NeoAnd/evolution-api
1
0
Fork 0
mirror of https://github.com/EvolutionAPI/evolution-api.git synced 2025-12-18 19:32:21 -06:00
Code Issues Actions Packages Projects Releases Wiki Activity

Merge pull request #1318 from victoreduardo/victoreduardos/jwt-webhook

Browse Source 
Tornando Webhook mais seguro com JWT token
This commit is contained in:
Davidson Gomes
2025-05-10 10:28:07 -03:00
committed by GitHub
parent d2f1985913 95827a2d70
commit d1a28ea4f7
3 changed files with 121 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

32
src/api/integrations/event/webhook/webhook.controller.ts
View File

@@ -6,6 +6,7 @@ import { configService, Log, Webhook } from '@config/env.config';
import { Logger } from '@config/logger.config';
import { BadRequestException } from '@exceptions';
import axios, { AxiosInstance } from 'axios';
import * as jwt from 'jsonwebtoken';
import { EmitData, EventController, EventControllerInterface } from '../event.controller';
@@ -73,7 +74,16 @@ export class WebhookController extends EventController implements EventControlle
const webhookConfig = configService.get<Webhook>('WEBHOOK');
const webhookLocal = instance?.events;
const webhookHeaders = instance?.headers;
const webhookHeaders = { ...((instance?.headers as Record<string, string>) || {}) };
if (webhookHeaders && 'jwt_key' in webhookHeaders) {
const jwtKey = webhookHeaders['jwt_key'];
const jwtToken = this.generateJwtToken(jwtKey);
webhookHeaders['Authorization'] = `Bearer ${jwtToken}`;
delete webhookHeaders['jwt_key'];
}
const we = event.replace(/[.-]/gm, '_').toUpperCase();
const transformedWe = we.replace(/_/gm, '-').toLowerCase();
const enabledLog = configService.get<Log>('LOG').LEVEL.includes('WEBHOOKS');
@@ -230,4 +240,24 @@ export class WebhookController extends EventController implements EventControlle
}
}
}
private generateJwtToken(authToken: string): string {
try {
const payload = {
iat: Math.floor(Date.now() / 1000),
exp: Math.floor(Date.now() / 1000) + 600, // 10 min expiration
app: 'evolution',
action: 'webhook',
};
const token = jwt.sign(payload, authToken, { algorithm: 'HS256' });
return token;
} catch (error) {
this.logger.error({
local: 'WebhookController.generateJwtToken',
message: `JWT generation failed: ${error?.message}`,
});
throw error;
}
}
}