Skip to content

Commit cee2bc4

Browse files
victoreduardovictoreduardo
committed
sending JWT token when sending webhook if jwt_key exists in webhook header record
1 parent 427c994 commit cee2bc4

File tree

3 files changed

+121
-1
lines changed

3 files changed

+121
-1
lines changed

package-lock.json

Lines changed: 89 additions & 0 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

package.json

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -75,6 +75,7 @@
7575
"jimp": "^0.16.13",
7676
"json-schema": "^0.4.0",
7777
"jsonschema": "^1.4.1",
78+
"jsonwebtoken": "^9.0.2",
7879
"link-preview-js": "^3.0.13",
7980
"long": "^5.2.3",
8081
"mediainfo.js": "^0.3.4",

src/api/integrations/event/webhook/webhook.controller.ts

Lines changed: 31 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -7,6 +7,7 @@ import { Logger } from '@config/logger.config';
77
import { BadRequestException } from '@exceptions';
88
import axios, { AxiosInstance } from 'axios';
99
import { isURL } from 'class-validator';
10+
import * as jwt from 'jsonwebtoken';
1011

1112
import { EmitData, EventController, EventControllerInterface } from '../event.controller';
1213

@@ -74,7 +75,16 @@ export class WebhookController extends EventController implements EventControlle
7475

7576
const webhookConfig = configService.get<Webhook>('WEBHOOK');
7677
const webhookLocal = instance?.events;
77-
const webhookHeaders = instance?.headers;
78+
const webhookHeaders = { ...(instance?.headers as Record<string, string> || {}) };
79+
80+
if (webhookHeaders && 'jwt_key' in webhookHeaders) {
81+
const jwtKey = webhookHeaders['jwt_key'];
82+
const jwtToken = this.generateJwtToken(jwtKey);
83+
webhookHeaders['Authorization'] = `Bearer ${jwtToken}`;
84+
85+
delete webhookHeaders['jwt_key'];
86+
}
87+
7888
const we = event.replace(/[.-]/gm, '_').toUpperCase();
7989
const transformedWe = we.replace(/_/gm, '-').toLowerCase();
8090
const enabledLog = configService.get<Log>('LOG').LEVEL.includes('WEBHOOKS');
@@ -230,4 +240,24 @@ export class WebhookController extends EventController implements EventControlle
230240
}
231241
}
232242
}
243+
244+
private generateJwtToken(authToken: string): string {
245+
try {
246+
const payload = {
247+
iat: Math.floor(Date.now() / 1000),
248+
exp: Math.floor(Date.now() / 1000) + 600, // 10 min expiration
249+
app: 'evolution',
250+
action: 'webhook',
251+
};
252+
253+
const token = jwt.sign(payload, authToken, { algorithm: 'HS256' });
254+
return token;
255+
} catch (error) {
256+
this.logger.error({
257+
local: 'WebhookController.generateJwtToken',
258+
message: `JWT generation failed: ${error?.message}`,
259+
});
260+
throw error;
261+
}
262+
}
233263
}

0 commit comments

Comments
 (0)