[SOLVED] Rules: Multiple Shared Secrets

Bugs Solved Bugs
1

I have setup multiple (2) webhook rules with that have different URLs and different shared secrets. However both rules seem to be using the same shared secret, is it possible to use different shared secrets for different rules (the way the UI is presented seems to suggest this is possible)? I have left the rule for over a day as I thought it was cached or something but it still seems to choose the incorrect secret to create the signature.

https://cloud.squidex.io/app/doculynk/rules/

I’m submitting a Bug report.

Current behavior

Rule 621f5a09-743a-4cc0-bc4d-98163924e3e2 uses 6ea09795-3afc-4772-9228-80867af536c1 shared secret.

Expected behavior

Rule 621f5a09-743a-4cc0-bc4d-98163924e3e2 should use its own secret.

Minimal reproduction of the problem

Publishing content produces event with incorrect signature for rule 621f5a09-743a-4cc0-bc4d-98163924e3e2.

Environment

Cloud version

Browser:
Chrome (desktop)

2

I cannot reproduce it.

I created two webhooks:

image
image.png782×533 14.3 KB

and

image
image.png764×489 12.4 KB

Then I created a content item and got this

Request:
POST: https://squidex.io/ HTTP/1.1
X-Signature: ybwIz+KEzhpzZavhe+hDDJfBj7USrHCmPohuSbXNeD8=
X-Application: Squidex Webhook
User-Agent: Squidex; Webhook
Content-Type: application/json; charset=utf-8
Content-Length: 643

{"type":"RefsPublished","payload":{"$type":"EnrichedContentEvent","type":"Published","id":"60569f80-c17e-4214-aeac-92528e00ca54","created":"2020-09-30T08:21:03Z","lastModified":"2020-09-30T08:21:03Z","createdBy":"subject:5f71dbf97926e24a579fc725","lastModifiedBy":"subject:5f71dbf97926e24a579fc725","data":{"assets":{"iv":[]},"refs":{"iv":[]}},"status":"Published","partition":605745886,"schemaId":"c6a6de1d-9f63-4f5f-91c9-b32f8f86e90a,refs","actor":"subject:5f71dbf97926e24a579fc725","appId":"bb3affb7-09ec-4df2-83a1-a02364416f81,refs","timestamp":"2020-09-30T08:21:03Z","name":"RefsPublished","version":1},"timestamp":"2020-09-30T08:21:03Z"}

and

Request:
POST: https://squidex.io/ HTTP/1.1
X-Signature: Su2hxEGz3/tQZ6UzzbrqwzRHLZ8EXnENjTJqLSCDFtk=
X-Application: Squidex Webhook
User-Agent: Squidex; Webhook
Content-Type: application/json; charset=utf-8
Content-Length: 643

{"type":"RefsPublished","payload":{"$type":"EnrichedContentEvent","type":"Published","id":"60569f80-c17e-4214-aeac-92528e00ca54","created":"2020-09-30T08:21:03Z","lastModified":"2020-09-30T08:21:03Z","createdBy":"subject:5f71dbf97926e24a579fc725","lastModifiedBy":"subject:5f71dbf97926e24a579fc725","data":{"assets":{"iv":[]},"refs":{"iv":[]}},"status":"Published","partition":605745886,"schemaId":"c6a6de1d-9f63-4f5f-91c9-b32f8f86e90a,refs","actor":"subject:5f71dbf97926e24a579fc725","appId":"bb3affb7-09ec-4df2-83a1-a02364416f81,refs","timestamp":"2020-09-30T08:21:03Z","name":"RefsPublished","version":1},"timestamp":"2020-09-30T08:21:03Z"}
3

Can you look into why our rules are not producing the correct signatures then? There’s definitely something strange going on here. :pray:

The live rule (621f5a09-743a-4cc0-bc4d-98163924e3e2) doesn’t seem to have any events, but if you look in history there are events.

LiveRule
LiveRule.PNG943×229 11.4 KB

I did initially create the rule with the wrong secret then changed it maybe that is the bug?

4

Have you recently changed something? If you create a new rule it takes a few minutes until it is used by the rule system.

The rules also create jobs and the jobs is reused if you retry a rule.

Can I just publish a content item for testing?

5

I updated the rule secret yesterday. Yes you can publish some test content, please use the key TestContent (I don’t want to overwrite any existing content).

6

I just did it and it looks okay in my opinion.

I see two different events for the Published event with different URLs and different secrets.

1 Like
7

I have no idea how but that seems to have fixed it :exploding_head: (you can see an old log where it was failing for you reference).

8