@things-factory/shell 4.3.734 → 4.3.738
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist-server/server-dev.js +31 -0
- package/dist-server/server-dev.js.map +1 -1
- package/dist-server/server.js +31 -0
- package/dist-server/server.js.map +1 -1
- package/package.json +2 -2
- package/server/server-dev.ts +38 -0
- package/server/server.ts +38 -0
|
@@ -28,6 +28,7 @@ const koa_static_1 = __importDefault(require("koa-static"));
|
|
|
28
28
|
const koa_webpack_1 = __importDefault(require("@hatiolab/koa-webpack"));
|
|
29
29
|
const schema_1 = require("./schema");
|
|
30
30
|
const bytes_1 = __importDefault(require("bytes"));
|
|
31
|
+
const stream_1 = require("stream");
|
|
31
32
|
const debug = require('debug')('things-factory:shell:server-dev');
|
|
32
33
|
const args = require('args');
|
|
33
34
|
args.option('port', 'The port on which the app will be running', env_1.config.get('port', 3000));
|
|
@@ -169,6 +170,36 @@ const bootstrap = async () => {
|
|
|
169
170
|
;
|
|
170
171
|
process.emit('client-rebuilt', app, compiler.outputFileSystem);
|
|
171
172
|
});
|
|
173
|
+
// Capture raw body for Xilnex webhook signature validation (must run BEFORE bodyparser)
|
|
174
|
+
// Only capture for Xilnex webhook routes to avoid unnecessary overhead
|
|
175
|
+
app.use(async (ctx, next) => {
|
|
176
|
+
if (ctx.method === 'POST' && ctx.path.startsWith('/webhook-xilnex')) {
|
|
177
|
+
const req = ctx.req;
|
|
178
|
+
const passthroughForParser = new stream_1.PassThrough();
|
|
179
|
+
const passthroughForRaw = new stream_1.PassThrough();
|
|
180
|
+
passthroughForParser.headers = req.headers;
|
|
181
|
+
passthroughForParser.method = req.method;
|
|
182
|
+
passthroughForParser.url = req.url;
|
|
183
|
+
const chunks = [];
|
|
184
|
+
const rawBodyPromise = new Promise((resolve, reject) => {
|
|
185
|
+
passthroughForRaw.on('data', (chunk) => chunks.push(Buffer.from(chunk)));
|
|
186
|
+
passthroughForRaw.on('end', () => resolve(Buffer.concat(chunks)));
|
|
187
|
+
passthroughForRaw.on('error', reject);
|
|
188
|
+
req.on('error', reject);
|
|
189
|
+
}).then(buf => {
|
|
190
|
+
;
|
|
191
|
+
ctx.request.rawBody = buf;
|
|
192
|
+
return buf;
|
|
193
|
+
});
|
|
194
|
+
ctx.request.rawBodyPromise = rawBodyPromise;
|
|
195
|
+
// Pipe request stream
|
|
196
|
+
req.pipe(passthroughForParser);
|
|
197
|
+
req.pipe(passthroughForRaw);
|
|
198
|
+
ctx.req = passthroughForParser;
|
|
199
|
+
ctx.request.req = ctx.req;
|
|
200
|
+
}
|
|
201
|
+
return next();
|
|
202
|
+
});
|
|
172
203
|
app.use((0, koa_bodyparser_1.default)(bodyParserOption));
|
|
173
204
|
app.use((ctx, next) => {
|
|
174
205
|
// Check if the request path is for the GraphQL endpoint.
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"server-dev.js","sourceRoot":"","sources":["../server/server-dev.ts"],"names":[],"mappings":";;;;;AAAA,mBAAmB;AACnB,OAAO,CAAC,GAAG,CAAC,QAAQ,GAAG,aAAa,CAAA;AACpC,OAAO,CAAC,eAAe,CAAC,CAAC,CAAC,CAAA;AAC1B,iCAAiC;AAEjC,2EAAkF;AAClF,6CAAgF;AAChF,uCAA4G;AAC5G,qCAA4C;AAE5C,yDAAgD;AAChD,2DAAmF;AACnF,iEAA2D;AAC3D,8CAAqB;AACrB,4CAAmB;AACnB,8DAAiC;AACjC,qDAA4B;AAC5B,+BAAmC;AACnC,sDAA6D;AAC7D,mDAAiD;AACjD,yFAAsE;AACtE,oDAAuB;AACvB,oEAA0C;AAC1C,4DAAkC;AAClC,wEAA8C;AAC9C,qCAAiC;AACjC,kDAA+B;
|
|
1
|
+
{"version":3,"file":"server-dev.js","sourceRoot":"","sources":["../server/server-dev.ts"],"names":[],"mappings":";;;;;AAAA,mBAAmB;AACnB,OAAO,CAAC,GAAG,CAAC,QAAQ,GAAG,aAAa,CAAA;AACpC,OAAO,CAAC,eAAe,CAAC,CAAC,CAAC,CAAA;AAC1B,iCAAiC;AAEjC,2EAAkF;AAClF,6CAAgF;AAChF,uCAA4G;AAC5G,qCAA4C;AAE5C,yDAAgD;AAChD,2DAAmF;AACnF,iEAA2D;AAC3D,8CAAqB;AACrB,4CAAmB;AACnB,8DAAiC;AACjC,qDAA4B;AAC5B,+BAAmC;AACnC,sDAA6D;AAC7D,mDAAiD;AACjD,yFAAsE;AACtE,oDAAuB;AACvB,oEAA0C;AAC1C,4DAAkC;AAClC,wEAA8C;AAC9C,qCAAiC;AACjC,kDAA+B;AAC/B,mCAAoC;AAEpC,MAAM,KAAK,GAAG,OAAO,CAAC,OAAO,CAAC,CAAC,iCAAiC,CAAC,CAAA;AAEjE,MAAM,IAAI,GAAG,OAAO,CAAC,MAAM,CAAC,CAAA;AAE5B,IAAI,CAAC,MAAM,CAAC,MAAM,EAAE,2CAA2C,EAAE,YAAM,CAAC,GAAG,CAAC,MAAM,EAAE,IAAI,CAAC,CAAC,CAAA;AAC1F,IAAI,CAAC,MAAM,CACT,SAAS,EACT;kGACgG,EAChG,YAAM,CAAC,GAAG,CAAC,SAAS,EAAE,OAAO,CAAC,CAC/B,CAAA;AAED,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,CAAA;AAEtC,MAAM,IAAI,GAAG,OAAO,CAAC,MAAM,CAAC,CAAA;AAC5B,MAAM,OAAO,GAAG,OAAO,CAAC,SAAS,CAAC,CAAA;AAClC,MAAM,aAAa,GAAG,OAAO,CAAC,+CAA+C,CAAC,CAAA;AAE9E,MAAM,QAAQ,GAAG,OAAO,CAAC,aAAa,CAAC,CAAA;AAEvC,MAAM,IAAI,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,IAAI,GAAG,KAAK,CAAC,IAAI,CAAC,CAAA;AAE5C,MAAM,gBAAgB,GAAG,OAAO,CAAC,GAAG,CAAC,gBAAgB,IAAI,OAAO,CAAA;AAChE,MAAM,cAAc,GAAG,OAAO,CAAC,GAAG,CAAC,cAAc,IAAI,OAAO,CAAA;AAE5D,MAAM,WAAW,GAAG,YAAM,CAAC,GAAG,CAAC,aAAa,CAAC,IAAI,EAAE,CAAA;AAEnD,MAAM,gBAAgB,GAAG;IACvB,SAAS,EAAE,WAAW,CAAC,SAAS,IAAI,MAAM;IAC1C,SAAS,EAAE,WAAW,CAAC,SAAS,IAAI,MAAM;IAC1C,SAAS,EAAE,WAAW,CAAC,SAAS,IAAI,MAAM;CAC3C,CAAA;AAED,MAAM,UAAU,GAAG,YAAM,CAAC,GAAG,CAAC,YAAY,CAAC,IAAI,EAAE,CAAA;AACjD,MAAM,gBAAgB,GAAG;IACvB,WAAW,EAAE,eAAW,CAAC,KAAK,CAAC,UAAU,CAAC,WAAW,CAAC,IAAI,eAAW,CAAC,KAAK,CAAC,MAAM,CAAC;IACnF,QAAQ,EAAE,UAAU,CAAC,QAAQ,IAAI,EAAE;CACpC,CAAA;AAED,eAAe;AACf,MAAM,SAAS,GAAG,KAAK,IAAI,EAAE;IAC3B,IAAI;QACF,MAAM,IAAA,8BAAmB,GAAE,CAAA;QAE3B,MAAM,GAAG,GAAG,IAAI,aAAG,EAAE,CAAA;QAErB,GAAG,CAAC,GAAG,CACL,IAAA,cAAI,EAAC;YACH,MAAM,EAAE,UAAU,GAAG;gBACnB,OAAO,GAAG,CAAC,OAAO,CAAC,OAAO,CAAC,MAAM,IAAI,GAAG,CAAA;YAC1C,CAAC;YACD,aAAa,EAAE,CAAC,kBAAkB,EAAE,sBAAsB,CAAC;YAC3D,MAAM,EAAE,CAAC;YACT,WAAW,EAAE,IAAI;YACjB,6DAA6D;YAC7D,YAAY,EAAE,CAAC,cAAc,EAAE,eAAe,EAAE,QAAQ,CAAC;SAC1D,CAAC,CACH,CAAA;QAED,MAAM,SAAS,GAAG,YAAM,CAAC,GAAG,CAAC,WAAW,CAAC,CAAA;QACzC,MAAM,SAAS,GAAG,YAAM,CAAC,GAAG,CAAC,WAAW,CAAC,CAAA;QAEzC,IAAI,SAAS,IAAI,SAAS,EAAE;YAC1B,GAAG,CAAC,GAAG,CACL,IAAA,gBAAE,EAAC;gBACD,SAAS;gBACT,SAAS;gBACT,OAAO,EAAE,KAAK,EAAE,GAAG,EAAE,IAAI,EAAE,EAAE;oBAC3B,GAAG,CAAC,MAAM,GAAG,GAAG,CAAA;gBAClB,CAAC;aACF,CAAC,CACH,CAAA;SACF;QAED,IAAI,sBAAsB,GAAG,EAAE,CAC9B;QAAC,OAAe,CAAC,IAAI,CAAC,+BAA+B,EAAE,GAAG,EAAE,sBAAsB,CAAC,CAAA;QAEpF,MAAM,WAAW,GAAG,MAAM,IAAA,eAAM,GAAE,CAAA;QAElC,MAAM,UAAU,GAAG,IAAA,mBAAY,EAAC,GAAG,CAAC,QAAQ,EAAE,CAAC,CAAA;QAE/C,MAAM,kBAAkB,GAAG,+CAAkB,CAAC,MAAM,CAClD;YACE,MAAM,EAAE,WAAW;YACnB,qCAAqC;YACrC,OAAO,EAAP,iBAAO;YACP,SAAS,EAAT,mBAAS;YACT,KAAK,CAAC,SAAS,CAAC,gBAAwB,EAAE,SAAoB,EAAE,OAA0B;gBACxF,IAAI,EAAE,OAAO,EAAE,GAAG,OAAO,CAAA;gBAEzB,IAAI,GAAG,GAAG,IAAI,GAAG,CAAC,CAAC,gBAAgB,CAAC,SAAS,CAAC,IAAI,gBAAgB,CAAC,CAAC,OAAO,CAAC,CAAA;gBAC5E,IAAI,WAAW,GAAG,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,cAAc,CAAC,CAAA;gBACtD,gBAAgB,CAAC,SAAS,CAAC,CAAC,eAAe,CAAC,GAAG,WAAW,CAAA;gBAE1D,OAAO,CAAC,OAAO,mCACV,OAAO,CAAC,OAAO,GACf,CAAC,gBAAgB,CAAC,SAAS,CAAC,IAAI,gBAAgB,CAAC,CACrD,CAAA;gBAED,IAAI,UAAU,GAAG,MAAM,GAAG,CAAC,aAAa,CAAC,OAAO,EAAE,EAAS,CAAC,CAAA;gBAC5D,UAAU,CAAC,OAAO,CAAC,GAAG,EAAE,CAAA;gBAExB,6EAA6E;gBAC7E,IAAI,WAAW,GAAG,CAAC,GAAG,sBAAsB,CAAC,CAAA;gBAC7C,MAAM,EAAE,GAAG,YAAE,CAAC,IAAI,CAAC,IAAA,qBAAO,EAAC,WAAW,CAAC,CAAC,CAAA;gBAExC,MAAM,EAAE,CAAC,UAAU,CAAC,CAAA;gBAEpB,OAAO,UAAU,CAAA;YACnB,CAAC;SACF,EACD;YACE,MAAM,EAAE,UAAU;YAClB,IAAI,EAAE,gBAAgB;SACvB,CACF,CAAA;QAED,MAAM,MAAM,GAAG,IAAI,gCAAY,CAAC;YAC9B,MAAM,EAAE,WAAW;YACnB,WAAW,EAAE,KAAK,CAAC,EAAE;gBACnB,YAAM,CAAC,KAAK,CAAC,KAAK,CAAC,CAAA;gBACnB,OAAO,KAAK,CAAA;YACd,CAAC;YACD,cAAc,EAAE,QAAQ,CAAC,EAAE;gBACzB,gEAAgE;gBAChE,OAAO,QAAQ,CAAA;YACjB,CAAC;YACD,OAAO,EAAE,KAAK,EAAE,EAAE,UAAU,EAAE,GAAG,EAAE,EAAE,EAAE;gBACrC,IAAI,UAAU,EAAE;oBACd,OAAO,UAAU,CAAC,OAAO,CAAA;iBAC1B;qBAAM;oBACL,OAAO,GAAG,CAAA;iBACX;YACH,CAAC;YACD,OAAO,EAAE;gBACP,IAAA,mEAA8C,EAAC;oBAC7C,QAAQ,EAAE;wBACR,qBAAqB,EAAE,aAAa;qBACrC;iBACF,CAAC;gBACF;oBACE,KAAK,CAAC,eAAe;wBACnB,OAAO;4BACL,KAAK,CAAC,WAAW;gCACf,kBAAkB,CAAC,KAAK,EAAE,CAAA;4BAC5B,CAAC;yBACF,CAAA;oBACH,CAAC;iBACF;aACF;YACD,KAAK,EAAE,SAAS;SACjB,CAAC,CAAA;QAEF,MAAM,CAAC,KAAK,EAAE,CAAA;QAEd,yCAAkB,CAAC,IAAI,CAAC,WAAW,EAAE,GAAG,CAAC,CAAA;QAEzC,wBAAkB,CAAC,OAAO,CAAC,IAAI,CAAC,EAAE;YAChC,MAAM,EAAE,eAAe,EAAE,GAAG,IAAA,YAAM,EAAC,IAAI,CAAC,CAAA;YACxC,eAAe,IAAI,eAAe,CAAC,GAAG,CAAC,CAAA;QACzC,CAAC,CAAC,CAAA;QAEF,MAAM,MAAM,GAAG,OAAO,CAAC,4BAA4B,CAAC,CAAA;QACpD,MAAM,CAAC,GAAG,EAAE;YACV,IAAI,EAAE,QAAQ;YACd,IAAI,EAAE,oBAAoB,IAAI,EAAE;YAChC,MAAM,EAAE,KAAK;YACb,OAAO,EAAE,MAAM;YACf,KAAK,EAAE,KAAK;YACZ,KAAK,EAAE,KAAK;SACb,CAAC,CAAA;QAEF,MAAM,UAAU,GAAG,MAAM,IAAA,qBAAU,EAAC;YAClC,QAAQ;YACR,SAAS,EAAE,EAAE;YACb,aAAa,EAAE;gBACb,UAAU,EAAE,aAAa,CAAC,MAAM,CAAC,UAAU;gBAC3C,KAAK,EAAE,EAAE,MAAM,EAAE,IAAI,EAAE;aACxB;SACF,CAAC,CAAA;QAEF,0EAA0E;QAC1E,QAAQ,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,IAAI,EAAE,YAAY,EAAE,EAAE,KAAK,CAAC,EAAE;YACtD,CAAC;YAAC,OAAe,CAAC,IAAI,CAAC,gBAAgB,EAAE,GAAG,EAAE,QAAQ,CAAC,gBAAgB,CAAC,CAAA;QAC1E,CAAC,CAAC,CAAA;QAEF,wFAAwF;QACxF,uEAAuE;QACvE,GAAG,CAAC,GAAG,CAAC,KAAK,EAAE,GAAG,EAAE,IAAI,EAAE,EAAE;YAC1B,IAAI,GAAG,CAAC,MAAM,KAAK,MAAM,IAAI,GAAG,CAAC,IAAI,CAAC,UAAU,CAAC,iBAAiB,CAAC,EAAE;gBACnE,MAAM,GAAG,GAAG,GAAG,CAAC,GAAG,CAAA;gBACnB,MAAM,oBAAoB,GAAG,IAAI,oBAAW,EAAE,CAAA;gBAC9C,MAAM,iBAAiB,GAAG,IAAI,oBAAW,EAAE,CAG1C;gBAAC,oBAA4B,CAAC,OAAO,GAAG,GAAG,CAAC,OAAO,CACnD;gBAAC,oBAA4B,CAAC,MAAM,GAAG,GAAG,CAAC,MAAM,CACjD;gBAAC,oBAA4B,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAA;gBAE5C,MAAM,MAAM,GAAa,EAAE,CAAA;gBAC3B,MAAM,cAAc,GAAG,IAAI,OAAO,CAAS,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;oBAC7D,iBAAiB,CAAC,EAAE,CAAC,MAAM,EAAE,CAAC,KAAa,EAAE,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAA;oBAChF,iBAAiB,CAAC,EAAE,CAAC,KAAK,EAAE,GAAG,EAAE,CAAC,OAAO,CAAC,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,CAAA;oBACjE,iBAAiB,CAAC,EAAE,CAAC,OAAO,EAAE,MAAM,CAAC,CAAA;oBACrC,GAAG,CAAC,EAAE,CAAC,OAAO,EAAE,MAAM,CAAC,CAAA;gBACzB,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE;oBACZ,CAAC;oBAAC,GAAG,CAAC,OAAe,CAAC,OAAO,GAAG,GAAG,CAAA;oBACnC,OAAO,GAAG,CAAA;gBACZ,CAAC,CAAC,CAED;gBAAC,GAAG,CAAC,OAAe,CAAC,cAAc,GAAG,cAAc,CAAA;gBAErD,sBAAsB;gBACtB,GAAG,CAAC,IAAI,CAAC,oBAAoB,CAAC,CAAA;gBAC9B,GAAG,CAAC,IAAI,CAAC,iBAAiB,CAAC,CAAA;gBAE3B,GAAG,CAAC,GAAG,GAAG,oBAA2B,CACpC;gBAAC,GAAG,CAAC,OAAe,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAA;aACpC;YAED,OAAO,IAAI,EAAE,CAAA;QACf,CAAC,CAAC,CAAA;QAEF,GAAG,CAAC,GAAG,CAAC,IAAA,wBAAa,EAAC,gBAAgB,CAAC,CAAC,CAAA;QACxC,GAAG,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,IAAI,EAAE,EAAE;YACpB,yDAAyD;YACzD,IAAI,GAAG,CAAC,IAAI,KAAK,UAAU,EAAE;gBAC3B,OAAO,IAAA,iCAAgB,EAAC,gBAAgB,CAAC,CAAC,GAAG,EAAE,IAAI,CAAC,CAAA;aACrD;YACD,gDAAgD;YAChD,OAAO,IAAI,EAAE,CAAA;QACf,CAAC,CAAC,CAAA;QAEF,GAAG,CAAC,GAAG,CACL,MAAM,CAAC,aAAa,CAAC;YACnB,IAAI,EAAE,UAAU;SACjB,CAAC,CACH,CAGA;QAAC,OAAe,CAAC,IAAI,CAAC,sCAAsC,EAAE,GAAG,EAAE,4BAAkB,CAAC,CACtF;QAAC,OAAe,CAAC,IAAI,CAAC,uCAAuC,EAAE,GAAG,EAAE,6BAAmB,CAAC,CACxF;QAAC,OAAe,CAAC,IAAI,CAAC,sCAAsC,EAAE,GAAG,EAAE,4BAAkB,CAAC,CACtF;QAAC,OAAe,CAAC,IAAI,CAAC,uCAAuC,EAAE,GAAG,EAAE,6BAAmB,CAAC,CAAA;QAEzF,GAAG;aACA,GAAG,CAAC,4BAAkB,CAAC,MAAM,EAAE,CAAC;aAChC,GAAG,CAAC,4BAAkB,CAAC,cAAc,EAAE,CAAC;aACxC,GAAG,CAAC,6BAAmB,CAAC,MAAM,EAAE,CAAC;aACjC,GAAG,CAAC,6BAAmB,CAAC,cAAc,EAAE,CAAC;aACzC,GAAG,CAAC,4BAAkB,CAAC,MAAM,EAAE,CAAC;aAChC,GAAG,CAAC,4BAAkB,CAAC,cAAc,EAAE,CAAC;aACxC,GAAG,CAAC,6BAAmB,CAAC,MAAM,EAAE,CAAC;aACjC,GAAG,CAAC,6BAAmB,CAAC,cAAc,EAAE,CAAC,CAAA;QAE5C,mEAAmE;QACnE,GAAG,CAAC,GAAG,CAAC,IAAA,sDAAkB,EAAC,EAAE,SAAS,EAAE,EAAE,EAAE,CAAC,CAAC,CAAA;QAE9C,GAAG,CAAC,GAAG,CAAC,UAAU,CAAC,CAAA;QAEnB,GAAG,CAAC,GAAG,CACL,IAAA,oBAAS,EAAC,QAAQ,CAAC,UAAU,EAAE;YAC7B,KAAK,EAAE,KAAK;SACb,CAAC,CACH,CAAA;QAED,UAAU,CAAC,gBAAgB,GAAG,QAAQ,CAAC,gBAAgB,CAAC,CAAA;QACxD,UAAU,CAAC,cAAc,GAAG,QAAQ,CAAC,cAAc,CAAC,CAAA;QAEpD,UAAU,CAAC,MAAM,CAAC,EAAE,IAAI,EAAE,IAAI,EAAE,EAAE,GAAG,EAAE;YACrC,YAAM,CAAC,IAAI,CAAC,qCAAqC,IAAI,GAAG,MAAM,CAAC,WAAW,EAAE,CAAC,CAAA;YAC7E,YAAM,CAAC,IAAI,CAAC,0CAA0C,IAAI,GAAG,gBAAgB,EAAE,CAAC,CAC/E;YAAC,OAAe,CAAC,IAAI,CAAC,wBAAwB,EAAE,EAAE,GAAG,EAAE,MAAM,EAAN,YAAM,EAAE,WAAW,EAAE,UAAU,EAAE,CAAC,CAAA;QAC5F,CAAC,CAAC,CAAA;KACH;IAAC,OAAO,KAAK,EAAE;QACd,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,CAAA;QAClB,MAAM,KAAK,CAAA;KACZ;AACH,CAAC,CAAA;AAED,SAAS,EAAE,CAAA"}
|
package/dist-server/server.js
CHANGED
|
@@ -24,6 +24,7 @@ const koa_bodyparser_1 = __importDefault(require("koa-bodyparser"));
|
|
|
24
24
|
const koa_static_1 = __importDefault(require("koa-static"));
|
|
25
25
|
const schema_1 = require("./schema");
|
|
26
26
|
const bytes_1 = __importDefault(require("bytes"));
|
|
27
|
+
const stream_1 = require("stream");
|
|
27
28
|
const args = require('args');
|
|
28
29
|
args.option('port', 'The port on which the app will be running', env_1.config.get('port', 3000));
|
|
29
30
|
const flags = args.parse(process.argv);
|
|
@@ -141,6 +142,36 @@ const bootstrap = async () => {
|
|
|
141
142
|
cache: true,
|
|
142
143
|
debug: false
|
|
143
144
|
});
|
|
145
|
+
// Capture raw body for Xilnex webhook signature validation (must run BEFORE bodyparser)
|
|
146
|
+
// Only capture for Xilnex webhook routes to avoid unnecessary overhead
|
|
147
|
+
app.use(async (ctx, next) => {
|
|
148
|
+
if (ctx.method === 'POST' && ctx.path.startsWith('/webhook-xilnex')) {
|
|
149
|
+
const req = ctx.req;
|
|
150
|
+
const passthroughForParser = new stream_1.PassThrough();
|
|
151
|
+
const passthroughForRaw = new stream_1.PassThrough();
|
|
152
|
+
passthroughForParser.headers = req.headers;
|
|
153
|
+
passthroughForParser.method = req.method;
|
|
154
|
+
passthroughForParser.url = req.url;
|
|
155
|
+
const chunks = [];
|
|
156
|
+
const rawBodyPromise = new Promise((resolve, reject) => {
|
|
157
|
+
passthroughForRaw.on('data', (chunk) => chunks.push(Buffer.from(chunk)));
|
|
158
|
+
passthroughForRaw.on('end', () => resolve(Buffer.concat(chunks)));
|
|
159
|
+
passthroughForRaw.on('error', reject);
|
|
160
|
+
req.on('error', reject);
|
|
161
|
+
}).then(buf => {
|
|
162
|
+
;
|
|
163
|
+
ctx.request.rawBody = buf;
|
|
164
|
+
return buf;
|
|
165
|
+
});
|
|
166
|
+
ctx.request.rawBodyPromise = rawBodyPromise;
|
|
167
|
+
// Pipe request stream
|
|
168
|
+
req.pipe(passthroughForParser);
|
|
169
|
+
req.pipe(passthroughForRaw);
|
|
170
|
+
ctx.req = passthroughForParser;
|
|
171
|
+
ctx.request.req = ctx.req;
|
|
172
|
+
}
|
|
173
|
+
return next();
|
|
174
|
+
});
|
|
144
175
|
app.use((0, koa_bodyparser_1.default)(bodyParserOption));
|
|
145
176
|
app.use((ctx, next) => {
|
|
146
177
|
// Check if the request path is for the GraphQL endpoint.
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"server.js","sourceRoot":"","sources":["../server/server.ts"],"names":[],"mappings":";;;;;AAAA,OAAO,CAAC,GAAG,CAAC,QAAQ,GAAG,YAAY,CAAA;AACnC,OAAO,CAAC,eAAe,CAAC,CAAC,CAAC,CAAA;AAE1B,2EAAkF;AAClF,6CAAgF;AAChF,uCAA4G;AAC5G,qCAA4C;AAE5C,yDAAgD;AAChD,iEAA2D;AAC3D,8CAAqB;AACrB,4CAAmB;AACnB,8DAAiC;AACjC,qDAA4B;AAC5B,+BAAmC;AACnC,sDAA6D;AAC7D,mDAAiD;AACjD,yFAAsE;AACtE,oDAAuB;AACvB,oEAA0C;AAC1C,4DAAkC;AAClC,qCAAiC;AACjC,kDAA+B;
|
|
1
|
+
{"version":3,"file":"server.js","sourceRoot":"","sources":["../server/server.ts"],"names":[],"mappings":";;;;;AAAA,OAAO,CAAC,GAAG,CAAC,QAAQ,GAAG,YAAY,CAAA;AACnC,OAAO,CAAC,eAAe,CAAC,CAAC,CAAC,CAAA;AAE1B,2EAAkF;AAClF,6CAAgF;AAChF,uCAA4G;AAC5G,qCAA4C;AAE5C,yDAAgD;AAChD,iEAA2D;AAC3D,8CAAqB;AACrB,4CAAmB;AACnB,8DAAiC;AACjC,qDAA4B;AAC5B,+BAAmC;AACnC,sDAA6D;AAC7D,mDAAiD;AACjD,yFAAsE;AACtE,oDAAuB;AACvB,oEAA0C;AAC1C,4DAAkC;AAClC,qCAAiC;AACjC,kDAA+B;AAC/B,mCAAoC;AAEpC,MAAM,IAAI,GAAG,OAAO,CAAC,MAAM,CAAC,CAAA;AAE5B,IAAI,CAAC,MAAM,CAAC,MAAM,EAAE,2CAA2C,EAAE,YAAM,CAAC,GAAG,CAAC,MAAM,EAAE,IAAI,CAAC,CAAC,CAAA;AAE1F,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,CAAA;AAEtC,MAAM,IAAI,GAAG,OAAO,CAAC,MAAM,CAAC,CAAA;AAE5B,MAAM,IAAI,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,IAAI,GAAG,KAAK,CAAC,IAAI,CAAC,CAAA;AAE5C,MAAM,gBAAgB,GAAG,OAAO,CAAC,GAAG,CAAC,gBAAgB,IAAI,OAAO,CAAA;AAChE,MAAM,cAAc,GAAG,OAAO,CAAC,GAAG,CAAC,cAAc,IAAI,OAAO,CAAA;AAE5D,MAAM,WAAW,GAAG,YAAM,CAAC,GAAG,CAAC,aAAa,CAAC,IAAI,EAAE,CAAA;AAEnD,MAAM,gBAAgB,GAAG;IACvB,SAAS,EAAE,WAAW,CAAC,SAAS,IAAI,MAAM;IAC1C,SAAS,EAAE,WAAW,CAAC,SAAS,IAAI,MAAM;IAC1C,SAAS,EAAE,WAAW,CAAC,SAAS,IAAI,MAAM;CAC3C,CAAA;AAED,MAAM,UAAU,GAAG,YAAM,CAAC,GAAG,CAAC,YAAY,CAAC,IAAI,EAAE,CAAA;AACjD,MAAM,gBAAgB,GAAG;IACvB,WAAW,EAAE,eAAW,CAAC,KAAK,CAAC,UAAU,CAAC,WAAW,CAAC,IAAI,eAAW,CAAC,KAAK,CAAC,MAAM,CAAC;IACnF,QAAQ,EAAE,UAAU,CAAC,QAAQ,IAAI,EAAE;CACpC,CAAA;AACD,eAAe;AACf,MAAM,SAAS,GAAG,KAAK,IAAI,EAAE;IAC3B,MAAM,IAAA,8BAAmB,GAAE,CAAA;IAE3B,MAAM,GAAG,GAAG,IAAI,aAAG,EAAE,CAAA;IAErB,GAAG,CAAC,GAAG,CACL,IAAA,cAAI,EAAC;QACH,MAAM,EAAE,UAAU,GAAG;YACnB,OAAO,GAAG,CAAC,OAAO,CAAC,OAAO,CAAC,MAAM,IAAI,GAAG,CAAA;QAC1C,CAAC;QACD,aAAa,EAAE,CAAC,kBAAkB,EAAE,sBAAsB,CAAC;QAC3D,MAAM,EAAE,CAAC;QACT,WAAW,EAAE,IAAI;QACjB,6DAA6D;QAC7D,YAAY,EAAE,CAAC,cAAc,EAAE,eAAe,EAAE,QAAQ,CAAC;KAC1D,CAAC,CACH,CAAA;IAED,MAAM,SAAS,GAAG,YAAM,CAAC,GAAG,CAAC,WAAW,CAAC,CAAA;IACzC,MAAM,SAAS,GAAG,YAAM,CAAC,GAAG,CAAC,WAAW,CAAC,CAAA;IAEzC,IAAI,SAAS,IAAI,SAAS,EAAE;QAC1B,GAAG,CAAC,GAAG,CACL,IAAA,gBAAE,EAAC;YACD,SAAS;YACT,SAAS;YACT,OAAO,EAAE,KAAK,EAAE,GAAG,EAAE,IAAI,EAAE,EAAE;gBAC3B,GAAG,CAAC,MAAM,GAAG,GAAG,CAAA;YAClB,CAAC;SACF,CAAC,CACH,CAAA;KACF;IAED,IAAI,sBAAsB,GAAG,EAAE,CAC9B;IAAC,OAAe,CAAC,IAAI,CAAC,+BAA+B,EAAE,GAAG,EAAE,sBAAsB,CAAC,CAAA;IAEpF,MAAM,WAAW,GAAG,MAAM,IAAA,eAAM,GAAE,CAAA;IAElC,MAAM,UAAU,GAAG,IAAA,mBAAY,EAAC,GAAG,CAAC,QAAQ,EAAE,CAAC,CAAA;IAE/C,MAAM,kBAAkB,GAAG,+CAAkB,CAAC,MAAM,CAClD;QACE,MAAM,EAAE,WAAW;QACnB,qCAAqC;QACrC,OAAO,EAAP,iBAAO;QACP,SAAS,EAAT,mBAAS;QACT,KAAK,CAAC,SAAS,CAAC,gBAAwB,EAAE,SAAoB,EAAE,OAA0B;YACxF,IAAI,EAAE,OAAO,EAAE,GAAG,OAAO,CAAA;YAEzB,IAAI,GAAG,GAAG,IAAI,GAAG,CAAC,CAAC,gBAAgB,CAAC,SAAS,CAAC,IAAI,gBAAgB,CAAC,CAAC,OAAO,CAAC,CAAA;YAC5E,IAAI,WAAW,GAAG,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,cAAc,CAAC,CAAA;YACtD,gBAAgB,CAAC,SAAS,CAAC,CAAC,eAAe,CAAC,GAAG,WAAW,CAAA;YAE1D,OAAO,CAAC,OAAO,mCACV,OAAO,CAAC,OAAO,GACf,CAAC,gBAAgB,CAAC,SAAS,CAAC,IAAI,gBAAgB,CAAC,CACrD,CAAA;YAED,6EAA6E;YAC7E,IAAI,UAAU,GAAG,MAAM,GAAG,CAAC,aAAa,CAAC,OAAO,EAAE,EAAS,CAAC,CAAA;YAC5D,UAAU,CAAC,OAAO,CAAC,GAAG,EAAE,CAAA;YAExB,IAAI,WAAW,GAAG,CAAC,GAAG,sBAAsB,CAAC,CAAA;YAC7C,MAAM,EAAE,GAAG,YAAE,CAAC,IAAI,CAAC,IAAA,qBAAO,EAAC,WAAW,CAAC,CAAC,CAAA;YAExC,MAAM,EAAE,CAAC,UAAU,CAAC,CAAA;YAEpB,OAAO,UAAU,CAAA;QACnB,CAAC;KACF,EACD;QACE,MAAM,EAAE,UAAU;QAClB,IAAI,EAAE,gBAAgB;KACvB,CACF,CAAA;IAED,MAAM,MAAM,GAAG,IAAI,gCAAY,CAAC;QAC9B,MAAM,EAAE,WAAW;QACnB,WAAW,EAAE,KAAK,CAAC,EAAE;YACnB,YAAM,CAAC,KAAK,CAAC,KAAK,CAAC,CAAA;YACnB,OAAO,KAAK,CAAA;QACd,CAAC;QACD,cAAc,EAAE,QAAQ,CAAC,EAAE;YACzB,gEAAgE;YAChE,OAAO,QAAQ,CAAA;QACjB,CAAC;QACD,aAAa,EAAE,IAAI;QACnB,OAAO,EAAE,KAAK,EAAE,EAAE,UAAU,EAAE,GAAG,EAAE,EAAE,EAAE;YACrC,IAAI,UAAU,EAAE;gBACd,OAAO,UAAU,CAAC,OAAO,CAAA;aAC1B;iBAAM;gBACL,OAAO,GAAG,CAAA;aACX;QACH,CAAC;QACD,OAAO,EAAE;YACP;gBACE,KAAK,CAAC,eAAe;oBACnB,OAAO;wBACL,KAAK,CAAC,WAAW;4BACf,kBAAkB,CAAC,KAAK,EAAE,CAAA;wBAC5B,CAAC;qBACF,CAAA;gBACH,CAAC;aACF;SACF;QACD,KAAK,EAAE,SAAS;KACjB,CAAC,CAAA;IAEF,MAAM,MAAM,CAAC,KAAK,EAAE,CAAA;IAEpB,yCAAkB,CAAC,IAAI,CAAC,WAAW,EAAE,GAAG,CAAC,CAAA;IAEzC,wBAAkB,CAAC,OAAO,CAAC,IAAI,CAAC,EAAE;QAChC,MAAM,EAAE,eAAe,EAAE,GAAG,IAAA,YAAM,EAAC,IAAI,CAAC,CAAA;QACxC,eAAe,IAAI,eAAe,CAAC,GAAG,CAAC,CAAA;IACzC,CAAC,CAAC,CAAA;IAEF,MAAM,MAAM,GAAG,OAAO,CAAC,4BAA4B,CAAC,CAAA;IACpD,MAAM,CAAC,GAAG,EAAE;QACV,IAAI,EAAE,QAAQ;QACd,IAAI,EAAE,oBAAoB,IAAI,EAAE;QAChC,MAAM,EAAE,KAAK;QACb,OAAO,EAAE,MAAM;QACf,KAAK,EAAE,IAAI;QACX,KAAK,EAAE,KAAK;KACb,CAAC,CAAA;IAEF,wFAAwF;IACxF,uEAAuE;IACvE,GAAG,CAAC,GAAG,CAAC,KAAK,EAAE,GAAG,EAAE,IAAI,EAAE,EAAE;QAC1B,IAAI,GAAG,CAAC,MAAM,KAAK,MAAM,IAAI,GAAG,CAAC,IAAI,CAAC,UAAU,CAAC,iBAAiB,CAAC,EAAE;YACnE,MAAM,GAAG,GAAG,GAAG,CAAC,GAAG,CAAA;YACnB,MAAM,oBAAoB,GAAG,IAAI,oBAAW,EAAE,CAAA;YAC9C,MAAM,iBAAiB,GAAG,IAAI,oBAAW,EAAE,CAG1C;YAAC,oBAA4B,CAAC,OAAO,GAAG,GAAG,CAAC,OAAO,CACnD;YAAC,oBAA4B,CAAC,MAAM,GAAG,GAAG,CAAC,MAAM,CACjD;YAAC,oBAA4B,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAA;YAE5C,MAAM,MAAM,GAAa,EAAE,CAAA;YAC3B,MAAM,cAAc,GAAG,IAAI,OAAO,CAAS,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;gBAC7D,iBAAiB,CAAC,EAAE,CAAC,MAAM,EAAE,CAAC,KAAa,EAAE,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAA;gBAChF,iBAAiB,CAAC,EAAE,CAAC,KAAK,EAAE,GAAG,EAAE,CAAC,OAAO,CAAC,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,CAAA;gBACjE,iBAAiB,CAAC,EAAE,CAAC,OAAO,EAAE,MAAM,CAAC,CAAA;gBACrC,GAAG,CAAC,EAAE,CAAC,OAAO,EAAE,MAAM,CAAC,CAAA;YACzB,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE;gBACZ,CAAC;gBAAC,GAAG,CAAC,OAAe,CAAC,OAAO,GAAG,GAAG,CAAA;gBACnC,OAAO,GAAG,CAAA;YACZ,CAAC,CAAC,CAED;YAAC,GAAG,CAAC,OAAe,CAAC,cAAc,GAAG,cAAc,CAAA;YAErD,sBAAsB;YACtB,GAAG,CAAC,IAAI,CAAC,oBAAoB,CAAC,CAAA;YAC9B,GAAG,CAAC,IAAI,CAAC,iBAAiB,CAAC,CAAA;YAE3B,GAAG,CAAC,GAAG,GAAG,oBAA2B,CACpC;YAAC,GAAG,CAAC,OAAe,CAAC,GAAG,GAAG,GAAG,CAAC,GAAG,CAAA;SACpC;QAED,OAAO,IAAI,EAAE,CAAA;IACf,CAAC,CAAC,CAAA;IAEF,GAAG,CAAC,GAAG,CAAC,IAAA,wBAAa,EAAC,gBAAgB,CAAC,CAAC,CAAA;IACxC,GAAG,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,IAAI,EAAE,EAAE;QACpB,yDAAyD;QACzD,IAAI,GAAG,CAAC,IAAI,KAAK,UAAU,EAAE;YAC3B,OAAO,IAAA,iCAAgB,EAAC,gBAAgB,CAAC,CAAC,GAAG,EAAE,IAAI,CAAC,CAAA;SACrD;QACD,gDAAgD;QAChD,OAAO,IAAI,EAAE,CAAA;IACf,CAAC,CAAC,CAAA;IAEF,GAAG,CAAC,GAAG,CACL,MAAM,CAAC,aAAa,CAAC;QACnB,IAAI,EAAE,UAAU;KACjB,CAAC,CACH,CAGA;IAAC,OAAe,CAAC,IAAI,CAAC,sCAAsC,EAAE,GAAG,EAAE,4BAAkB,CAAC,CACtF;IAAC,OAAe,CAAC,IAAI,CAAC,uCAAuC,EAAE,GAAG,EAAE,6BAAmB,CAAC,CACxF;IAAC,OAAe,CAAC,IAAI,CAAC,sCAAsC,EAAE,GAAG,EAAE,4BAAkB,CAAC,CACtF;IAAC,OAAe,CAAC,IAAI,CAAC,uCAAuC,EAAE,GAAG,EAAE,6BAAmB,CAAC,CAAA;IAEzF,GAAG;SACA,GAAG,CAAC,4BAAkB,CAAC,MAAM,EAAE,CAAC;SAChC,GAAG,CAAC,4BAAkB,CAAC,cAAc,EAAE,CAAC;SACxC,GAAG,CAAC,6BAAmB,CAAC,MAAM,EAAE,CAAC;SACjC,GAAG,CAAC,6BAAmB,CAAC,cAAc,EAAE,CAAC;SACzC,GAAG,CAAC,4BAAkB,CAAC,MAAM,EAAE,CAAC;SAChC,GAAG,CAAC,4BAAkB,CAAC,cAAc,EAAE,CAAC;SACxC,GAAG,CAAC,6BAAmB,CAAC,MAAM,EAAE,CAAC;SACjC,GAAG,CAAC,6BAAmB,CAAC,cAAc,EAAE,CAAC,CAAA;IAE5C,6CAA6C;IAC7C,GAAG,CAAC,GAAG,CAAC,IAAA,sDAAkB,EAAC,EAAE,SAAS,EAAE,EAAE,EAAE,CAAC,CAAC,CAAA;IAE9C,GAAG,CAAC,GAAG,CACL,IAAA,oBAAS,EAAC,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,GAAG,EAAE,EAAE,aAAa,CAAC,EAAE;QACjD,KAAK,EAAE,YAAY;KACpB,CAAC,CACH,CAAA;IAED,UAAU,CAAC,gBAAgB,GAAG,QAAQ,CAAC,gBAAgB,CAAC,CAAA;IACxD,UAAU,CAAC,cAAc,GAAG,QAAQ,CAAC,cAAc,CAAC,CAAA;IAEpD,UAAU,CAAC,MAAM,CAAC,EAAE,IAAI,EAAE,IAAI,EAAE,EAAE,GAAG,EAAE;QACrC,YAAM,CAAC,IAAI,CAAC,qCAAqC,IAAI,GAAG,MAAM,CAAC,WAAW,EAAE,CAAC,CAAA;QAC7E,YAAM,CAAC,IAAI,CAAC,0CAA0C,IAAI,GAAG,gBAAgB,EAAE,CAAC,CAC/E;QAAC,OAAe,CAAC,IAAI,CAAC,wBAAwB,EAAE,EAAE,GAAG,EAAE,MAAM,EAAN,YAAM,EAAE,WAAW,EAAE,UAAU,EAAE,CAAC,CAAA;IAC5F,CAAC,CAAC,CAAA;AACJ,CAAC,CAAA;AAED,SAAS,EAAE,CAAA"}
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@things-factory/shell",
|
|
3
|
-
"version": "4.3.
|
|
3
|
+
"version": "4.3.738",
|
|
4
4
|
"description": "Core module for framework",
|
|
5
5
|
"bin": {
|
|
6
6
|
"things-factory": "bin/things-factory",
|
|
@@ -129,5 +129,5 @@
|
|
|
129
129
|
"resolutions": {
|
|
130
130
|
"core-js": "^3.16.0"
|
|
131
131
|
},
|
|
132
|
-
"gitHead": "
|
|
132
|
+
"gitHead": "4c0363d0c8fa24d07a827b9c884ad32755f3ee8c"
|
|
133
133
|
}
|
package/server/server-dev.ts
CHANGED
|
@@ -25,6 +25,7 @@ import koaStatic from 'koa-static'
|
|
|
25
25
|
import koaWebpack from '@hatiolab/koa-webpack'
|
|
26
26
|
import { schema } from './schema'
|
|
27
27
|
import bytesFormat from 'bytes'
|
|
28
|
+
import { PassThrough } from 'stream'
|
|
28
29
|
|
|
29
30
|
const debug = require('debug')('things-factory:shell:server-dev')
|
|
30
31
|
|
|
@@ -212,6 +213,43 @@ const bootstrap = async () => {
|
|
|
212
213
|
;(process as any).emit('client-rebuilt', app, compiler.outputFileSystem)
|
|
213
214
|
})
|
|
214
215
|
|
|
216
|
+
// Capture raw body for Xilnex webhook signature validation (must run BEFORE bodyparser)
|
|
217
|
+
// Only capture for Xilnex webhook routes to avoid unnecessary overhead
|
|
218
|
+
app.use(async (ctx, next) => {
|
|
219
|
+
if (ctx.method === 'POST' && ctx.path.startsWith('/webhook-xilnex')) {
|
|
220
|
+
const req = ctx.req
|
|
221
|
+
const passthroughForParser = new PassThrough()
|
|
222
|
+
const passthroughForRaw = new PassThrough()
|
|
223
|
+
|
|
224
|
+
// Copy minimal request metadata
|
|
225
|
+
;(passthroughForParser as any).headers = req.headers
|
|
226
|
+
;(passthroughForParser as any).method = req.method
|
|
227
|
+
;(passthroughForParser as any).url = req.url
|
|
228
|
+
|
|
229
|
+
const chunks: Buffer[] = []
|
|
230
|
+
const rawBodyPromise = new Promise<Buffer>((resolve, reject) => {
|
|
231
|
+
passthroughForRaw.on('data', (chunk: Buffer) => chunks.push(Buffer.from(chunk)))
|
|
232
|
+
passthroughForRaw.on('end', () => resolve(Buffer.concat(chunks)))
|
|
233
|
+
passthroughForRaw.on('error', reject)
|
|
234
|
+
req.on('error', reject)
|
|
235
|
+
}).then(buf => {
|
|
236
|
+
;(ctx.request as any).rawBody = buf
|
|
237
|
+
return buf
|
|
238
|
+
})
|
|
239
|
+
|
|
240
|
+
;(ctx.request as any).rawBodyPromise = rawBodyPromise
|
|
241
|
+
|
|
242
|
+
// Pipe request stream
|
|
243
|
+
req.pipe(passthroughForParser)
|
|
244
|
+
req.pipe(passthroughForRaw)
|
|
245
|
+
|
|
246
|
+
ctx.req = passthroughForParser as any
|
|
247
|
+
;(ctx.request as any).req = ctx.req
|
|
248
|
+
}
|
|
249
|
+
|
|
250
|
+
return next()
|
|
251
|
+
})
|
|
252
|
+
|
|
215
253
|
app.use(koaBodyParser(bodyParserOption))
|
|
216
254
|
app.use((ctx, next) => {
|
|
217
255
|
// Check if the request path is for the GraphQL endpoint.
|
package/server/server.ts
CHANGED
|
@@ -21,6 +21,7 @@ import koaBodyParser from 'koa-bodyparser'
|
|
|
21
21
|
import koaStatic from 'koa-static'
|
|
22
22
|
import { schema } from './schema'
|
|
23
23
|
import bytesFormat from 'bytes'
|
|
24
|
+
import { PassThrough } from 'stream'
|
|
24
25
|
|
|
25
26
|
const args = require('args')
|
|
26
27
|
|
|
@@ -176,6 +177,43 @@ const bootstrap = async () => {
|
|
|
176
177
|
debug: false
|
|
177
178
|
})
|
|
178
179
|
|
|
180
|
+
// Capture raw body for Xilnex webhook signature validation (must run BEFORE bodyparser)
|
|
181
|
+
// Only capture for Xilnex webhook routes to avoid unnecessary overhead
|
|
182
|
+
app.use(async (ctx, next) => {
|
|
183
|
+
if (ctx.method === 'POST' && ctx.path.startsWith('/webhook-xilnex')) {
|
|
184
|
+
const req = ctx.req
|
|
185
|
+
const passthroughForParser = new PassThrough()
|
|
186
|
+
const passthroughForRaw = new PassThrough()
|
|
187
|
+
|
|
188
|
+
// Copy minimal request metadata
|
|
189
|
+
;(passthroughForParser as any).headers = req.headers
|
|
190
|
+
;(passthroughForParser as any).method = req.method
|
|
191
|
+
;(passthroughForParser as any).url = req.url
|
|
192
|
+
|
|
193
|
+
const chunks: Buffer[] = []
|
|
194
|
+
const rawBodyPromise = new Promise<Buffer>((resolve, reject) => {
|
|
195
|
+
passthroughForRaw.on('data', (chunk: Buffer) => chunks.push(Buffer.from(chunk)))
|
|
196
|
+
passthroughForRaw.on('end', () => resolve(Buffer.concat(chunks)))
|
|
197
|
+
passthroughForRaw.on('error', reject)
|
|
198
|
+
req.on('error', reject)
|
|
199
|
+
}).then(buf => {
|
|
200
|
+
;(ctx.request as any).rawBody = buf
|
|
201
|
+
return buf
|
|
202
|
+
})
|
|
203
|
+
|
|
204
|
+
;(ctx.request as any).rawBodyPromise = rawBodyPromise
|
|
205
|
+
|
|
206
|
+
// Pipe request stream
|
|
207
|
+
req.pipe(passthroughForParser)
|
|
208
|
+
req.pipe(passthroughForRaw)
|
|
209
|
+
|
|
210
|
+
ctx.req = passthroughForParser as any
|
|
211
|
+
;(ctx.request as any).req = ctx.req
|
|
212
|
+
}
|
|
213
|
+
|
|
214
|
+
return next()
|
|
215
|
+
})
|
|
216
|
+
|
|
179
217
|
app.use(koaBodyParser(bodyParserOption))
|
|
180
218
|
app.use((ctx, next) => {
|
|
181
219
|
// Check if the request path is for the GraphQL endpoint.
|