Closed davesmits closed 6 years ago
Thanks for contacting us. One of our team members will look into it and get back to you.
@dougbu, could you please look into this?
If your receiver does not implement IWebHookVerifyCodeMetadata
in its metadata class, it must register a filter that implements IWebHookReceiver
and enforces the receiver-specific security requirements. In part, WebHookReceiverExistsFilter
drives the IWebHookReceiver
requirement. But, more generally, your filter needs to confirm it's applicable and IWebHookReceiver.IsApplicable(...)
fits the bill.
For example, GitHubVerifySignatureFilter
meets the IWebHookVerifyCodeMetadata
requirements and the ASP.NET Core WebHooks GitHub receiver works fine end-to-end. Note that filter is registered in the global Filters
collection yet works fine in combination with any of the other ASP.NET Core WebHooks receivers.
Clearing the investigate
label.
@davesmits have I answered your questions?
it explains it a little; but now not really sure how to this should work with a custom sender implementation;
so the receiver side is making a registration. Based on what there was in .net framework, this happens with this json: { "id": "string", "webHookUri": "string", "secret": "string", "description": "string", "isPaused": true, "filters": [ "string" ], "headers": {}, "properties": {} }
should be that code the secret the client is providing here?
If the JSON you showed is the outline of a request and the secret
property contains a string which should match the secret key a user configures for this receiver, you need to write a filter similar to SlackVerifyTokenFilter
. If not, please provide the verification details of your custom protocol.
@davesmits, did @dougbu's response resolve your issue?
yep
Thank you for your feedback. We're closing this issue as the questions asked here have been answered.
I been working on a custom webhook receiver in asp.net core. My webhook never got invoked and I am pretty sure a bug in WebHookReceiverExistsFilter is causing this.
This filter is iterating through all filtes in the context too see if the filter implements IWebHookReceiver and is able to handle this name; but unless you implement IWebHookVerifyCodeMetadata there wont be a filter that implements IWebHookReceiver in the pipeline.