Add new secret token header field to webhooks and default to X-EA-Token (#1607)

This commit is contained in:
Alex Tselegidis 2024-12-19 21:23:43 +02:00
parent ebd67b29dd
commit 376c04c12d
46 changed files with 119 additions and 6 deletions

View file

@ -8,6 +8,7 @@ developers to maintain and readjust their custom modifications on the main proje
### Added
- Add support for PHP 8.4 (#1640)
- Add new secret token header field to webhooks and default to X-EA-Token (#1607)
### Fixed

View file

@ -9,10 +9,10 @@
|
*/
$config['version'] = '1.5.0'; // This must be changed manually.
$config['version'] = '1.5.1-beta.1'; // This must be changed manually.
$config['url'] = Config::BASE_URL;
$config['debug'] = Config::DEBUG_MODE;
$config['cache_busting_token'] = 'ZV954';
$config['cache_busting_token'] = 'UH44E';

View file

@ -20,7 +20,16 @@
*/
class Webhooks extends EA_Controller
{
public array $allowed_webhook_fields = ['id', 'name', 'url', 'actions', 'secret_token', 'is_ssl_verified', 'notes'];
public array $allowed_webhook_fields = [
'id',
'name',
'url',
'actions',
'secret_header',
'secret_token',
'is_ssl_verified',
'notes',
];
public array $optional_webhook_fields = [
//

View file

@ -483,4 +483,5 @@ $lang['fields'] = 'الحقول';
$lang['invalid_credentials_provided'] = 'تم تقديم بيانات اعتماد غير صالحة، يرجى المحاولة مرة أخرى';
$lang['calendar_url'] = 'عنوان URL للتقويم';
$lang['please_select'] = 'يرجى الاختيار';
$lang['secret_header'] = 'Secret Header';
// End

View file

@ -483,4 +483,5 @@ $lang['fields'] = 'Polja';
$lang['invalid_credentials_provided'] = 'Nevažeći akreditivi su navedeni, pokušajte ponovo.';
$lang['calendar_url'] = 'URL kalendara';
$lang['please_select'] = 'Molimo izaberite';
$lang['secret_header'] = 'Secret Header';
// End

View file

@ -482,4 +482,5 @@ $lang['display_on_calendar'] = 'Покажи в календара';
$lang['display_in_services'] = 'Покажи в услугите';
$lang['import_ldap_users'] = 'Импортиране на LDAP потребители';
$lang['manage_providers'] = 'Управление на доставчици';
$lang['secret_header'] = 'Secret Header';
// End

View file

@ -483,4 +483,5 @@ $lang['fields'] = 'Camps';
$lang['invalid_credentials_provided'] = 'Les credencials no són vàlides, torneu-ho a provar un altre cop.';
$lang['calendar_url'] = 'URL del calendari';
$lang['please_select'] = 'Si us plau, seleccioneu';
$lang['secret_header'] = 'Secret Header';
// End

View file

@ -496,4 +496,5 @@ $lang['email'] = '电子邮件';
$lang['website'] = '网站';
$lang['social_media'] = '社交媒体';
$lang['follow_us'] = '关注我们';
$lang['secret_header'] = 'Secret Header';
// End

View file

@ -483,4 +483,5 @@ $lang['fields'] = 'Polja';
$lang['invalid_credentials_provided'] = 'Pruženi podaci za prijavu su neispravni, pokušajte ponovo.';
$lang['calendar_url'] = 'URL Kalendar';
$lang['please_select'] = 'Molimo Odaberite';
$lang['secret_header'] = 'Secret Header';
// End

View file

@ -489,4 +489,5 @@ $lang['export'] = 'Exportovat';
$lang['open'] = 'Otevřít';
$lang['close'] = 'Zavřít';
$lang['confirm_delete'] = 'Opravdu chcete odstranit tento záznam?';
$lang['secret_header'] = 'Secret Header';
// End

View file

@ -483,4 +483,5 @@ $lang['fields'] = 'Felter';
$lang['invalid_credentials_provided'] = 'Ugyldige legitimationsoplysninger angivet, prøv igen.';
$lang['calendar_url'] = 'Kalender URL';
$lang['please_select'] = 'Vælg venligst';
$lang['secret_header'] = 'Secret Header';
// End

View file

@ -494,4 +494,5 @@ $lang['event_detail'] = 'Evenement Detail';
$lang['event_success'] = 'Evenement succesvol toegevoegd.';
$lang['event_update_success'] = 'Evenement succesvol bijgewerkt.';
$lang['event_delete_success'] = 'Evenement succesvol verwijderd.';
$lang['secret_header'] = 'Secret Header';
// End

View file

@ -483,4 +483,5 @@ $lang['fields'] = 'Fields';
$lang['invalid_credentials_provided'] = 'Invalid credentials provided, please try again.';
$lang['calendar_url'] = 'Calendar URL';
$lang['please_select'] = 'Please Select';
$lang['secret_header'] = 'Secret Header';
// End

View file

@ -483,4 +483,5 @@ $lang['fields'] = 'Väljad';
$lang['invalid_credentials_provided'] = 'Esitatud andmed on vigased, palun proovige uuesti.';
$lang['calendar_url'] = 'Kalendri URL';
$lang['please_select'] = 'Palun Valige';
$lang['secret_header'] = 'Secret Header';
// End

View file

@ -483,4 +483,5 @@ $lang['fields'] = 'Kentät';
$lang['invalid_credentials_provided'] = 'Tunnukset olivat virheelliset, ole hyvä ja yritä uudelleen.';
$lang['calendar_url'] = 'Kalenterin URL';
$lang['please_select'] = 'Valitse';
$lang['secret_header'] = 'Secret Header';
// End

View file

@ -483,4 +483,5 @@ $lang['fields'] = 'Champs';
$lang['invalid_credentials_provided'] = 'Identifiants fournis invalides, veuillez réessayer.';
$lang['calendar_url'] = 'URL du Calendrier';
$lang['please_select'] = 'Veuillez Sélectionner';
$lang['secret_header'] = 'Secret Header';
// End

View file

@ -483,4 +483,5 @@ $lang['fields'] = 'Fields';
$lang['invalid_credentials_provided'] = 'Invalid credentials provided, please try again.';
$lang['calendar_url'] = 'Calendar URL';
$lang['please_select'] = 'Bitte Wählen';
$lang['secret_header'] = 'Secret Header';
// End

View file

@ -483,4 +483,5 @@ $lang['fields'] = 'Fields';
$lang['invalid_credentials_provided'] = 'Invalid credentials provided, please try again.';
$lang['calendar_url'] = 'Calendar URL';
$lang['please_select'] = 'Παρακαλώ Επιλέξτε';
$lang['secret_header'] = 'Secret Header';
// End

View file

@ -450,4 +450,5 @@ $lang['webhook_saved'] = 'WebHook נשמר בהצלחה.';
$lang['webhook_deleted'] = 'WebHook נמחק בהצלחה.';
$lang['delete_webhook'] = 'מחק WebHook';
$lang['contact_info'] = 'מידע ליצירת קשר';
$lang['secret_header'] = 'Secret Header';
// End

View file

@ -483,4 +483,5 @@ $lang['fields'] = 'फ़ील्ड्स';
$lang['invalid_credentials_provided'] = 'अमान्य क्रेडेंशियल्स प्रदान किए गए हैं, कृपया पुनः प्रयास करें।';
$lang['calendar_url'] = 'कैलेंडर URL';
$lang['please_select'] = 'कृपया चयन करें';
$lang['secret_header'] = 'Secret Header';
// End

View file

@ -483,4 +483,5 @@ $lang['fields'] = 'Mezők';
$lang['invalid_credentials_provided'] = 'Érvénytelen hitelesítő adatok lettek megadva, kérem próbálja újra.';
$lang['calendar_url'] = 'Naptár URL';
$lang['please_select'] = 'Kérem válasszon';
$lang['secret_header'] = 'Secret Header';
// End

View file

@ -483,4 +483,5 @@ $lang['fields'] = 'Campi';
$lang['invalid_credentials_provided'] = 'Credenziali fornite non valide, riprova.';
$lang['calendar_url'] = 'URL Calendario';
$lang['please_select'] = 'Seleziona';
$lang['secret_header'] = 'Secret Header';
// End

View file

@ -483,4 +483,5 @@ $lang['fields'] = 'フィールド';
$lang['invalid_credentials_provided'] = '無効な認証情報が提供されました。もう一度お試しください。';
$lang['calendar_url'] = 'カレンダーURL';
$lang['please_select'] = '選択してください';
$lang['secret_header'] = 'Secret Header';
// End

View file

@ -483,4 +483,5 @@ $lang['fields'] = 'Lauki';
$lang['invalid_credentials_provided'] = 'Sniegti nepareizi akreditācijas dati, lūdzu, mēģiniet vēlreiz.';
$lang['calendar_url'] = 'Kalendāra URL';
$lang['please_select'] = 'Lūdzu, izvēlieties';
$lang['secret_header'] = 'Secret Header';
// End

View file

@ -483,4 +483,5 @@ $lang['fields'] = 'Fields';
$lang['invalid_credentials_provided'] = 'Pateikti negaliojantys duomenys, bandykite dar kartą.';
$lang['calendar_url'] = 'Kalendoriaus URL';
$lang['please_select'] = 'Prašome pasirinkti';
$lang['secret_header'] = 'Secret Header';
// End

View file

@ -483,4 +483,5 @@ $lang['fields'] = 'Felder';
$lang['invalid_credentials_provided'] = 'Onvalabel Benotzerdaten, probéiert w.e.g. nach eng Kéier.';
$lang['calendar_url'] = 'Kalenner URL';
$lang['please_select'] = 'Wielt w.e.g.';
$lang['secret_header'] = 'Secret Header';
// End

View file

@ -483,4 +483,5 @@ $lang['fields'] = 'फील्ड';
$lang['invalid_credentials_provided'] = 'अवैध प्रमाणपत्रे प्रदान केली गेली, कृपया पुन्हा प्रयत्न करा.';
$lang['calendar_url'] = 'कॅलेंडर URL';
$lang['please_select'] = 'कृपया निवडा';
$lang['secret_header'] = 'Secret Header';
// End

View file

@ -458,4 +458,5 @@ $lang['default_timezone_hint'] = 'Angi standard tidssoneverdi som skal brukes fo
$lang['default_language'] = 'Standardspråk';
$lang['default_language_hint'] = 'Angi standard språkverdi som skal brukes for nye poster.';
$lang['sync_method_prompt'] = 'Hvilken synkroniseringsmetode ønsker du å bruke?';
$lang['secret_header'] = 'Secret Header';
// End

View file

@ -483,4 +483,5 @@ $lang['fields'] = 'فیلدها';
$lang['invalid_credentials_provided'] = 'اعتبارنامه‌های نامعتبر ارائه شده است، لطفاً دوباره تلاش کنید.';
$lang['calendar_url'] = 'URL تقویم';
$lang['please_select'] = 'لطفاً انتخاب کنید';
$lang['secret_header'] = 'Secret Header';
// End

View file

@ -483,4 +483,5 @@ $lang['fields'] = 'Pola';
$lang['invalid_credentials_provided'] = 'Podano nieprawidłowe dane logowania, spróbuj ponownie.';
$lang['calendar_url'] = 'URL kalendarza';
$lang['please_select'] = 'Proszę wybrać';
$lang['secret_header'] = 'Secret Header';
// End

View file

@ -483,4 +483,5 @@ $lang['fields'] = 'Campos';
$lang['invalid_credentials_provided'] = 'Credenciais inválidas fornecidas, por favor, tente novamente.';
$lang['calendar_url'] = 'URL do Calendário';
$lang['please_select'] = 'Por Favor, Selecione';
$lang['secret_header'] = 'Secret Header';
// End

View file

@ -483,4 +483,5 @@ $lang['fields'] = 'Campos';
$lang['invalid_credentials_provided'] = 'Credenciais inválidas fornecidas, por favor, tente novamente.';
$lang['calendar_url'] = 'URL do Calendário';
$lang['please_select'] = 'Por Favor Selecione';
$lang['secret_header'] = 'Secret Header';
// End

View file

@ -483,4 +483,5 @@ $lang['fields'] = 'Câmpuri';
$lang['invalid_credentials_provided'] = 'Credențiale invalide furnizate, vă rugăm să încercați din nou.';
$lang['calendar_url'] = 'URL Calendar';
$lang['please_select'] = 'Vă Rugăm să Selectați';
$lang['secret_header'] = 'Secret Header';
// End

View file

@ -483,4 +483,5 @@ $lang['fields'] = 'Поля';
$lang['invalid_credentials_provided'] = 'Предоставлены неверные учетные данные, пожалуйста, попробуйте снова.';
$lang['calendar_url'] = 'URL Календаря';
$lang['please_select'] = 'Пожалуйста, выберите';
$lang['secret_header'] = 'Secret Header';
// End

View file

@ -483,4 +483,5 @@ $lang['fields'] = 'Polja';
$lang['invalid_credentials_provided'] = 'Pružene kredencijale su nevažeće, molimo pokušajte ponovo.';
$lang['calendar_url'] = 'URL Kalendara';
$lang['please_select'] = 'Molimo izaberite';
$lang['secret_header'] = 'Secret Header';
// End

View file

@ -483,4 +483,5 @@ $lang['fields'] = 'Polia';
$lang['invalid_credentials_provided'] = 'Poskytnuté údaje sú neplatné, skúste to prosím znova.';
$lang['calendar_url'] = 'URL kalendára';
$lang['please_select'] = 'Vyberte prosím';
$lang['secret_header'] = 'Secret Header';
// End

View file

@ -483,4 +483,5 @@ $lang['fields'] = 'Polja';
$lang['invalid_credentials_provided'] = 'Navedene neveljavne poverilnice, poskusite znova.';
$lang['calendar_url'] = 'URL koledarja';
$lang['please_select'] = 'Prosim izberite';
$lang['secret_header'] = 'Secret Header';
// End

View file

@ -483,4 +483,5 @@ $lang['fields'] = 'Campos';
$lang['invalid_credentials_provided'] = 'Credenciales inválidas proporcionadas, por favor intente nuevamente.';
$lang['calendar_url'] = 'URL del Calendario';
$lang['please_select'] = 'Por Favor Seleccione';
$lang['secret_header'] = 'Secret Header';
// End

View file

@ -483,4 +483,5 @@ $lang['fields'] = 'Fält';
$lang['invalid_credentials_provided'] = 'Ogiltiga uppgifter angivna, vänligen försök igen.';
$lang['calendar_url'] = 'Kalender-URL';
$lang['please_select'] = 'Vänligen välj';
$lang['secret_header'] = 'Secret Header';
// End

View file

@ -483,4 +483,5 @@ $lang['fields'] = 'ฟิลด์';
$lang['invalid_credentials_provided'] = 'ข้อมูลรับรองไม่ถูกต้อง กรุณาลองอีกครั้ง';
$lang['calendar_url'] = 'URL ปฏิทิน';
$lang['please_select'] = 'กรุณาเลือก';
$lang['secret_header'] = 'Secret Header';
// End

View file

@ -483,4 +483,5 @@ $lang['fields'] = '欄位';
$lang['invalid_credentials_provided'] = '提供的憑證無效,請重試。';
$lang['calendar_url'] = '日曆網址';
$lang['please_select'] = '請選擇';
$lang['secret_header'] = 'Secret Header';
// End

View file

@ -483,4 +483,5 @@ $lang['fields'] = 'Alanlar';
$lang['invalid_credentials_provided'] = 'Geçersiz kimlik bilgileri sağlandı, lütfen tekrar deneyin.';
$lang['calendar_url'] = 'Takvim URL';
$lang['please_select'] = 'Lütfen Seçin';
$lang['secret_header'] = 'Secret Header';
// End

View file

@ -74,13 +74,22 @@ class Webhooks_client
try {
$client = new Client();
$client->post($webhook['url'], [
$headers = [];
if (!empty($webhook['secret_header']) && !empty($webhook['secret_token'])) {
$headers[$webhook['secret_header']] = $webhook['secret_token'];
}
$response = $client->post($webhook['url'], [
'verify' => $webhook['is_ssl_verified'],
'headers' => $headers,
'json' => [
'action' => $action,
'payload' => $payload,
],
]);
echo $response->getBody()->getContents(); // Use this for quick debugging
} catch (Throwable $e) {
log_message(
'error',

View file

@ -0,0 +1,44 @@
<?php defined('BASEPATH') or exit('No direct script access allowed');
/* ----------------------------------------------------------------------------
* Easy!Appointments - Online Appointment Scheduler
*
* @package EasyAppointments
* @author A.Tselegidis <alextselegidis@gmail.com>
* @copyright Copyright (c) Alex Tselegidis
* @license https://opensource.org/licenses/GPL-3.0 - GPLv3
* @link https://easyappointments.org
* @since v1.4.0
* ---------------------------------------------------------------------------- */
class Migration_Add_secret_header_column_to_webhooks_table extends EA_Migration
{
/**
* Upgrade method.
*/
public function up(): void
{
if (!$this->db->field_exists('secret_header', 'webhooks')) {
$fields = [
'secret_header' => [
'type' => 'VARCHAR',
'constraint' => '256',
'default' => 'X-Ea-Token',
'after' => 'actions',
],
];
$this->dbforge->add_column('webhooks', $fields);
}
}
/**
* Downgrade method.
*/
public function down(): void
{
if ($this->db->field_exists('secret_header', 'webhooks')) {
$this->dbforge->drop_column('webhooks', 'secret_header');
}
}
}

View file

@ -79,13 +79,21 @@
</div>
<div class="mb-3">
<label class="form-label" for="duration">
<label class="form-label" for="url">
<?= lang('url') ?>
<span class="text-danger" hidden>*</span>
</label>
<input id="url" class="form-control required" disabled>
</div>
<div class="mb-3">
<label class="form-label" for="secret-header">
<?= lang('secret_header') ?>
</label>
<input id="secret-header" class="form-control" disabled>
</div>
<div class="mb-3">
<label class="form-label" for="secret-token">
<?= lang('secret_token') ?>

View file

@ -20,6 +20,7 @@ App.Pages.Webhooks = (function () {
const $name = $('#name');
const $url = $('#url');
const $actions = $('#actions');
const $secretHeader = $('#secret-header');
const $secretToken = $('#secret-token');
const $isSslVerified = $('#is-ssl-verified');
const $notes = $('#notes');
@ -102,6 +103,7 @@ App.Pages.Webhooks = (function () {
name: $name.val(),
url: $url.val(),
actions: '',
secret_header: $secretHeader.val(),
secret_token: $secretToken.val(),
is_ssl_verified: Number($isSslVerified.prop('checked')),
notes: $notes.val(),
@ -254,6 +256,7 @@ App.Pages.Webhooks = (function () {
$id.val(webhook.id);
$name.val(webhook.name);
$url.val(webhook.url);
$secretHeader.val(webhook.secret_header);
$secretToken.val(webhook.secret_token);
$isSslVerified.prop('checked', Boolean(Number(webhook.is_ssl_verified)));