Closes #3952: Add test for webhooks_worker; introduce generate_signature()

2024-05-10 07:54:54 +00:00 · 2020-01-23 15:04:40 -05:00
parent 7b517abdb6
commit 2e69037c29
3 changed files with 75 additions and 13 deletions
--- a/netbox/extras/webhooks_worker.py
+++ b/netbox/extras/webhooks_worker.py
@ -1,5 +1,3 @@
-import hashlib
-import hmac
 import json

 import requests
@ -7,6 +5,7 @@ from django_rq import job
 from rest_framework.utils.encoders import JSONEncoder

 from .choices import ObjectChangeActionChoices, WebhookContentTypeChoices
+from .webhooks import generate_signature


@job('default')
@ -43,12 +42,7 @@ def process_webhook(webhook, data, model_name, event, timestamp, username, reque

    if webhook.secret != '':
        # Sign the request with a hash of the secret key and its content.
-        hmac_prep = hmac.new(
-            key=webhook.secret.encode('utf8'),
-            msg=prepared_request.body.encode('utf8'),
-            digestmod=hashlib.sha512
-        )
-        prepared_request.headers['X-Hook-Signature'] = hmac_prep.hexdigest()
+        prepared_request.headers['X-Hook-Signature'] = generate_signature(prepared_request.body, webhook.secret)

    with requests.Session() as session:
        session.verify = webhook.ssl_verification
@ -56,7 +50,7 @@ def process_webhook(webhook, data, model_name, event, timestamp, username, reque
            session.verify = webhook.ca_file_path
        response = session.send(prepared_request)

-    if response.status_code >= 200 and response.status_code <= 299:
+    if 200 <= response.status_code <= 299:
        return 'Status {} returned, webhook successfully processed.'.format(response.status_code)
    else:
        raise requests.exceptions.RequestException(