MCPcopy Index your code
hub / github.com/authorizerdev/authorizer / AddWebhook

Method AddWebhook

internal/service/admin_webhooks.go:30–85  ·  view source on GitHub ↗

AddWebhook registers a new webhook for an event and returns a status message. Requires super-admin auth. Logic migrated from internal/graphql/add_webhook.go.

(ctx context.Context, meta RequestMetadata, params *model.AddWebhookRequest)

Source from the content-addressed store, hash-verified

28// AddWebhook registers a new webhook for an event and returns a status message.
29// Requires super-admin auth. Logic migrated from internal/graphql/add_webhook.go.
30func (p *provider) AddWebhook(ctx context.Context, meta RequestMetadata, params *model.AddWebhookRequest) (*model.Response, *ResponseSideEffects, error) {
31 log := p.Log.With().Str("func", "AddWebhook").Logger()
32 if err := p.requireSuperAdmin(ctx, meta); err != nil {
33 return nil, nil, err
34 }
35
36 if !validators.IsValidWebhookEventName(params.EventName) {
37 log.Debug().Str("EventName", params.EventName).Msg("Invalid Event Name")
38 return nil, nil, fmt.Errorf("invalid event name %s", params.EventName)
39 }
40 if strings.TrimSpace(params.Endpoint) == "" {
41 log.Debug().Msg("endpoint is missing")
42 return nil, nil, fmt.Errorf("empty endpoint not allowed")
43 }
44 // SSRF protection: validate endpoint URL and resolved IPs (skip in test env).
45 if p.Env != constants.TestEnv {
46 if err := validators.ValidateEndpointURL(params.Endpoint); err != nil {
47 log.Debug().Err(err).Str("endpoint", params.Endpoint).Msg("endpoint URL rejected by SSRF filter")
48 return nil, nil, fmt.Errorf("invalid endpoint: %s", err.Error())
49 }
50 }
51
52 headerBytes, err := json.Marshal(params.Headers)
53 if err != nil {
54 return nil, nil, err
55 }
56
57 if params.EventDescription == nil {
58 params.EventDescription = refs.NewStringRef(strings.Join(strings.Split(params.EventName, "."), " "))
59 }
60
61 webhook, err := p.StorageProvider.AddWebhook(ctx, &schemas.Webhook{
62 EventDescription: refs.StringValue(params.EventDescription),
63 EventName: params.EventName,
64 EndPoint: params.Endpoint,
65 Enabled: params.Enabled,
66 Headers: string(headerBytes),
67 })
68 if err != nil {
69 log.Debug().Err(err).Msg("Failed to add webhook in db")
70 return nil, nil, err
71 }
72
73 p.AuditProvider.LogEvent(audit.Event{
74 Action: constants.AuditAdminWebhookCreatedEvent,
75 Protocol: meta.Protocol, ActorType: constants.AuditActorTypeAdmin,
76 ResourceType: constants.AuditResourceTypeWebhook,
77 ResourceID: webhook.ID,
78 IPAddress: meta.IPAddress,
79 UserAgent: meta.UserAgent,
80 })
81
82 return &model.Response{
83 Message: `Webhook added successfully`,
84 }, nil, nil
85}
86
87// UpdateWebhook updates an existing webhook's event, endpoint, headers, or

Callers

nothing calls this directly

Calls 8

requireSuperAdminMethod · 0.95
IsValidWebhookEventNameFunction · 0.92
ValidateEndpointURLFunction · 0.92
NewStringRefFunction · 0.92
StringValueFunction · 0.92
ErrorMethod · 0.80
AddWebhookMethod · 0.65
LogEventMethod · 0.65

Tested by

no test coverage detected