-
-
Notifications
You must be signed in to change notification settings - Fork 278
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add authorization header in webhooks stored in secrets table #941
base: main
Are you sure you want to change the base?
Add authorization header in webhooks stored in secrets table #941
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Globally LGTM, few little remarks.
app/server/lib/DocApi.ts
Outdated
if (url) { | ||
await this._dbManager.updateWebhookUrl(webhookId, docId, url); | ||
await this._dbManager.updateWebhookUrlAndAuth(webhookId, docId, url, authorization || ""); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Should authorization be set to empty string? Or should it be set to null
to express its absence?
I'd suggest to remain consistant with the rest of the code and allow it to be null
or undefined
Authorizarion wuth capital A and add it in header call only if there is one Co-authored-by: Florent <[email protected]>
@CamilleLegeron Probably worth to take a look at the failures, I see some of them are related to Webhooks. |
@@ -4889,6 +4891,7 @@ function testDocApi() { | |||
|
|||
const expectedFields = { | |||
url: `${serving.url}/foo`, | |||
authorization: '', |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Maybe also add a specific tests to ensure that a filled authorization header is passed to the webhook consumer?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Good remark, adding this test I find a bug when calling patch call : before when we used patch call to update URL without giving information of authorization it removed it
…d for webhooks when using patch call
Hi, I send you a notif @paulfitz to know if you can review this PR or maybe other person in Gristlabs |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I just have a simple question regarding your last addition.
Co-authored-by: Florent <[email protected]>
#827