mirror of
https://github.com/n8n-io/n8n.git
synced 2024-12-24 20:24:05 -08:00
⚡ Deactivate Asana Trigger webhhook validation
This commit is contained in:
parent
2fee4396f1
commit
b90f4fb3f6
|
@ -197,6 +197,7 @@ export class AsanaTrigger implements INodeType {
|
|||
// that no webhooks are registred anymore
|
||||
delete webhookData.webhookId;
|
||||
delete webhookData.webhookEvents;
|
||||
delete webhookData.hookSecret;
|
||||
}
|
||||
|
||||
return true;
|
||||
|
@ -233,13 +234,17 @@ export class AsanaTrigger implements INodeType {
|
|||
return {};
|
||||
}
|
||||
|
||||
// Check if the request is valid
|
||||
// (if the signature matches to data and hookSecret)
|
||||
const computedSignature = createHmac('sha256', webhookData.hookSecret as string).update(JSON.stringify(req.body)).digest('hex');
|
||||
if (headerData['x-hook-signature'] !== computedSignature) {
|
||||
// Signature is not valid so ignore call
|
||||
return {};
|
||||
}
|
||||
// TODO: Had to be deactivated as it is currently not possible to get the secret
|
||||
// in production mode as the static data overwrites each other because the
|
||||
// two exist at the same time (create webhook [with webhookId] and receive
|
||||
// webhook [with secret])
|
||||
// // Check if the request is valid
|
||||
// // (if the signature matches to data and hookSecret)
|
||||
// const computedSignature = createHmac('sha256', webhookData.hookSecret as string).update(JSON.stringify(req.body)).digest('hex');
|
||||
// if (headerData['x-hook-signature'] !== computedSignature) {
|
||||
// // Signature is not valid so ignore call
|
||||
// return {};
|
||||
// }
|
||||
|
||||
return {
|
||||
workflowData: [
|
||||
|
|
Loading…
Reference in a new issue