| Aditya Hase | f3c22f3 | 2019-01-22 18:22:20 +0530 | [diff] [blame] | 1 | from __future__ import unicode_literals |
| Saurabh | d60c0f2 | 2018-05-16 11:33:47 +0530 | [diff] [blame] | 2 | import frappe |
| 3 | from frappe import _ |
| 4 | import base64, hashlib, hmac |
| 5 | from six.moves.urllib.parse import urlparse |
| 6 | |
| 7 | def validate_webhooks_request(doctype, hmac_key, secret_key='secret'): |
| 8 | def innerfn(fn): |
| 9 | settings = frappe.get_doc(doctype) |
| 10 | |
| 11 | if frappe.request and settings and settings.get(secret_key) and not frappe.flags.in_test: |
| 12 | sig = base64.b64encode( |
| 13 | hmac.new( |
| 14 | settings.get(secret_key).encode('utf8'), |
| 15 | frappe.request.data, |
| 16 | hashlib.sha256 |
| 17 | ).digest() |
| 18 | ) |
| 19 | |
| 20 | if frappe.request.data and \ |
| 21 | frappe.get_request_header(hmac_key) and \ |
| 22 | not sig == bytes(frappe.get_request_header(hmac_key).encode()): |
| 23 | frappe.throw(_("Unverified Webhook Data")) |
| 24 | frappe.set_user(settings.modified_by) |
| 25 | |
| 26 | return fn |
| 27 | |
| 28 | return innerfn |
| 29 | |
| 30 | def get_webhook_address(connector_name, method, exclude_uri=False): |
| 31 | endpoint = "erpnext.erpnext_integrations.connectors.{0}.{1}".format(connector_name, method) |
| 32 | |
| 33 | if exclude_uri: |
| 34 | return endpoint |
| 35 | |
| 36 | try: |
| 37 | url = frappe.request.url |
| 38 | except RuntimeError: |
| 39 | url = "http://localhost:8000" |
| 40 | |
| 41 | server_url = '{uri.scheme}://{uri.netloc}/api/method/{endpoint}'.format(uri=urlparse(url), endpoint=endpoint) |
| 42 | |
| 43 | return server_url |