woodwing-assets/lib/AssetsWebhook.js

TypeScript client for interacting with the WoodWing Assets Server API

"use strict";
var __importDefault = (this && this.__importDefault) || function (mod) {
    return (mod && mod.__esModule) ? mod : { "default": mod };
};
Object.defineProperty(exports, "__esModule", { value: true });
exports.AssetsWebhook = void 0;
const express_1 = __importDefault(require("express"));
const crypto_1 = __importDefault(require("crypto"));
class AssetsWebhook {
    constructor(config) {
        this.config = config;
        this.serverInstance = null;
    }
    listen(successHandler, errorHandler) {
        const app = (0, express_1.default)();
        app.use(express_1.default.raw({
            type: '*/*',
            limit: '1mb',
        }));
        app.post('/', (req, res, next) => {
            const signature = req.header('x-hook-signature') ?? '';
            const rawBody = req.body;
            res.status(200).end(); // respond immediately
            try {
                if (!AssetsWebhook.validateSignature(signature, rawBody, this.config.secretToken)) {
                    return errorHandler('Invalid webhook signature. Webhook discarded.');
                }
                const payload = JSON.parse(rawBody.toString());
                successHandler(payload);
            }
            catch (err) {
                errorHandler(`Webhook processing error: ${err.message || err}`);
                next(err);
            }
        });
        this.serverInstance = app.listen(this.config.port, this.config.bindTo, () => {
            console.info(`Webhook listener started on ${this.config.bindTo}:${this.config.port}`);
        });
    }
    stop() {
        return new Promise((resolve, reject) => {
            if (this.serverInstance) {
                this.serverInstance.close((err) => {
                    if (err) {
                        return reject(err);
                    }
                    console.info('Webhook listener stopped.');
                    this.serverInstance = null;
                    resolve();
                });
            }
            else {
                resolve();
            }
        });
    }
    static validateSignature(signature, data, secretToken) {
        const hmac = crypto_1.default.createHmac('sha256', secretToken);
        hmac.update(data);
        const digest = hmac.digest('hex');
        const bufA = Buffer.from(digest, 'utf8');
        const bufB = Buffer.from(signature, 'utf8');
        if (bufA.length !== bufB.length) {
            return false;
        }
        try {
            return crypto_1.default.timingSafeEqual(bufA, bufB);
        }
        catch {
            return false;
        }
    }
}
exports.AssetsWebhook = AssetsWebhook;
AssetsWebhook.ASSET_CHECKIN = 'asset_checkin';
AssetsWebhook.ASSET_CHECKOUT = 'asset_checkout';
AssetsWebhook.ASSET_CREATE = 'asset_create';
AssetsWebhook.ASSET_CREATE_BY_COPY = 'asset_create_by_copy';
AssetsWebhook.ASSET_CREATE_FROM_FILESTORE_RESCUE = 'asset_create_from_filestore_rescue';
AssetsWebhook.ASSET_MOVE = 'asset_move';
AssetsWebhook.ASSET_PROMOTE = 'asset_promote';
AssetsWebhook.ASSET_REMOVE = 'asset_remove';
AssetsWebhook.ASSET_RENAME = 'asset_rename';
AssetsWebhook.ASSET_UNDO_CHECKOUT = 'asset_undo_checkout';
AssetsWebhook.ASSET_UPDATE_METADATA = 'asset_update_metadata';
AssetsWebhook.AUTHKEY_CREATE = 'authkey_create';
AssetsWebhook.AUTHKEY_REMOVE = 'authkey_remove';
AssetsWebhook.FOLDER_CREATE = 'folder_create';
AssetsWebhook.FOLDER_REMOVE = 'folder_remove';