Skip to content

Commit

Permalink
feat: ✨ webhook request validation logic
Browse files Browse the repository at this point in the history
  • Loading branch information
@PaulRill00
PaulRill00 committed Jun 3, 2024
1 parent 8c22d6c commit ce81792
Show file tree
Hide file tree
Showing 2 changed files with 40 additions and 0 deletions.
16 changes: 16 additions & 0 deletions src/PrintOne.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -32,6 +32,7 @@ import { ICsvOrder } from "~/models/_interfaces/ICsvOrder";
import { Batch, CreateBatch } from "~/models/Batch";
import { IBatch } from "~/models/_interfaces/IBatch";
import { BatchStatus } from "~/enums/BatchStatus";
import * as crypto from "crypto";

export type RequestHandler = new (
token: string,
Expand Down Expand Up @@ -518,4 +519,19 @@ export class PrintOne {
(data) => new Batch(this.protected, data),
);
}

public validatedWebhook(
body: string,
headers: Record<string, string>,
secret: string,
): boolean {
const hmacHeader = headers["x-printone-hmac-sha256"];

const hmac = crypto
.createHmac("sha256", secret)
.update(body)
.digest("base64");

return hmac === hmacHeader;
}
}
24 changes: 24 additions & 0 deletions test/PrintOne.spec.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1924,3 +1924,27 @@ describe("getBatches", function () {
);
});
});

describe("validateWebhook", function () {
const body =
'{"data":{"id":"ord_QXitaPr7MumnHo2BYXuW9","companyId":"2bd4c679-3d59-4a6f-a815-a60424746f8d","templateId":"tmpl_AyDg3PxvP5ydyGq3kSFfj","finish":"GLOSSY","format":"POSTCARD_A5","mergeVariables":{},"recipient":{"name":"Your Name","address":"Street 1","postalCode":"1234 AB","city":"Amsterdam","country":"NL"},"definitiveCountryId":"NL","region":"NETHERLANDS","deliverySpeed":"FAST","isBillable":true,"status":"order_created","friendlyStatus":"Processing","errors":[],"metadata":{},"sendDate":"2024-01-01T00:00:00.000Z","createdAt":"2024-01-01T00:00:00.000Z","updatedAt":"2024-01-01T00:00:00.000Z","anonymizedAt":null,"csvOrderId":null},"created_at":"2024-06-03T13:14:46.501Z","event":"order_status_update"}';
const headers = {
"x-printone-hmac-sha256": "blmkCA9eG2fajvgpHx/RBirRO8rA4wRGf6gr1/v+V0g=",
};

it("should return false if header does not match", () => {
expect(
client.validatedWebhook(body, headers, "invalid-header-secret"),
).toBeFalse();
});

it("should return if signature is valid", () => {
expect(
client.validatedWebhook(
body,
headers,
"0YFMgi5yzciEJV2HBL9wKWtNDnos8TaMOqtjSNErnDYWfign0JdW81vpmb6T62r4",
),
).toBeTrue();
});
});

0 comments on commit ce81792

Please sign in to comment.