Skip to content

feat: Add mTLS and custom HMAC support to webhooks #736

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
arcoraven wants to merge 5 commits into from
Closed

feat: Add mTLS and custom HMAC support to webhooks #736

arcoraven wants to merge 5 commits into from

Conversation

@arcoraven
Copy link
Contributor

@arcoraven arcoraven commented Oct 28, 2024
edited by pr-codex bot
Loading

PR-Codex overview

This PR focuses on adding mTLS (Mutual TLS) support for secure communication, updating the configuration management, and enhancing webhook functionalities. It introduces new fields for storing encrypted certificates and keys, along with related validation and request handling improvements.

Detailed summary

  • Added mtlsCertificateEncrypted and mtlsPrivateKeyEncrypted columns to the configuration table.
  • Updated updateConfiguration function to use Prisma.ConfigurationUpdateInput.
  • Implemented validation for mTLS certificate and private key in updateAuthConfiguration.
  • Introduced generateSecretHmac256 for generating HMAC signatures for webhook requests.
  • Enhanced sendWebhookRequest to utilize mTLS if configured.
  • Modified generateRequestHeaders to include HMAC authorization.
  • Updated environment variables in .env.test for AWS and GCP configurations.
  • Added testWebhookRoute for testing webhook functionality.
  • Refactored various functions in crypto.ts for improved decryption handling.

✨ Ask PR-Codex anything about this PR by commenting with /codex {your question}

@socket-security
Copy link

socket-security bot commented Oct 28, 2024
edited
Loading

New dependencies detected. Learn more about Socket for GitHub ↗︎

Package New capabilities Transitives Size Publisher
npm/undici@6.20.1 environment, network 0 1.16 MB ronag

View full report↗︎

github-advanced-security[bot]
github-advanced-security bot found potential problems Oct 28, 2024
View reviewed changes
@arcoraven arcoraven changed the title feat: Add mTLS and custom HMAC support to webhoks feat: Add mTLS and custom HMAC support to webhooks Oct 30, 2024
arcoraven
arcoraven commented Oct 31, 2024
View reviewed changes
src/tests/chain.test.ts
vi.clearAllMocks();
});

it("should return the chainId from chainOverrides if it exists by slug", async () => {
Copy link
Contributor Author

@arcoraven arcoraven Oct 31, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Unrelated but fixing some broken unit tests

arcoraven
arcoraven commented Oct 31, 2024
View reviewed changes
src/utils/env.ts
const path = process.env.NODE_ENV === "test" ? ".env.test" : ".env";
dotenv.config({ path });

export const JsonSchema = z.string().refine(
Copy link
Contributor Author

@arcoraven arcoraven Oct 31, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Unused

@github-actions
Copy link

github-actions bot commented Nov 8, 2024

This PR is stale because it has been open for 7 days with no activity. Remove stale label or comment or this PR will be closed in 3 days.

@github-actions github-actions bot closed this Nov 11, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

no-pr-activity

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@arcoraven