webhook_agent.rb 3.9KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109
  1. module Agents
  2. class WebhookAgent < Agent
  3. include WebRequestConcern
  4. cannot_be_scheduled!
  5. cannot_receive_events!
  6. description do <<-MD
  7. The Webhook Agent will create events by receiving webhooks from any source. In order to create events with this agent, make a POST request to:
  8. ```
  9. https://#{ENV['DOMAIN']}/users/#{user.id}/web_requests/#{id || ':id'}/#{options['secret'] || ':secret'}
  10. ```
  11. #{'The placeholder symbols above will be replaced by their values once the agent is saved.' unless id}
  12. Options:
  13. * `secret` - A token that the host will provide for authentication.
  14. * `expected_receive_period_in_days` - How often you expect to receive
  15. events this way. Used to determine if the agent is working.
  16. * `payload_path` - JSONPath of the attribute in the POST body to be
  17. used as the Event payload. Set to `.` to return the entire message.
  18. If `payload_path` points to an array, Events will be created for each element.
  19. * `verbs` - Comma-separated list of http verbs your agent will accept.
  20. For example, "post,get" will enable POST and GET requests. Defaults
  21. to "post".
  22. * `response` - The response message to the request. Defaults to 'Event Created'.
  23. * `recaptcha_secret` - Setting this to a reCAPTCHA "secret" key makes your agent verify incoming requests with reCAPTCHA. Don't forget to embed a reCAPTCHA snippet including your "site" key in the originating form(s).
  24. * `recaptcha_send_remote_addr` - Set this to true if your server is properly configured to set REMOTE_ADDR to the IP address of each visitor (instead of that of a proxy server).
  25. MD
  26. end
  27. event_description do
  28. <<-MD
  29. The event payload is based on the value of the `payload_path` option,
  30. which is set to `#{interpolated['payload_path']}`.
  31. MD
  32. end
  33. def default_options
  34. { "secret" => "supersecretstring",
  35. "expected_receive_period_in_days" => 1,
  36. "payload_path" => "some_key"
  37. }
  38. end
  39. def receive_web_request(params, method, format)
  40. # check the secret
  41. secret = params.delete('secret')
  42. return ["Not Authorized", 401] unless secret == interpolated['secret']
  43. # check the verbs
  44. verbs = (interpolated['verbs'] || 'post').split(/,/).map { |x| x.strip.downcase }.select { |x| x.present? }
  45. return ["Please use #{verbs.join('/').upcase} requests only", 401] unless verbs.include?(method)
  46. # check the reCAPTCHA response if required
  47. if recaptcha_secret = interpolated['recaptcha_secret'].presence
  48. recaptcha_response = params.delete('g-recaptcha-response') or
  49. return ["Not Authorized", 401]
  50. parameters = {
  51. secret: recaptcha_secret,
  52. response: recaptcha_response,
  53. }
  54. if boolify(interpolated['recaptcha_send_remote_addr'])
  55. parameters[:remoteip] = request.env['REMOTE_ADDR']
  56. end
  57. begin
  58. response = faraday.post('https://www.google.com/recaptcha/api/siteverify',
  59. parameters)
  60. rescue => e
  61. error "Verification failed: #{e.message}"
  62. return ["Not Authorized", 401]
  63. end
  64. JSON.parse(response.body)['success'] or
  65. return ["Not Authorized", 401]
  66. end
  67. [payload_for(params)].flatten.each do |payload|
  68. create_event(payload: payload)
  69. end
  70. [response_message, 201]
  71. end
  72. def working?
  73. event_created_within?(interpolated['expected_receive_period_in_days']) && !recent_error_logs?
  74. end
  75. def validate_options
  76. unless options['secret'].present?
  77. errors.add(:base, "Must specify a secret for 'Authenticating' requests")
  78. end
  79. end
  80. def payload_for(params)
  81. Utils.value_at(params, interpolated['payload_path']) || {}
  82. end
  83. def response_message
  84. interpolated['response'] || 'Event Created'
  85. end
  86. end
  87. end