| Saurabh | d60c0f2 | 2018-05-16 11:33:47 +0530 | [diff] [blame] | 1 | import frappe |
| 2 | from frappe import _ |
| 3 | import base64, hashlib, hmac |
| 4 | from six.moves.urllib.parse import urlparse |
| 5 | |
| 6 | def validate_webhooks_request(doctype, hmac_key, secret_key='secret'): |
| 7 | def innerfn(fn): |
| 8 | settings = frappe.get_doc(doctype) |
| 9 | |
| 10 | if frappe.request and settings and settings.get(secret_key) and not frappe.flags.in_test: |
| 11 | sig = base64.b64encode( |
| 12 | hmac.new( |
| 13 | settings.get(secret_key).encode('utf8'), |
| 14 | frappe.request.data, |
| 15 | hashlib.sha256 |
| 16 | ).digest() |
| 17 | ) |
| 18 | |
| 19 | if frappe.request.data and \ |
| 20 | frappe.get_request_header(hmac_key) and \ |
| 21 | not sig == bytes(frappe.get_request_header(hmac_key).encode()): |
| 22 | frappe.throw(_("Unverified Webhook Data")) |
| 23 | frappe.set_user(settings.modified_by) |
| 24 | |
| 25 | return fn |
| 26 | |
| 27 | return innerfn |
| 28 | |
| 29 | def get_webhook_address(connector_name, method, exclude_uri=False): |
| 30 | endpoint = "erpnext.erpnext_integrations.connectors.{0}.{1}".format(connector_name, method) |
| 31 | |
| 32 | if exclude_uri: |
| 33 | return endpoint |
| 34 | |
| 35 | try: |
| 36 | url = frappe.request.url |
| 37 | except RuntimeError: |
| 38 | url = "http://localhost:8000" |
| 39 | |
| 40 | server_url = '{uri.scheme}://{uri.netloc}/api/method/{endpoint}'.format(uri=urlparse(url), endpoint=endpoint) |
| 41 | |
| 42 | return server_url |