Add webhooks signature verification on Sweego bridges

welcoMattic · welcoMattic · commit 2fef44053492 · 2024-10-24T14:16:20.000+02:00
diff --git a/src/Symfony/Component/Mailer/Bridge/Sweego/README.md b/src/Symfony/Component/Mailer/Bridge/Sweego/README.md
@@ -24,6 +24,33 @@ MAILER_DSN=sweego+api://API_KEY@default
 where:
  - `API_KEY` is your Sweego API Key
 
+Webhook
+-------
+
+Configure the webhook routing:
+
+```yaml
+framework:
+    webhook:
+        routing:
+            sweego_mailer:
+                service: mailer.webhook.request_parser.sweego
+                secret: '%env(SWEEGO_WEBHOOK_SECRET)%'
+```
+
+And a consumer:
+
+```php
+#[AsRemoteEventConsumer(name: 'sweego_mailer')]
+class SweegoMailEventConsumer implements ConsumerInterface
+{
+    public function consume(RemoteEvent|AbstractMailerEvent $event): void
+    {
+        // your code
+    }
+}
+```
+
 Resources
 ---------
 
diff --git a/src/Symfony/Component/Mailer/Bridge/Sweego/Webhook/SweegoRequestParser.php b/src/Symfony/Component/Mailer/Bridge/Sweego/Webhook/SweegoRequestParser.php
@@ -13,6 +13,7 @@
 
 use Symfony\Component\HttpFoundation\ChainRequestMatcher;
 use Symfony\Component\HttpFoundation\Request;
+use Symfony\Component\HttpFoundation\RequestMatcher\HeaderRequestMatcher;
 use Symfony\Component\HttpFoundation\RequestMatcher\IsJsonRequestMatcher;
 use Symfony\Component\HttpFoundation\RequestMatcher\MethodRequestMatcher;
 use Symfony\Component\HttpFoundation\RequestMatcherInterface;
@@ -34,6 +35,7 @@ protected function getRequestMatcher(): RequestMatcherInterface
         return new ChainRequestMatcher([
             new MethodRequestMatcher('POST'),
             new IsJsonRequestMatcher(),
+            new HeaderRequestMatcher(['webhook-id', 'webhook-timestamp', 'webhook-signature']),
         ]);
     }
 
@@ -51,10 +53,28 @@ protected function doParse(Request $request, #[\SensitiveParameter] string $secr
             throw new RejectWebhookException(406, 'Payload is malformed.');
         }
 
+        $this->validateSignature($request, $secret);
+
         try {
             return $this->converter->convert($content);
         } catch (ParseException $e) {
             throw new RejectWebhookException(406, $e->getMessage(), $e);
         }
     }
+
+    private function validateSignature(Request $request, string $secret): void
+    {
+        $contentToSign = \sprintf(
+            '%s.%s.%s',
+            $request->headers->get('webhook-id'),
+            $request->headers->get('webhook-timestamp'),
+            $request->getContent(),
+        );
+
+        $computedSignature = base64_encode(hash_hmac('sha256', $contentToSign, base64_decode($secret), true));
+
+        if (!hash_equals($computedSignature, $request->headers->get('webhook-signature'))) {
+            throw new RejectWebhookException(403, 'Invalid signature.');
+        }
+    }
 }
diff --git a/src/Symfony/Component/Notifier/Bridge/Sweego/README.md b/src/Symfony/Component/Notifier/Bridge/Sweego/README.md
@@ -44,6 +44,33 @@ $sms->options($options);
 $texter->send($sms);
 ```
 
+Webhook
+-------
+
+Configure the webhook routing:
+
+```yaml
+framework:
+    webhook:
+        routing:
+            sweego_sms:
+                service: notifier.webhook.request_parser.sweego
+                secret: '%env(SWEEGO_WEBHOOK_SECRET)%'
+```
+
+And a consumer:
+
+```php
+#[AsRemoteEventConsumer(name: 'sweego_sms')]
+class SweegoSmsEventConsumer implements ConsumerInterface
+{
+    public function consume(RemoteEvent|SmsEvent $event): void
+    {
+        // your code
+    }
+}
+```
+
 Resources
 ---------
 
diff --git a/src/Symfony/Component/Notifier/Bridge/Sweego/Webhook/SweegoRequestParser.php b/src/Symfony/Component/Notifier/Bridge/Sweego/Webhook/SweegoRequestParser.php
@@ -13,6 +13,7 @@
 
 use Symfony\Component\HttpFoundation\ChainRequestMatcher;
 use Symfony\Component\HttpFoundation\Request;
+use Symfony\Component\HttpFoundation\RequestMatcher\HeaderRequestMatcher;
 use Symfony\Component\HttpFoundation\RequestMatcher\IsJsonRequestMatcher;
 use Symfony\Component\HttpFoundation\RequestMatcher\MethodRequestMatcher;
 use Symfony\Component\HttpFoundation\RequestMatcherInterface;
@@ -32,6 +33,7 @@ protected function getRequestMatcher(): RequestMatcherInterface
         return new ChainRequestMatcher([
             new MethodRequestMatcher('POST'),
             new IsJsonRequestMatcher(),
+            new HeaderRequestMatcher(['webhook-id', 'webhook-timestamp', 'webhook-signature']),
         ]);
     }
 
@@ -43,6 +45,8 @@ protected function doParse(Request $request, #[\SensitiveParameter] string $secr
             throw new RejectWebhookException(406, 'Payload is malformed.');
         }
 
+        $this->validateSignature($request, $secret);
+
         $name = match ($payload['event_type']) {
             'sms_sent' => SmsEvent::DELIVERED,
             default => throw new RejectWebhookException(406, \sprintf('Unsupported event "%s".', $payload['event'])),
@@ -53,4 +57,20 @@ protected function doParse(Request $request, #[\SensitiveParameter] string $secr
 
         return $event;
     }
+
+    private function validateSignature(Request $request, string $secret): void
+    {
+        $contentToSign = \sprintf(
+            '%s.%s.%s',
+            $request->headers->get('webhook-id'),
+            $request->headers->get('webhook-timestamp'),
+            $request->getContent(),
+        );
+
+        $computedSignature = base64_encode(hash_hmac('sha256', $contentToSign, base64_decode($secret), true));
+
+        if (!hash_equals($computedSignature, $request->headers->get('webhook-signature'))) {
+            throw new RejectWebhookException(403, 'Invalid signature.');
+        }
+    }
 }
