2019-12-04 03:04:45 +01:00
|
|
|
<?php
|
|
|
|
|
|
|
|
/*
|
|
|
|
* This file is part of RaspiSMS.
|
|
|
|
*
|
|
|
|
* (c) Pierre-Lin Bonnemaison <plebwebsas@gmail.com>
|
|
|
|
*
|
|
|
|
* This source file is subject to the GPL-3.0 license that is bundled
|
|
|
|
* with this source code in the file LICENSE.
|
|
|
|
*/
|
|
|
|
|
|
|
|
namespace controllers\internals;
|
|
|
|
|
2020-04-02 18:40:39 +02:00
|
|
|
class Webhook extends StandardController
|
|
|
|
{
|
2021-01-30 11:12:30 +01:00
|
|
|
const HMAC_ALGO = 'sha256';
|
|
|
|
|
2020-04-02 18:40:39 +02:00
|
|
|
protected $bdd;
|
|
|
|
protected $model;
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Create a new webhook.
|
|
|
|
*
|
|
|
|
* @param int $id_user : User id
|
|
|
|
* @param string $url : Webhook url
|
|
|
|
* @param string $type : Webhook type
|
|
|
|
*
|
|
|
|
* @return mixed bool|int : False if cannot create webhook, id of the new webhook else
|
|
|
|
*/
|
|
|
|
public function create(int $id_user, string $url, string $type)
|
2019-12-04 03:04:45 +01:00
|
|
|
{
|
2020-06-14 22:17:04 +02:00
|
|
|
//Must ensure http(s) protocole for protection against ssrf
|
|
|
|
if (!mb_ereg_match('^http(s?)://', $url))
|
|
|
|
{
|
|
|
|
return false;
|
|
|
|
}
|
|
|
|
|
2020-04-02 18:40:39 +02:00
|
|
|
$webhook = [
|
|
|
|
'id_user' => $id_user,
|
|
|
|
'url' => $url,
|
|
|
|
'type' => $type,
|
|
|
|
];
|
|
|
|
|
|
|
|
$result = $this->get_model()->insert($webhook);
|
|
|
|
if (!$result)
|
2019-12-04 03:04:45 +01:00
|
|
|
{
|
2020-04-02 18:40:39 +02:00
|
|
|
return false;
|
|
|
|
}
|
2019-12-04 03:04:45 +01:00
|
|
|
|
2020-04-02 18:40:39 +02:00
|
|
|
return $result;
|
|
|
|
}
|
2020-01-17 18:19:25 +01:00
|
|
|
|
2020-04-02 18:40:39 +02:00
|
|
|
/**
|
|
|
|
* Update a webhook.
|
|
|
|
*
|
|
|
|
* @param int $id_user : User id
|
|
|
|
* @param int $id : Webhook id
|
|
|
|
* @param string $url : Webhook url
|
|
|
|
* @param string $type : Webhook type
|
|
|
|
*
|
|
|
|
* @return mixed bool|int : False if cannot create webhook, id of the new webhook else
|
|
|
|
*/
|
|
|
|
public function update_for_user(int $id_user, int $id, string $url, string $type)
|
|
|
|
{
|
2020-06-14 22:17:04 +02:00
|
|
|
//Must ensure http(s) protocole for protection against ssrf
|
|
|
|
if (!mb_ereg_match('^http(s?)://', $url))
|
|
|
|
{
|
|
|
|
return false;
|
|
|
|
}
|
|
|
|
|
2021-01-17 03:16:57 +01:00
|
|
|
$data = [
|
2020-04-02 18:40:39 +02:00
|
|
|
'url' => $url,
|
|
|
|
'type' => $type,
|
|
|
|
];
|
2020-01-17 18:19:25 +01:00
|
|
|
|
2021-01-17 03:16:57 +01:00
|
|
|
return $this->get_model()->update_for_user($id_user, $id, $data);
|
2020-04-02 18:40:39 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Find all webhooks for a user and for a type of webhook.
|
|
|
|
*
|
|
|
|
* @param int $id_user : User id
|
|
|
|
* @param string $type : Webhook type
|
|
|
|
*
|
|
|
|
* @return array
|
|
|
|
*/
|
|
|
|
public function gets_for_type_and_user(int $id_user, string $type)
|
|
|
|
{
|
|
|
|
return $this->get_model()->gets_for_type_and_user($id_user, $type);
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Trigger a webhook and transmit the signal to webhook daemon if needed.
|
2020-06-23 21:06:13 +02:00
|
|
|
*
|
|
|
|
* @param int $id_user : User to trigger the webhook for
|
|
|
|
* @param string $type : Type of webhook to trigger
|
2021-03-23 04:31:13 +01:00
|
|
|
* @param array $body : The body, an array depending on webhook type
|
2020-06-23 21:06:13 +02:00
|
|
|
*
|
2020-04-02 18:40:39 +02:00
|
|
|
* @return bool : False if no trigger, true else
|
|
|
|
*/
|
2021-03-23 04:31:13 +01:00
|
|
|
public function trigger(int $id_user, string $type, array $body)
|
2020-04-02 18:40:39 +02:00
|
|
|
{
|
|
|
|
$internal_setting = new Setting($this->bdd);
|
2021-01-30 11:12:30 +01:00
|
|
|
$internal_user = new User($this->bdd);
|
2020-04-02 19:10:54 +02:00
|
|
|
$settings = $internal_setting->gets_for_user($id_user);
|
2020-04-02 18:40:39 +02:00
|
|
|
|
|
|
|
if (!$settings['webhook'] ?? false)
|
2020-01-06 23:39:30 +01:00
|
|
|
{
|
2020-04-02 18:40:39 +02:00
|
|
|
return false;
|
2020-01-06 23:39:30 +01:00
|
|
|
}
|
2020-01-17 18:19:25 +01:00
|
|
|
|
2021-01-30 11:12:30 +01:00
|
|
|
$user = $internal_user->get($id_user);
|
|
|
|
if (!$user)
|
|
|
|
{
|
|
|
|
return false;
|
|
|
|
}
|
|
|
|
|
2020-04-02 18:40:39 +02:00
|
|
|
$webhooks = $this->gets_for_type_and_user($id_user, $type);
|
|
|
|
foreach ($webhooks as $webhook)
|
2020-01-17 18:19:25 +01:00
|
|
|
{
|
2021-01-30 11:12:30 +01:00
|
|
|
$timestamp = time();
|
2021-01-30 11:24:14 +01:00
|
|
|
$webhook_random_id = $timestamp . '-' . bin2hex(openssl_random_pseudo_bytes(16));
|
2021-02-23 00:31:54 +01:00
|
|
|
|
2021-01-30 11:24:14 +01:00
|
|
|
//signature is hexa string representing hmac sha256 of webhook_random_id
|
|
|
|
$webhook_signature = hash_hmac(self::HMAC_ALGO, $webhook_random_id, $user['api_key']);
|
2021-02-23 00:31:54 +01:00
|
|
|
|
2020-04-02 18:40:39 +02:00
|
|
|
$message = [
|
|
|
|
'url' => $webhook['url'],
|
2021-01-17 03:16:57 +01:00
|
|
|
'data' => [
|
2021-01-30 11:12:30 +01:00
|
|
|
'webhook_timestamp' => $timestamp,
|
2020-04-02 18:40:39 +02:00
|
|
|
'webhook_type' => $webhook['type'],
|
2021-01-30 11:24:14 +01:00
|
|
|
'webhook_random_id' => $webhook_random_id,
|
|
|
|
'webhook_signature' => $webhook_signature,
|
2021-03-23 04:31:13 +01:00
|
|
|
'body' => json_encode($body),
|
2020-04-02 18:40:39 +02:00
|
|
|
],
|
|
|
|
];
|
2020-01-17 18:19:25 +01:00
|
|
|
|
2024-10-31 21:22:56 +01:00
|
|
|
$queue = new Queue(QUEUE_ID_WEBHOOK);
|
|
|
|
$success = $queue->push(json_encode($message), QUEUE_TYPE_WEBHOOK);
|
2020-01-17 18:19:25 +01:00
|
|
|
}
|
2023-02-06 04:35:08 +01:00
|
|
|
|
2024-10-31 21:22:56 +01:00
|
|
|
return (bool) $success;
|
2019-12-04 03:04:45 +01:00
|
|
|
}
|
2020-06-23 21:06:13 +02:00
|
|
|
|
|
|
|
/**
|
|
|
|
* Get the model for the Controller.
|
|
|
|
*/
|
2021-07-19 17:32:23 +02:00
|
|
|
protected function get_model(): \models\Webhook
|
2020-06-23 21:06:13 +02:00
|
|
|
{
|
|
|
|
$this->model = $this->model ?? new \models\Webhook($this->bdd);
|
|
|
|
|
|
|
|
return $this->model;
|
|
|
|
}
|
2020-04-02 18:40:39 +02:00
|
|
|
}
|