];
$signatureExpected = base64_encode(hash_hmac('sha1', $url . $payload, $signatureKey, true));
$signatureExpected = self::getWebhookSignature($webhook, $this->getProject()['signatureKey']);
$this->assertEquals($webhook['method'], 'POST');
$this->assertEquals($webhook['headers']['Content-Type'], 'application/json');
@ -557,10 +539,7 @@ trait WebhooksBase
$this->assertNotEmpty($file['body']['$id']);
$webhook = $this->getLastRequest();
$signatureKey = $this->getProject()['signatureKey'];
$payload = json_encode($webhook['data']);
$url = $webhook['url'];
$signatureExpected = base64_encode(hash_hmac('sha1', $url . $payload, $signatureKey, true));
$signatureExpected = self::getWebhookSignature($webhook, $this->getProject()['signatureKey']);
$this->assertEquals($webhook['method'], 'POST');
$this->assertEquals($webhook['headers']['Content-Type'], 'application/json');
@ -611,10 +590,7 @@ trait WebhooksBase
$this->assertEmpty($file['body']);
$webhook = $this->getLastRequest();
$signatureKey = $this->getProject()['signatureKey'];
$payload = json_encode($webhook['data']);
$url = $webhook['url'];
$signatureExpected = base64_encode(hash_hmac('sha1', $url . $payload, $signatureKey, true));
$signatureExpected = self::getWebhookSignature($webhook, $this->getProject()['signatureKey']);
$this->assertEquals($webhook['method'], 'POST');
$this->assertEquals($webhook['headers']['Content-Type'], 'application/json');
@ -664,10 +640,7 @@ trait WebhooksBase
$this->assertEmpty($bucket['body']);
$webhook = $this->getLastRequest();
$signatureKey = $this->getProject()['signatureKey'];
$payload = json_encode($webhook['data']);
$url = $webhook['url'];
$signatureExpected = base64_encode(hash_hmac('sha1', $url . $payload, $signatureKey, true));
$signatureExpected = self::getWebhookSignature($webhook, $this->getProject()['signatureKey']);
$this->assertEquals($webhook['method'], 'POST');
$this->assertEquals($webhook['headers']['Content-Type'], 'application/json');
@ -706,10 +679,7 @@ trait WebhooksBase
$this->assertNotEmpty($team['body']['$id']);
$webhook = $this->getLastRequest();
$signatureKey = $this->getProject()['signatureKey'];
$payload = json_encode($webhook['data']);
$url = $webhook['url'];
$signatureExpected = base64_encode(hash_hmac('sha1', $url . $payload, $signatureKey, true));
$signatureExpected = self::getWebhookSignature($webhook, $this->getProject()['signatureKey']);
$this->assertEquals($webhook['method'], 'POST');
$this->assertEquals($webhook['headers']['Content-Type'], 'application/json');
@ -754,10 +724,7 @@ trait WebhooksBase
$this->assertNotEmpty($team['body']['$id']);
$webhook = $this->getLastRequest();
$signatureKey = $this->getProject()['signatureKey'];
$payload = json_encode($webhook['data']);
$url = $webhook['url'];
$signatureExpected = base64_encode(hash_hmac('sha1', $url . $payload, $signatureKey, true));
$signatureExpected = self::getWebhookSignature($webhook, $this->getProject()['signatureKey']);
$this->assertEquals($webhook['method'], 'POST');
$this->assertEquals($webhook['headers']['Content-Type'], 'application/json');
@ -806,10 +773,7 @@ trait WebhooksBase
], $this->getHeaders()));
$webhook = $this->getLastRequest();
$signatureKey = $this->getProject()['signatureKey'];
$payload = json_encode($webhook['data']);
$url = $webhook['url'];
$signatureExpected = base64_encode(hash_hmac('sha1', $url . $payload, $signatureKey, true));
$signatureExpected = self::getWebhookSignature($webhook, $this->getProject()['signatureKey']);
$this->assertEquals($webhook['method'], 'POST');
$this->assertEquals($webhook['headers']['Content-Type'], 'application/json');
@ -864,10 +828,7 @@ trait WebhooksBase
$membershipId = $team['body']['$id'];
$webhook = $this->getLastRequest();
$signatureKey = $this->getProject()['signatureKey'];
$payload = json_encode($webhook['data']);
$url = $webhook['url'];
$signatureExpected = base64_encode(hash_hmac('sha1', $url . $payload, $signatureKey, true));
$signatureExpected = self::getWebhookSignature($webhook, $this->getProject()['signatureKey']);
$this->assertEquals($webhook['method'], 'POST');
$this->assertEquals($webhook['headers']['Content-Type'], 'application/json');
@ -939,10 +900,7 @@ trait WebhooksBase
$this->assertEquals(204, $team['headers']['status-code']);
$webhook = $this->getLastRequest();
$signatureKey = $this->getProject()['signatureKey'];
$payload = json_encode($webhook['data']);
$url = $webhook['url'];
$signatureExpected = base64_encode(hash_hmac('sha1', $url . $payload, $signatureKey, true));
$signatureExpected = self::getWebhookSignature($webhook, $this->getProject()['signatureKey']);
$this->assertEquals($webhook['method'], 'POST');
$this->assertEquals($webhook['headers']['Content-Type'], 'application/json');

79
tests/e2e/Services/Webhooks/WebhooksCustomServerTest.php
View file

@ -38,10 +38,7 @@ class WebhooksCustomServerTest extends Scope
$this->assertNotEmpty($actors['body']['$id']);
$webhook = $this->getLastRequest();
$signatureKey = $this->getProject()['signatureKey'];
$payload = json_encode($webhook['data']);
$url = $webhook['url'];
$signatureExpected = base64_encode(hash_hmac('sha1', $url . $payload, $signatureKey, true));
$signatureExpected = self::getWebhookSignature($webhook, $this->getProject()['signatureKey']);
$this->assertEquals($webhook['method'], 'POST');
$this->assertEquals($webhook['headers']['Content-Type'], 'application/json');
@ -90,10 +87,7 @@ class WebhooksCustomServerTest extends Scope
sleep(5);
$webhook = $this->getLastRequest();
$signatureKey = $this->getProject()['signatureKey'];
$payload = json_encode($webhook['data']);
$url = $webhook['url'];
$signatureExpected = base64_encode(hash_hmac('sha1', $url . $payload, $signatureKey, true));
$signatureExpected = self::getWebhookSignature($webhook, $this->getProject()['signatureKey']);
$this->assertEquals($webhook['method'], 'POST');
$this->assertEquals($webhook['headers']['Content-Type'], 'application/json');
@ -122,10 +116,7 @@ class WebhooksCustomServerTest extends Scope
// // wait for database worker to remove index
$webhook = $this->getLastRequest();
$signatureKey = $this->getProject()['signatureKey'];
$payload = json_encode($webhook['data']);
$url = $webhook['url'];
$signatureExpected = base64_encode(hash_hmac('sha1', $url . $payload, $signatureKey, true));
$signatureExpected = self::getWebhookSignature($webhook, $this->getProject()['signatureKey']);
// $this->assertEquals($webhook['method'], 'DELETE');
$this->assertEquals($webhook['headers']['Content-Type'], 'application/json');
@ -179,10 +170,7 @@ class WebhooksCustomServerTest extends Scope
$this->assertEquals($actors['headers']['status-code'], 204);
$webhook = $this->getLastRequest();
$signatureKey = $this->getProject()['signatureKey'];
$payload = json_encode($webhook['data']);
$url = $webhook['url'];
$signatureExpected = base64_encode(hash_hmac('sha1', $url . $payload, $signatureKey, true));
$signatureExpected = self::getWebhookSignature($webhook, $this->getProject()['signatureKey']);
$this->assertEquals($webhook['method'], 'POST');
$this->assertEquals($webhook['headers']['Content-Type'], 'application/json');
@ -230,10 +218,7 @@ class WebhooksCustomServerTest extends Scope
$id = $user['body']['$id'];
$webhook = $this->getLastRequest();
$signatureKey = $this->getProject()['signatureKey'];
$payload = json_encode($webhook['data']);
$url = $webhook['url'];
$signatureExpected = base64_encode(hash_hmac('sha1', $url . $payload, $signatureKey, true));
$signatureExpected = self::getWebhookSignature($webhook, $this->getProject()['signatureKey']);
$this->assertEquals($webhook['method'], 'POST');
$this->assertEquals($webhook['headers']['Content-Type'], 'application/json');
@ -281,10 +266,7 @@ class WebhooksCustomServerTest extends Scope
$this->assertEquals($user['body']['a'], 'b');
$webhook = $this->getLastRequest();
$signatureKey = $this->getProject()['signatureKey'];
$payload = json_encode($webhook['data']);
$url = $webhook['url'];
$signatureExpected = base64_encode(hash_hmac('sha1', $url . $payload, $signatureKey, true));
$signatureExpected = self::getWebhookSignature($webhook, $this->getProject()['signatureKey']);
$this->assertEquals($webhook['method'], 'POST');
$this->assertEquals($webhook['headers']['Content-Type'], 'application/json');
@ -325,10 +307,7 @@ class WebhooksCustomServerTest extends Scope
$this->assertNotEmpty($user['body']['$id']);
$webhook = $this->getLastRequest();
$signatureKey = $this->getProject()['signatureKey'];
$payload = json_encode($webhook['data']);
$url = $webhook['url'];
$signatureExpected = base64_encode(hash_hmac('sha1', $url . $payload, $signatureKey, true));
$signatureExpected = self::getWebhookSignature($webhook, $this->getProject()['signatureKey']);
$this->assertEquals($webhook['method'], 'POST');
$this->assertEquals($webhook['headers']['Content-Type'], 'application/json');
@ -372,10 +351,7 @@ class WebhooksCustomServerTest extends Scope
$this->assertEquals($user['headers']['status-code'], 204);
$webhook = $this->getLastRequest();
$signatureKey = $this->getProject()['signatureKey'];
$payload = json_encode($webhook['data']);
$url = $webhook['url'];
$signatureExpected = base64_encode(hash_hmac('sha1', $url . $payload, $signatureKey, true));
$signatureExpected = self::getWebhookSignature($webhook, $this->getProject()['signatureKey']);
$this->assertEquals($webhook['method'], 'POST');
$this->assertEquals($webhook['headers']['Content-Type'], 'application/json');
@ -421,10 +397,7 @@ class WebhooksCustomServerTest extends Scope
$this->assertNotEmpty($function['body']['$id']);
$webhook = $this->getLastRequest();
$signatureKey = $this->getProject()['signatureKey'];
$payload = json_encode($webhook['data']);
$url = $webhook['url'];
$signatureExpected = base64_encode(hash_hmac('sha1', $url . $payload, $signatureKey, true));
$signatureExpected = self::getWebhookSignature($webhook, $this->getProject()['signatureKey']);
$this->assertEquals($webhook['method'], 'POST');
$this->assertEquals($webhook['headers']['Content-Type'], 'application/json');
@ -473,10 +446,7 @@ class WebhooksCustomServerTest extends Scope
$this->assertEquals($function['body']['vars'], ['key1' => 'value1']);
$webhook = $this->getLastRequest();
$signatureKey = $this->getProject()['signatureKey'];
$payload = json_encode($webhook['data']);
$url = $webhook['url'];
$signatureExpected = base64_encode(hash_hmac('sha1', $url . $payload, $signatureKey, true));
$signatureExpected = self::getWebhookSignature($webhook, $this->getProject()['signatureKey']);
$this->assertEquals($webhook['method'], 'POST');
$this->assertEquals($webhook['headers']['Content-Type'], 'application/json');
@ -521,10 +491,7 @@ class WebhooksCustomServerTest extends Scope
$this->assertNotEmpty($deployment['body']['$id']);
$webhook = $this->getLastRequest();
$signatureKey = $this->getProject()['signatureKey'];
$payload = json_encode($webhook['data']);
$url = $webhook['url'];
$signatureExpected = base64_encode(hash_hmac('sha1', $url . $payload, $signatureKey, true));
$signatureExpected = self::getWebhookSignature($webhook, $this->getProject()['signatureKey']);
$this->assertEquals($webhook['method'], 'POST');
$this->assertEquals($webhook['headers']['Content-Type'], 'application/json');
@ -567,10 +534,7 @@ class WebhooksCustomServerTest extends Scope
sleep(5);
$webhook = $this->getLastRequest();
$signatureKey = $this->getProject()['signatureKey'];
$payload = json_encode($webhook['data']);
$url = $webhook['url'];
$signatureExpected = base64_encode(hash_hmac('sha1', $url . $payload, $signatureKey, true));
$signatureExpected = self::getWebhookSignature($webhook, $this->getProject()['signatureKey']);
$this->assertEquals($webhook['method'], 'POST');
$this->assertEquals($webhook['headers']['Content-Type'], 'application/json');
@ -617,11 +581,7 @@ class WebhooksCustomServerTest extends Scope
$this->assertNotEmpty($execution['body']['$id']);
$webhook = $this->getLastRequest();
$signatureKey = $this->getProject()['signatureKey'];
$payload = json_encode($webhook['data']);
$url = $webhook['url'];
$signatureExpected = base64_encode(hash_hmac('sha1', $url . $payload, $signatureKey, true));
$signatureExpected = self::getWebhookSignature($webhook, $this->getProject()['signatureKey']);
$this->assertEquals($webhook['method'], 'POST');
$this->assertEquals($webhook['headers']['Content-Type'], 'application/json');
$this->assertEquals($webhook['headers']['User-Agent'], 'Appwrite-Server vdev. Please report abuse at security@appwrite.io');
@ -643,6 +603,7 @@ class WebhooksCustomServerTest extends Scope
sleep(10);
$webhook = $this->getLastRequest();
$signatureExpected = self::getWebhookSignature($webhook, $this->getProject()['signatureKey']);
$this->assertEquals($webhook['method'], 'POST');
$this->assertEquals($webhook['headers']['Content-Type'], 'application/json');
@ -657,7 +618,7 @@ class WebhooksCustomServerTest extends Scope
$this->assertStringContainsString("functions.{$id}.executions.*.update", $webhook['headers']['X-Appwrite-Webhook-Events']);
$this->assertStringContainsString("functions.{$id}.executions.{$executionId}", $webhook['headers']['X-Appwrite-Webhook-Events']);
$this->assertStringContainsString("functions.{$id}.executions.{$executionId}.update", $webhook['headers']['X-Appwrite-Webhook-Events']);
$this->assertEquals($webhook['headers']['X-Appwrite-Webhook-Signature'], 'not-yet-implemented');
$this->assertEquals($webhook['headers']['X-Appwrite-Webhook-Signature'], $signatureExpected);
$this->assertEquals($webhook['headers']['X-Appwrite-Webhook-Id'] ?? '', $this->getProject()['webhookId']);
$this->assertEquals($webhook['headers']['X-Appwrite-Webhook-Project-Id'] ?? '', $this->getProject()['$id']);
@ -687,10 +648,7 @@ class WebhooksCustomServerTest extends Scope
$this->assertEmpty($deployment['body']);
$webhook = $this->getLastRequest();
$signatureKey = $this->getProject()['signatureKey'];
$payload = json_encode($webhook['data']);
$url = $webhook['url'];
$signatureExpected = base64_encode(hash_hmac('sha1', $url . $payload, $signatureKey, true));
$signatureExpected = self::getWebhookSignature($webhook, $this->getProject()['signatureKey']);
$this->assertEquals($webhook['method'], 'POST');
$this->assertEquals($webhook['headers']['Content-Type'], 'application/json');
@ -735,10 +693,7 @@ class WebhooksCustomServerTest extends Scope
$this->assertEmpty($function['body']);
$webhook = $this->getLastRequest();
$signatureKey = $this->getProject()['signatureKey'];
$payload = json_encode($webhook['data']);
$url = $webhook['url'];
$signatureExpected = base64_encode(hash_hmac('sha1', $url . $payload, $signatureKey, true));
$signatureExpected = self::getWebhookSignature($webhook, $this->getProject()['signatureKey']);
$this->assertEquals($webhook['method'], 'POST');
$this->assertEquals($webhook['headers']['Content-Type'], 'application/json');