# Copyright (c) Facebook, Inc. and its affiliates. # This source code is licensed under the MIT license found in the # LICENSE file in the root directory of this source tree. from __future__ import absolute_import, division, print_function, unicode_literals import os import tempfile from wadebug import results from wadebug.exceptions import ( WABizAccessError, WABizAuthError, WABizGeneralError, WABizNetworkError, ) from wadebug.wa_actions import curl_utils, docker_utils from wadebug.wa_actions.base import WAAction from wadebug.wa_actions.curl_utils import CURLTestResult from wadebug.wa_actions.wabiz_api import WABizAPI REQ_TIMEOUT = 5 ACCEPTABLE_RESPONSE_TIME = 3 TEST_POST_DATA_STRING = '{"wadebug_webhook_test":"test"}' DEST_PATH = "/usr/local/waent" class CheckWebhookAction(WAAction): user_facing_name = "check_webhook" short_description = "Test if the webhook is accessible and responsive" config_dependencies = ("webapp.baseUrl", "webapp.user", "webapp.password") @classmethod def _run(cls, config, *args, **kwargs): api = WABizAPI(**config.get("webapp")) try: webhook_url = api.get_webhook_url() if not webhook_url: return _result_webhook_not_set(cls) if not webhook_url.startswith("https"): return _result_webhook_not_https(cls) except (WABizAccessError, WABizAuthError, WABizNetworkError, ValueError) as e: return _result_get_webhook_error(cls, e) # explicitly catching a possible exception except WABizGeneralError as e: # WABizGeneralError is likely not a user error, # should be handled by app-wide catch raise e wacore_containers = docker_utils.get_running_wacore_containers() if not wacore_containers: return results.Problem( cls, "Webhook check failed", "There is no wacore container running", "Please check results from other actions to diagnose", ) container = wacore_containers[0] cert_str = api.get_webhook_cert() dest_cert = None if cert_str: with tempfile.NamedTemporaryFile() as cert_file: cert_file.write(cert_str) cert_file.seek(0) docker_utils.put_archive_to_container( container, cert_file.name, DEST_PATH ) dest_cert = os.path.join(DEST_PATH, os.path.basename(cert_file.name)) result, response_time = curl_utils.https_post_request_from_container( container, webhook_url, TEST_POST_DATA_STRING, REQ_TIMEOUT, dest_cert ) if result == CURLTestResult.CONNECTION_ERROR: return _result_webhook_could_not_connect(cls) elif result == CURLTestResult.SSL_CERT_UNKNOWN: return _result_webhook_no_cert_uploaded(cls) elif result == CURLTestResult.CONNECTION_TIMEOUT: return _result_webhook_did_not_respond(cls) elif result == CURLTestResult.HTTP_STATUS_NOT_OK: return _result_webhook_did_not_return_ok(cls) elif response_time > ACCEPTABLE_RESPONSE_TIME: return _result_webhook_slow_response(cls, response_time) return results.OK(cls) def _result_webhook_not_set(cls): return results.Warning( cls, "Unable to check webhook", "Webhook has not been set", "Set up webhook via App Settings " "https://developers.facebook.com/docs/whatsapp/api/settings/app", "", ) def _result_webhook_not_https(cls): return results.Problem( cls, "Webhook not secure", "Webhook is not using https", "Please set a webhook endpoint that is https enabled", "", ) def _result_webhook_no_cert_uploaded(cls): return results.Problem( cls, "SSL verification error", "Unable to connect securely to the webhook", "Please upload self-signed cert (and restart coreapp) " "or use a publicly known cert", "", ) def _result_get_webhook_error(cls, exception): results.Problem(cls, "Unable to check webhook", str(exception), "") def _result_webhook_could_not_connect(cls): return results.Problem( cls, "Webhook unresponsive", "Could not establish a connection to the webhook".format(REQ_TIMEOUT), "Please check to make sure your webhook endpoint is up, or " "have configured the webhook setting correctly", ) def _result_webhook_did_not_respond(cls): return results.Problem( cls, "Webhook unresponsive", "Webhook did not respond within {} seconds".format(REQ_TIMEOUT), "Please ensure you are returning 200 OK " "from your webhook handler as soon as possible." "If processing is needed, we recommend returning 200 OK " "and doing processing later.", ) def _result_webhook_did_not_return_ok(cls): return results.Problem( cls, "Unexpected webhook response", "Webhook did not return 200 OK", "Please ensure your webhook handler returns 200 OK", ) def _result_webhook_slow_response(cls, response_time): return results.Warning( cls, "Slow webhook response", "Webhook responded in {} seconds".format(response_time), "Please ensure you are returning 200 OK " "from your webhook handler as soon as possible", )