search

zmoog / toggl-bridge

Forwards Toggl webhooks to other destinations
MIT License
0 stars 0 forks source link

Create a serverless endpoint to send the Toggl webhooks to #2

Open zmoog opened 1 year ago

zmoog commented 1 year ago

Bootstrap a new SAM project.

$ sam init

You can preselect a particular runtime or package type when using the `sam init` experience.
Call `sam init --help` to learn more.

Which template source would you like to use?
    1 - AWS Quick Start Templates
    2 - Custom Template Location
Choice: 1

Choose an AWS Quick Start application template
    1 - Hello World Example
    2 - Multi-step workflow
    3 - Serverless API
    4 - Scheduled task
    5 - Standalone function
    6 - Data processing
    7 - Infrastructure event management
    8 - Serverless Connector Hello World Example
    9 - Multi-step workflow with Connectors
    10 - Lambda EFS example
    11 - Machine Learning
Template: 1

Use the most popular runtime and package type? (Python and zip) [y/N]:

Which runtime would you like to use?
    1 - aot.dotnet7 (provided.al2)
    2 - dotnet6
    3 - dotnet5.0
    4 - dotnetcore3.1
    5 - go1.x
    6 - go (provided.al2)
    7 - graalvm.java11 (provided.al2)
    8 - graalvm.java17 (provided.al2)
    9 - java11
    10 - java8.al2
    11 - java8
    12 - nodejs18.x
    13 - nodejs16.x
    14 - nodejs14.x
    15 - nodejs12.x
    16 - python3.9
    17 - python3.8
    18 - python3.7
    19 - ruby2.7
    20 - rust (provided.al2)
Runtime: python3.9
Error: 'python3.9' is not one of '1', '2', '3', '4', '5', '6', '7', '8', '9', '10', '11', '12', '13', '14', '15', '16', '17', '18', '19', '20'.
Runtime: 16

What package type would you like to use?
    1 - Zip
    2 - Image
Package type: 1

Based on your selections, the only dependency manager available is pip.
We will proceed copying the template using pip.

Would you like to enable X-Ray tracing on the function(s) in your application?  [y/N]:

Would you like to enable monitoring using CloudWatch Application Insights?
For more info, please view https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/cloudwatch-application-insights.html [y/N]:

Project name [sam-app]: toggl-bridge

Cloning from https://github.com/aws/aws-sam-cli-app-templates (process may take a moment)

    -----------------------
    Generating application:
    -----------------------
    Name: toggl-bridge
    Runtime: python3.9
    Architectures: x86_64
    Dependency Manager: pip
    Application Template: hello-world
    Output Directory: .

    Next steps can be found in the README file at ./toggl-bridge/README.md

Commands you can use next
=========================
[*] Create pipeline: cd toggl-bridge && sam pipeline init --bootstrap
[*] Validate SAM template: cd toggl-bridge && sam validate
[*] Test Function in the Cloud: cd toggl-bridge && sam sync --stack-name {stack-name} --watch
zmoog commented 1 year ago

Verify that the webhook is coming from Toggl. See Validating Received Events for more information.

Toggl sends a header x-webhook-signature-256:

{
  "host": "eo4sf6wa6nmc4w.m.pipedream.net",
  "content-length": "180",
  "content-type": "application/json",
  "x-webhook-signature-256": "sha256=c466be51dd6b98d0e8f7ce95bf0432da9a16665db925b8b11f2ae76801f115f9",
  "accept-encoding": "gzip",
  "user-agent": "Go-http-client/2.0"
}

Quick implementation:

def signature_is_valid(secret: str, body: str, signature: str):
    """
    Verify if the signature of a webhook request..
    Check https://developers.track.toggl.com/docs/webhooks_start/validating_received_events
    for more details.
    """
    digest = hmac.new(secret.encode("utf-8"), body.encode("utf-8"), hashlib.sha256).hexdigest()
    return hmac.compare_digest(signature, f'sha256={digest}')