webhook templates
This commit is contained in:
@@ -9,7 +9,7 @@ import json
|
||||
import logging
|
||||
import time
|
||||
from datetime import datetime, timezone
|
||||
from typing import List, Dict, Optional, Any
|
||||
from typing import List, Dict, Optional, Any, Tuple
|
||||
from sqlalchemy.orm import Session
|
||||
import requests
|
||||
from requests.auth import HTTPBasicAuth
|
||||
@@ -18,6 +18,8 @@ from cryptography.fernet import Fernet
|
||||
import os
|
||||
|
||||
from ..models import Webhook, WebhookDeliveryLog, Alert, AlertRule, Scan
|
||||
from .template_service import get_template_service
|
||||
from ..config import APP_NAME, APP_VERSION, REPO_URL
|
||||
|
||||
logger = logging.getLogger(__name__)
|
||||
|
||||
@@ -178,11 +180,11 @@ class WebhookService:
|
||||
|
||||
logger.info(f"Delivering webhook {webhook_id} for alert {alert_id} (attempt {attempt_number}/{webhook.retry_count})")
|
||||
|
||||
# Build payload
|
||||
payload = self._build_payload(alert)
|
||||
# Build payload with template support
|
||||
payload, content_type = self._build_payload(webhook, alert)
|
||||
|
||||
# Prepare headers
|
||||
headers = {'Content-Type': 'application/json'}
|
||||
headers = {'Content-Type': content_type}
|
||||
|
||||
# Add custom headers if provided
|
||||
if webhook.custom_headers:
|
||||
@@ -207,13 +209,26 @@ class WebhookService:
|
||||
# Execute HTTP request
|
||||
try:
|
||||
timeout = webhook.timeout or 10
|
||||
response = requests.post(
|
||||
webhook.url,
|
||||
json=payload,
|
||||
headers=headers,
|
||||
auth=auth,
|
||||
timeout=timeout
|
||||
)
|
||||
|
||||
# Use appropriate parameter based on payload type
|
||||
if isinstance(payload, dict):
|
||||
# JSON payload
|
||||
response = requests.post(
|
||||
webhook.url,
|
||||
json=payload,
|
||||
headers=headers,
|
||||
auth=auth,
|
||||
timeout=timeout
|
||||
)
|
||||
else:
|
||||
# Text payload
|
||||
response = requests.post(
|
||||
webhook.url,
|
||||
data=payload,
|
||||
headers=headers,
|
||||
auth=auth,
|
||||
timeout=timeout
|
||||
)
|
||||
|
||||
# Log delivery attempt
|
||||
log_entry = WebhookDeliveryLog(
|
||||
@@ -305,15 +320,18 @@ class WebhookService:
|
||||
# Exponential backoff: 2^attempt seconds (2, 4, 8, 16...)
|
||||
return min(2 ** attempt_number, 60) # Cap at 60 seconds
|
||||
|
||||
def _build_payload(self, alert: Alert) -> Dict[str, Any]:
|
||||
def _build_payload(self, webhook: Webhook, alert: Alert) -> Tuple[Any, str]:
|
||||
"""
|
||||
Build JSON payload for webhook delivery.
|
||||
Build payload for webhook delivery using template if configured.
|
||||
|
||||
Args:
|
||||
webhook: Webhook object with optional template configuration
|
||||
alert: Alert object
|
||||
|
||||
Returns:
|
||||
Dict containing alert details in generic JSON format
|
||||
Tuple of (payload, content_type):
|
||||
- payload: Rendered payload (dict for JSON, string for text)
|
||||
- content_type: Content-Type header value
|
||||
"""
|
||||
# Get related scan
|
||||
scan = self.db.query(Scan).filter(Scan.id == alert.scan_id).first()
|
||||
@@ -321,6 +339,65 @@ class WebhookService:
|
||||
# Get related rule
|
||||
rule = self.db.query(AlertRule).filter(AlertRule.id == alert.rule_id).first()
|
||||
|
||||
# If webhook has a custom template, use it
|
||||
if webhook.template:
|
||||
template_service = get_template_service()
|
||||
context = template_service.build_context(
|
||||
alert=alert,
|
||||
scan=scan,
|
||||
rule=rule,
|
||||
app_name=APP_NAME,
|
||||
app_version=APP_VERSION,
|
||||
app_url=REPO_URL
|
||||
)
|
||||
|
||||
rendered, error = template_service.render(
|
||||
webhook.template,
|
||||
context,
|
||||
webhook.template_format or 'json'
|
||||
)
|
||||
|
||||
if error:
|
||||
logger.error(f"Template rendering error for webhook {webhook.id}: {error}")
|
||||
# Fall back to default payload
|
||||
return self._build_default_payload(alert, scan, rule), 'application/json'
|
||||
|
||||
# Determine content type
|
||||
if webhook.content_type_override:
|
||||
content_type = webhook.content_type_override
|
||||
elif webhook.template_format == 'text':
|
||||
content_type = 'text/plain'
|
||||
else:
|
||||
content_type = 'application/json'
|
||||
|
||||
# For JSON format, parse the rendered string back to a dict
|
||||
# For text format, return as string
|
||||
if webhook.template_format == 'json':
|
||||
try:
|
||||
payload = json.loads(rendered)
|
||||
except json.JSONDecodeError:
|
||||
logger.error(f"Failed to parse rendered JSON template for webhook {webhook.id}")
|
||||
return self._build_default_payload(alert, scan, rule), 'application/json'
|
||||
else:
|
||||
payload = rendered
|
||||
|
||||
return payload, content_type
|
||||
|
||||
# No template - use default payload
|
||||
return self._build_default_payload(alert, scan, rule), 'application/json'
|
||||
|
||||
def _build_default_payload(self, alert: Alert, scan: Optional[Scan], rule: Optional[AlertRule]) -> Dict[str, Any]:
|
||||
"""
|
||||
Build default JSON payload for webhook delivery.
|
||||
|
||||
Args:
|
||||
alert: Alert object
|
||||
scan: Scan object (optional)
|
||||
rule: AlertRule object (optional)
|
||||
|
||||
Returns:
|
||||
Dict containing alert details in generic JSON format
|
||||
"""
|
||||
payload = {
|
||||
"event": "alert.created",
|
||||
"alert": {
|
||||
@@ -367,19 +444,56 @@ class WebhookService:
|
||||
'status_code': None
|
||||
}
|
||||
|
||||
# Build test payload
|
||||
payload = {
|
||||
"event": "webhook.test",
|
||||
"message": "This is a test webhook from SneakyScanner",
|
||||
"timestamp": datetime.now(timezone.utc).isoformat(),
|
||||
"webhook": {
|
||||
"id": webhook.id,
|
||||
"name": webhook.name
|
||||
# Build test payload - use template if configured
|
||||
if webhook.template:
|
||||
template_service = get_template_service()
|
||||
rendered, error = template_service.render_test_payload(
|
||||
webhook.template,
|
||||
webhook.template_format or 'json'
|
||||
)
|
||||
|
||||
if error:
|
||||
return {
|
||||
'success': False,
|
||||
'message': f'Template error: {error}',
|
||||
'status_code': None
|
||||
}
|
||||
|
||||
# Determine content type
|
||||
if webhook.content_type_override:
|
||||
content_type = webhook.content_type_override
|
||||
elif webhook.template_format == 'text':
|
||||
content_type = 'text/plain'
|
||||
else:
|
||||
content_type = 'application/json'
|
||||
|
||||
# Parse JSON template
|
||||
if webhook.template_format == 'json':
|
||||
try:
|
||||
payload = json.loads(rendered)
|
||||
except json.JSONDecodeError:
|
||||
return {
|
||||
'success': False,
|
||||
'message': 'Template rendered invalid JSON',
|
||||
'status_code': None
|
||||
}
|
||||
else:
|
||||
payload = rendered
|
||||
else:
|
||||
# Default test payload
|
||||
payload = {
|
||||
"event": "webhook.test",
|
||||
"message": "This is a test webhook from SneakyScanner",
|
||||
"timestamp": datetime.now(timezone.utc).isoformat(),
|
||||
"webhook": {
|
||||
"id": webhook.id,
|
||||
"name": webhook.name
|
||||
}
|
||||
}
|
||||
}
|
||||
content_type = 'application/json'
|
||||
|
||||
# Prepare headers
|
||||
headers = {'Content-Type': 'application/json'}
|
||||
headers = {'Content-Type': content_type}
|
||||
|
||||
if webhook.custom_headers:
|
||||
try:
|
||||
@@ -402,13 +516,26 @@ class WebhookService:
|
||||
# Execute test request
|
||||
try:
|
||||
timeout = webhook.timeout or 10
|
||||
response = requests.post(
|
||||
webhook.url,
|
||||
json=payload,
|
||||
headers=headers,
|
||||
auth=auth,
|
||||
timeout=timeout
|
||||
)
|
||||
|
||||
# Use appropriate parameter based on payload type
|
||||
if isinstance(payload, dict):
|
||||
# JSON payload
|
||||
response = requests.post(
|
||||
webhook.url,
|
||||
json=payload,
|
||||
headers=headers,
|
||||
auth=auth,
|
||||
timeout=timeout
|
||||
)
|
||||
else:
|
||||
# Text payload
|
||||
response = requests.post(
|
||||
webhook.url,
|
||||
data=payload,
|
||||
headers=headers,
|
||||
auth=auth,
|
||||
timeout=timeout
|
||||
)
|
||||
|
||||
return {
|
||||
'success': response.status_code < 400,
|
||||
|
||||
Reference in New Issue
Block a user