2019-12-04 03:04:45 +01:00
|
|
|
<?php
|
|
|
|
|
|
|
|
/*
|
|
|
|
* This file is part of RaspiSMS.
|
|
|
|
*
|
|
|
|
* (c) Pierre-Lin Bonnemaison <plebwebsas@gmail.com>
|
|
|
|
*
|
|
|
|
* This source file is subject to the GPL-3.0 license that is bundled
|
|
|
|
* with this source code in the file LICENSE.
|
|
|
|
*/
|
|
|
|
|
|
|
|
namespace controllers\internals;
|
|
|
|
|
2020-04-02 18:40:39 +02:00
|
|
|
class Webhook extends StandardController
|
|
|
|
{
|
2021-01-30 11:12:30 +01:00
|
|
|
const HMAC_ALGO = 'sha256';
|
|
|
|
|
2020-04-02 18:40:39 +02:00
|
|
|
protected $bdd;
|
|
|
|
protected $model;
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Create a new webhook.
|
|
|
|
*
|
|
|
|
* @param int $id_user : User id
|
|
|
|
* @param string $url : Webhook url
|
|
|
|
* @param string $type : Webhook type
|
|
|
|
*
|
|
|
|
* @return mixed bool|int : False if cannot create webhook, id of the new webhook else
|
|
|
|
*/
|
|
|
|
public function create(int $id_user, string $url, string $type)
|
2019-12-04 03:04:45 +01:00
|
|
|
{
|
2020-06-14 22:17:04 +02:00
|
|
|
//Must ensure http(s) protocole for protection against ssrf
|
|
|
|
if (!mb_ereg_match('^http(s?)://', $url))
|
|
|
|
{
|
|
|
|
return false;
|
|
|
|
}
|
|
|
|
|
2020-04-02 18:40:39 +02:00
|
|
|
$webhook = [
|
|
|
|
'id_user' => $id_user,
|
|
|
|
'url' => $url,
|
|
|
|
'type' => $type,
|
|
|
|
];
|
|
|
|
|
|
|
|
$result = $this->get_model()->insert($webhook);
|
|
|
|
if (!$result)
|
2019-12-04 03:04:45 +01:00
|
|
|
{
|
2020-04-02 18:40:39 +02:00
|
|
|
return false;
|
|
|
|
}
|
2019-12-04 03:04:45 +01:00
|
|
|
|
2020-04-02 18:40:39 +02:00
|
|
|
return $result;
|
|
|
|
}
|
2020-01-17 18:19:25 +01:00
|
|
|
|
2020-04-02 18:40:39 +02:00
|
|
|
/**
|
|
|
|
* Update a webhook.
|
|
|
|
*
|
|
|
|
* @param int $id_user : User id
|
|
|
|
* @param int $id : Webhook id
|
|
|
|
* @param string $url : Webhook url
|
|
|
|
* @param string $type : Webhook type
|
|
|
|
*
|
|
|
|
* @return mixed bool|int : False if cannot create webhook, id of the new webhook else
|
|
|
|
*/
|
|
|
|
public function update_for_user(int $id_user, int $id, string $url, string $type)
|
|
|
|
{
|
2020-06-14 22:17:04 +02:00
|
|
|
//Must ensure http(s) protocole for protection against ssrf
|
|
|
|
if (!mb_ereg_match('^http(s?)://', $url))
|
|
|
|
{
|
|
|
|
return false;
|
|
|
|
}
|
|
|
|
|
2021-01-17 03:16:57 +01:00
|
|
|
$data = [
|
2020-04-02 18:40:39 +02:00
|
|
|
'url' => $url,
|
|
|
|
'type' => $type,
|
|
|
|
];
|
2020-01-17 18:19:25 +01:00
|
|
|
|
2021-01-17 03:16:57 +01:00
|
|
|
return $this->get_model()->update_for_user($id_user, $id, $data);
|
2020-04-02 18:40:39 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Find all webhooks for a user and for a type of webhook.
|
|
|
|
*
|
|
|
|
* @param int $id_user : User id
|
|
|
|
* @param string $type : Webhook type
|
|
|
|
*
|
|
|
|
* @return array
|
|
|
|
*/
|
|
|
|
public function gets_for_type_and_user(int $id_user, string $type)
|
|
|
|
{
|
|
|
|
return $this->get_model()->gets_for_type_and_user($id_user, $type);
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Trigger a webhook and transmit the signal to webhook daemon if needed.
|
2020-06-23 21:06:13 +02:00
|
|
|
*
|
|
|
|
* @param int $id_user : User to trigger the webhook for
|
|
|
|
* @param string $type : Type of webhook to trigger
|
|
|
|
* @param array $sms : The sms [
|
|
|
|
* int 'id' => SMS id,
|
|
|
|
* string 'at' => SMS date,
|
|
|
|
* string 'text' => sms body,
|
|
|
|
* string 'origin' => sms origin (number or phone id)
|
|
|
|
* string 'destination' => sms destination (number or phone id)
|
|
|
|
* ]
|
|
|
|
*
|
2020-04-02 18:40:39 +02:00
|
|
|
* @return bool : False if no trigger, true else
|
|
|
|
*/
|
2020-06-23 21:06:13 +02:00
|
|
|
public function trigger(int $id_user, string $type, array $sms)
|
2020-04-02 18:40:39 +02:00
|
|
|
{
|
|
|
|
$internal_setting = new Setting($this->bdd);
|
2021-01-30 11:12:30 +01:00
|
|
|
$internal_user = new User($this->bdd);
|
2020-04-02 19:10:54 +02:00
|
|
|
$settings = $internal_setting->gets_for_user($id_user);
|
2020-04-02 18:40:39 +02:00
|
|
|
|
|
|
|
if (!$settings['webhook'] ?? false)
|
2020-01-06 23:39:30 +01:00
|
|
|
{
|
2020-04-02 18:40:39 +02:00
|
|
|
return false;
|
2020-01-06 23:39:30 +01:00
|
|
|
}
|
2020-01-17 18:19:25 +01:00
|
|
|
|
2021-01-30 11:12:30 +01:00
|
|
|
$user = $internal_user->get($id_user);
|
|
|
|
if (!$user)
|
|
|
|
{
|
|
|
|
return false;
|
|
|
|
}
|
|
|
|
|
2020-04-02 18:40:39 +02:00
|
|
|
$webhooks = $this->gets_for_type_and_user($id_user, $type);
|
|
|
|
foreach ($webhooks as $webhook)
|
2020-01-17 18:19:25 +01:00
|
|
|
{
|
2021-01-30 11:12:30 +01:00
|
|
|
$timestamp = time();
|
2020-04-02 18:40:39 +02:00
|
|
|
$message = [
|
|
|
|
'url' => $webhook['url'],
|
2021-01-17 03:16:57 +01:00
|
|
|
'data' => [
|
2021-01-30 11:12:30 +01:00
|
|
|
'webhook_timestamp' => $timestamp,
|
2020-04-02 18:40:39 +02:00
|
|
|
'webhook_type' => $webhook['type'],
|
2021-01-30 11:16:15 +01:00
|
|
|
'webhook_random_id' => $timestamp . '-' . bin2hex(openssl_random_pseudo_bytes(8)),
|
2020-04-02 18:40:39 +02:00
|
|
|
'id' => $sms['id'],
|
|
|
|
'at' => $sms['at'],
|
|
|
|
'text' => $sms['text'],
|
|
|
|
'origin' => $sms['origin'],
|
|
|
|
'destination' => $sms['destination'],
|
|
|
|
],
|
|
|
|
];
|
2020-01-17 18:19:25 +01:00
|
|
|
|
2021-01-30 11:12:30 +01:00
|
|
|
//signature is hexa string representing hmac sha256 of user_api_key::webhook_timestamp::webhook_random_id
|
|
|
|
$signature_clear = $user['api_key'] . '.' . $message['data']['webhook_timestamp'] . '.' . $message['data']['webhook_random_id'];
|
|
|
|
$message['data']['webhook_signature'] = hash_hmac(self::HMAC_ALGO, $signature_clear, $user['api_key']);
|
|
|
|
|
2020-04-02 18:40:39 +02:00
|
|
|
$error_code = null;
|
|
|
|
$queue = msg_get_queue(QUEUE_ID_WEBHOOK);
|
|
|
|
$success = msg_send($queue, QUEUE_TYPE_WEBHOOK, $message, true, true, $error_code);
|
2020-06-23 21:06:13 +02:00
|
|
|
|
2020-04-02 18:40:39 +02:00
|
|
|
return (bool) $success;
|
2020-01-17 18:19:25 +01:00
|
|
|
}
|
2019-12-04 03:04:45 +01:00
|
|
|
}
|
2020-06-23 21:06:13 +02:00
|
|
|
|
|
|
|
/**
|
|
|
|
* Get the model for the Controller.
|
|
|
|
*/
|
|
|
|
protected function get_model(): \descartes\Model
|
|
|
|
{
|
|
|
|
$this->model = $this->model ?? new \models\Webhook($this->bdd);
|
|
|
|
|
|
|
|
return $this->model;
|
|
|
|
}
|
2020-04-02 18:40:39 +02:00
|
|
|
}
|