Add authorization in webhook #5

qornanali · 2020-10-18T05:13:23Z

In order to prevent malicious requests, please modify the current webhook URL.

From /webhook to /v1/external/messenger/webhook?access_token=<access_token> where access_token is configurable from ENV for now.

Example curl

curl --location --request POST 'https://localhost:3000/external/messenger/v1/webhook?access_token=foo' \
--header 'Content-Type: application/json' \
--data-raw '{
    "object": "page",
    "entry": [
        {
            "id": "107461401142256",
            "time": 1602923843364,
            "messaging": [
                {
                    "sender": {
                        "id": "3394010770691329"
                    },
                    "recipient": {
                        "id": "107461401142256"
                    },
                    "timestamp": 1602923843223,
                    "message": {
                        "mid": "m_sFrBBrkrx2LmF8YZSBf7WeqfkEM-NXTTk34MVB5g2wYZUTOUt4RRD2EWhrrCyy4O86A6bj4NfeKid_R2johmBA",
                        "text": "kartu prakerja",
                        "nlp": {
                            "intents": [
                                {
                                    "id": "653269161996408",
                                    "name": "Tanya_program",
                                    "confidence": 0.9
                                }
                            ],
                            "entities": {
                                "nama_program:nama_program": [
                                    {
                                        "id": "387471645725440",
                                        "name": "nama_program",
                                        "role": "nama_program",
                                        "start": 0,
                                        "end": 14,
                                        "body": "kartu prakerja",
                                        "confidence": 0.9566,
                                        "entities": [],
                                        "value": "Kartu Prakerja",
                                        "type": "value"
                                    }
                                ]
                            },
                            "traits": {
                                "wit$sentiment": [
                                    {
                                        "id": "5ac2b50a-44e4-466e-9d49-bad6bd40092c",
                                        "value": "neutral",
                                        "confidence": 0.536
                                    }
                                ]
                            },
                            "detected_locales": [
                                {
                                    "locale": "id_ID",
                                    "confidence": 0.9685
                                }
                            ]
                        }
                    }
                }
            ]
        }
    ]
}'

If the incoming request has a blank access_token or incorrect, it should response with body:

FAILED

and http status 401 unauthorized.

The text was updated successfully, but these errors were encountered:

qornanali added enhancement New feature or request help wanted Extra attention is needed and removed help wanted Extra attention is needed labels Oct 18, 2020

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Add authorization in webhook #5

Add authorization in webhook #5

qornanali commented Oct 18, 2020 •

edited

Loading

Add authorization in webhook #5

Add authorization in webhook #5

Comments

qornanali commented Oct 18, 2020 • edited Loading

qornanali commented Oct 18, 2020 •

edited

Loading