mirror of
https://github.com/Abdulazizzn/n8n-enterprise-unlocked.git
synced 2025-12-17 18:12:04 +00:00
feat(Telegram Trigger Node): Verify Webhook requests (#8383)
Co-authored-by: Jonathan Bennetts <jonathan.bennetts@gmail.com>
This commit is contained in:
Marcus
@@ -235,3 +235,9 @@ export function getImageBySize(photos: IDataObject[], size: string): IDataObject
|
||||
export function getPropertyName(operation: string) {
|
||||
return operation.replace('send', '').toLowerCase();
|
||||
}
|
||||
|
||||
export function getSecretToken(this: IHookFunctions | IWebhookFunctions) {
|
||||
// Only characters A-Z, a-z, 0-9, _ and - are allowed.
|
||||
const secret_token = `${this.getWorkflow().id}_${this.getNode().id}`;
|
||||
return secret_token.replace(/[^a-zA-Z0-9\_\-]+/g, '');
|
||||
}
|
||||
|
||||
@@ -7,7 +7,7 @@ import type {
|
||||
IWebhookResponseData,
|
||||
} from 'n8n-workflow';
|
||||
|
||||
import { apiRequest, getImageBySize } from './GenericFunctions';
|
||||
import { apiRequest, getImageBySize, getSecretToken } from './GenericFunctions';
|
||||
|
||||
import type { IEvent } from './IEvent';
|
||||
|
||||
@@ -17,7 +17,8 @@ export class TelegramTrigger implements INodeType {
|
||||
name: 'telegramTrigger',
|
||||
icon: 'file:telegram.svg',
|
||||
group: ['trigger'],
|
||||
version: 1,
|
||||
version: [1, 1.1],
|
||||
defaultVersion: 1.1,
|
||||
subtitle: '=Updates: {{$parameter["updates"].join(", ")}}',
|
||||
description: 'Starts the workflow on a Telegram update',
|
||||
defaults: {
|
||||
@@ -40,6 +41,13 @@ export class TelegramTrigger implements INodeType {
|
||||
},
|
||||
],
|
||||
properties: [
|
||||
{
|
||||
displayName:
|
||||
'Due to Telegram API limitations, you can use just one Telegram trigger for each bot at a time',
|
||||
name: 'telegramTriggerNotice',
|
||||
type: 'notice',
|
||||
default: '',
|
||||
},
|
||||
{
|
||||
displayName: 'Trigger On',
|
||||
name: 'updates',
|
||||
@@ -188,9 +196,12 @@ export class TelegramTrigger implements INodeType {
|
||||
|
||||
const endpoint = 'setWebhook';
|
||||
|
||||
const secret_token = getSecretToken.call(this);
|
||||
|
||||
const body = {
|
||||
url: webhookUrl,
|
||||
allowed_updates: allowedUpdates,
|
||||
secret_token,
|
||||
};
|
||||
|
||||
await apiRequest.call(this, 'POST', endpoint, body);
|
||||
@@ -216,6 +227,19 @@ export class TelegramTrigger implements INodeType {
|
||||
const credentials = await this.getCredentials('telegramApi');
|
||||
|
||||
const bodyData = this.getBodyData() as IEvent;
|
||||
const headerData = this.getHeaderData();
|
||||
|
||||
const nodeVersion = this.getNode().typeVersion;
|
||||
if (nodeVersion > 1) {
|
||||
const secret = getSecretToken.call(this);
|
||||
if (secret !== headerData['x-telegram-bot-api-secret-token']) {
|
||||
const res = this.getResponseObject();
|
||||
res.status(403).json({ message: 'Provided secret is not valid' });
|
||||
return {
|
||||
noWebhookResponse: true,
|
||||
};
|
||||
}
|
||||
}
|
||||
|
||||
const additionalFields = this.getNodeParameter('additionalFields') as IDataObject;
|
||||
|
||||
|
||||
Reference in New Issue
Block a user