module PactBroker::Webhooks::Service

Public Instance Methods

next_uuid() click to toggle source
# File lib/pact_broker/webhooks/service.rb, line 46
def next_uuid
  SecureRandom.urlsafe_base64
end
parameters() click to toggle source
# File lib/pact_broker/webhooks/service.rb, line 69
def parameters
  PactAndVerificationParameters::ALL.collect do | parameter |
    OpenStruct.new(
      name: parameter,
      description: message("messages.webhooks.parameters.#{parameter}")
    )
  end
end
update_by_uuid(uuid, params) click to toggle source
# File lib/pact_broker/webhooks/service.rb, line 50
def update_by_uuid uuid, params
  webhook = webhook_repository.find_by_uuid(uuid)
  maintain_redacted_params(webhook, params)
  PactBroker::Api::Decorators::WebhookDecorator.new(webhook).from_hash(params)
  webhook_repository.update_by_uuid uuid, webhook
end

Private Instance Methods

maintain_redacted_params(webhook, params) click to toggle source

Dirty hack to maintain existing password or Authorization header if it is submitted with value **** This is required because the password and Authorization header is **** out in the API response for security purposes, so it would need to be re-entered with every response. TODO implement proper ‘secrets’ management.

# File lib/pact_broker/webhooks/service.rb, line 84
def maintain_redacted_params(webhook, params)
  if webhook.request.password && password_key_does_not_exist_or_is_starred?(params)
    params["request"]["password"] = webhook.request.password
  end

  new_headers = params["request"]["headers"] ||= {}
  existing_headers = webhook.request.headers
  starred_new_headers = new_headers.select { |_key, value| value =~ /^\**$/ }
  starred_new_headers.each do | (key, _value) |
    new_headers[key] = existing_headers[key]
  end
  params["request"]["headers"] = new_headers
  params
end
password_key_does_not_exist_or_is_starred?(params) click to toggle source
# File lib/pact_broker/webhooks/service.rb, line 99
def password_key_does_not_exist_or_is_starred?(params)
  !params["request"].key?("password") || params.dig("request","password") =~ /^\**$/
end