feat: Introduce webhook secret key to verify webhook requests

2022-12-07 13:09:04 +01:00
parent 5d80fd523c
commit 75196cbf84
8 changed files with 41 additions and 28 deletions
--- a/packages/docs/pages/advanced/configuration.md
+++ b/packages/docs/pages/advanced/configuration.md
@@ -11,28 +11,29 @@ The default values for some environment variables might be different in our deve
 :::

 :::danger
-Please be careful with the `ENCRYPTION_KEY` environment variable. It is used to encrypt your credentials from third-party services. If you change it, you will not be able to access your connections and thus, your existing flows and connections will be useless.
+Please be careful with the `ENCRYPTION_KEY` and `WEBHOOK_SECRET_KEY` environment variables. They are used to encrypt your credentials from third-party services and verify webhook requests. If you change them, your existing connections and flows will not continue to work.
 :::

-| Variable Name               | Type    | Default Value      | Description                         |
-| --------------------------- | ------- | ------------------ | ----------------------------------- |
-| `HOST`                      | string  | `localhost`        | HTTP Host                           |
-| `PROTOCOL`                  | string  | `http`             | HTTP Protocol                       |
-| `PORT`                      | string  | `3000`             | HTTP Port                           |
-| `APP_ENV`                   | string  | `production`       | Automatisch Environment             |
-| `POSTGRES_DATABASE`         | string  | `automatisch`      | Database Name                       |
-| `POSTGRES_PORT`             | number  | `5432`             | Database Port                       |
-| `POSTGRES_HOST`             | string  | `postgres`         | Database Host                       |
-| `POSTGRES_USERNAME`         | string  | `automatisch_user` | Database User                       |
-| `POSTGRES_PASSWORD`         | string  |                    | Password of Database User           |
-| `ENCRYPTION_KEY`            | string  |                    | Encryption Key to store credentials |
-| `APP_SECRET_KEY`            | string  |                    | Secret Key to authenticate the user |
-| `REDIS_HOST`                | string  | `redis`            | Redis Host                          |
-| `REDIS_PORT`                | number  | `6379`             | Redis Port                          |
-| `REDIS_USERNAME`            | string  | ``                 | Redis Username                      |
-| `REDIS_PASSWORD`            | string  | ``                 | Redis Password                      |
-| `REDIS_TLS`                 | boolean | `false`            | Redis TLS                           |
-| `TELEMETRY_ENABLED`         | boolean | `true`             | Enable/Disable Telemetry            |
-| `ENABLE_BULLMQ_DASHBOARD`   | boolean | `false`            | Enable BullMQ Dashboard             |
-| `BULLMQ_DASHBOARD_USERNAME` | string  |                    | Username to login BullMQ Dashboard  |
-| `BULLMQ_DASHBOARD_PASSWORD` | string  |                    | Password to login BullMQ Dashboard  |
+| Variable Name               | Type    | Default Value      | Description                                   |
+| --------------------------- | ------- | ------------------ | --------------------------------------------- |
+| `HOST`                      | string  | `localhost`        | HTTP Host                                     |
+| `PROTOCOL`                  | string  | `http`             | HTTP Protocol                                 |
+| `PORT`                      | string  | `3000`             | HTTP Port                                     |
+| `APP_ENV`                   | string  | `production`       | Automatisch Environment                       |
+| `POSTGRES_DATABASE`         | string  | `automatisch`      | Database Name                                 |
+| `POSTGRES_PORT`             | number  | `5432`             | Database Port                                 |
+| `POSTGRES_HOST`             | string  | `postgres`         | Database Host                                 |
+| `POSTGRES_USERNAME`         | string  | `automatisch_user` | Database User                                 |
+| `POSTGRES_PASSWORD`         | string  |                    | Password of Database User                     |
+| `ENCRYPTION_KEY`            | string  |                    | Encryption Key to store credentials           |
+| `WEBHOOK_SECRET_KEY`        | string  |                    | Webhook Secret Key to verify webhook requests |
+| `APP_SECRET_KEY`            | string  |                    | Secret Key to authenticate the user           |
+| `REDIS_HOST`                | string  | `redis`            | Redis Host                                    |
+| `REDIS_PORT`                | number  | `6379`             | Redis Port                                    |
+| `REDIS_USERNAME`            | string  | ``                 | Redis Username                                |
+| `REDIS_PASSWORD`            | string  | ``                 | Redis Password                                |
+| `REDIS_TLS`                 | boolean | `false`            | Redis TLS                                     |
+| `TELEMETRY_ENABLED`         | boolean | `true`             | Enable/Disable Telemetry                      |
+| `ENABLE_BULLMQ_DASHBOARD`   | boolean | `false`            | Enable BullMQ Dashboard                       |
+| `BULLMQ_DASHBOARD_USERNAME` | string  |                    | Username to login BullMQ Dashboard            |
+| `BULLMQ_DASHBOARD_PASSWORD` | string  |                    | Password to login BullMQ Dashboard            |
--- a/packages/docs/pages/advanced/credentials.md
+++ b/packages/docs/pages/advanced/credentials.md
@@ -5,5 +5,5 @@ We need to store your credentials in order to automatically communicate with thi
 Automatisch uses AES specification to encrypt and decrypt your credentials of third-party services. The Advanced Encryption Standard (AES) is a U.S. Federal Information Processing Standard (FIPS). It was selected after a 5-year process where 15 competing designs were evaluated. AES is now used worldwide to protect sensitive information.

 :::danger
-Please be careful with the `ENCRYPTION_KEY` environment variable. It is used to encrypt your credentials from third-party services. If you change it, you will not be able to access your connections and thus, your existing flows and connections will be useless.
+Please be careful with the `ENCRYPTION_KEY` and `WEBHOOK_SECRET_KEY` environment variables. They are used to encrypt your credentials from third-party services and verify webhook requests. If you change them, your existing connections and flows will not continue to work.
 :::
--- a/packages/docs/pages/guide/installation.md
+++ b/packages/docs/pages/guide/installation.md
@@ -7,7 +7,7 @@ You can use `user@automatisch.io` email address and `sample` password to login t
 :::

 :::danger
-Please be careful with the `ENCRYPTION_KEY` and `APP_SECRET_KEY` environment variables. They are used to encrypt your credentials from third-party services. If you change them, you will not be able to access your connections and thus, your existing flows and connections will be useless.
+Please be careful with the `ENCRYPTION_KEY` and `WEBHOOK_SECRET_KEY` environment variables. They are used to encrypt your credentials from third-party services and verify webhook requests. If you change them, your existing connections and flows will not continue to work.
 :::

 ## Docker Compose
@@ -47,6 +47,7 @@ HOST=
 PROTOCOL=
 PORT=
 ENCRYPTION_KEY=
+WEBHOOK_SECRET_KEY=
 APP_SECRET_KEY=
 POSTGRES_HOST=
 POSTGRES_PORT=
@@ -78,6 +79,7 @@ HOST=
 PROTOCOL=
 PORT=
 ENCRYPTION_KEY=
+WEBHOOK_SECRET_KEY=
 APP_SECRET_KEY=
 POSTGRES_HOST=
 POSTGRES_PORT=