Conversation
|
New dependencies detected. Learn more about Socket for GitHub ↗︎
|
arcoraven
commented
Jan 23, 2025
| .update(signature, "utf8") | ||
| .digest("base64"); | ||
|
|
||
| return [ |
Contributor
Author
There was a problem hiding this comment.
This file generates the custom HMAC auth header used by certain clients.
arcoraven
commented
Jan 23, 2025
| ): Promise<WebhookResponse> => { | ||
| try { | ||
| const headers = await createWebhookRequestHeaders(webhook, body); | ||
| const config = await getConfig(); |
Contributor
Author
There was a problem hiding this comment.
This file has one exported function, sendWebhookRequest() which does these steps:
- if mTLS is configured, attach the mTLS certificates
- generate request headers
- if custom HMAC is enabled via env vars, sign with the custom HMAC header
- else use the previous signature pattern
- call the webhook URL
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
PR-Codex overview
This PR focuses on adding support for mTLS (Mutual TLS) configuration in the application, enhancing security for webhook interactions, and updating various related schemas and functions.
Detailed summary
mtlsCertificateEncryptedandmtlsPrivateKeyEncryptedfields to theconfigurationtable.updateConfigurationto usePrisma.ConfigurationUpdateInput.generateSecretHmac256for generating HMAC headers.generateSignatureandgenerateRequestHeadersfor improved header generation.generateSecretHmac256andgenerateRequestHeaders.