machankura/phoenixd_enclave
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add authentication to webhook calls (#34)

Browse Source 
A new `X-Phoenix-Signature` header is added to webhook calls, which contains the HMAC-SHA256 signature of the whole json body, encoded in utf-8, using the `webhook-secret` configuration parameter, also encoded in utf-8. 

For example:
- webhook request body:
```
{
    "type": "payment_received",
    "timestamp": 1712785550079,
    "amountSat": 8,
    "paymentHash": "e628f8a516e9d3ee5e212a675f8d0c9dc5e7a5d500c5f4f91c62e9e921492653",
    "externalId": null
}
```
- `webhook-secret` in `phoenix.conf`:`ef72d3b96324106dfbf83f2a4efeff7dddb4ce923e9664cb56baf34cc52936b6`

Will produce the header `X-Phoenix-Signature: 77ffc40401024fb417e45fdd002de06bdbf3b48b90d09d05cccd06462920aed7`

A `timestamp` has been added to the events, to provide protection against replay attacks. Users should check that the timestamp is not too old. Stripe uses a [5 min default tolerance](https://docs.stripe.com/webhooks#replay-attacks).

Suggested by @danielcharrua in #33.
This commit is contained in:
Pierre-Marie Padiou 2024-04-23 16:57:03 +02:00 committed by GitHub
parent 2964e34213
commit 18035566f8
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
3 changed files with 36 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
src/commonMain/kotlin/fr/acinq/lightning/bin/Api.kt
View File

@ -26,6 +26,7 @@ import fr.acinq.lightning.utils.*
import io.ktor.client.* import io.ktor.client.*
import io.ktor.client.request.* import io.ktor.client.request.*
import io.ktor.http.* import io.ktor.http.*
import io.ktor.http.content.*
import io.ktor.serialization.kotlinx.* import io.ktor.serialization.kotlinx.*
import io.ktor.serialization.kotlinx.json.* import io.ktor.serialization.kotlinx.json.*
import io.ktor.server.application.* import io.ktor.server.application.*
@ -41,8 +42,9 @@ import io.ktor.server.websocket.*
import kotlinx.coroutines.flow.SharedFlow import kotlinx.coroutines.flow.SharedFlow
import kotlinx.coroutines.launch import kotlinx.coroutines.launch
import kotlinx.serialization.json.Json import kotlinx.serialization.json.Json
import okio.ByteString.Companion.encodeUtf8
class Api(private val nodeParams: NodeParams, private val peer: Peer, private val eventsFlow: SharedFlow<ApiEvent>, private val password: String, private val webhookUrl: Url?) { class Api(private val nodeParams: NodeParams, private val peer: Peer, private val eventsFlow: SharedFlow<ApiEvent>, private val password: String, private val webhookUrl: Url?, private val webhookSecret: String) {
fun Application.module() { fun Application.module() {
@ -199,6 +201,16 @@ class Api(private val nodeParams: NodeParams, private val peer: Peer, private va
}) })
} }
} }
client.sendPipeline.intercept(HttpSendPipeline.State) {
when (val body = context.body) {
is TextContent -> {
val bodyBytes = body.text.encodeUtf8()
val secretBytes = webhookSecret.encodeUtf8()
val sig = bodyBytes.hmacSha256(secretBytes)
context.headers.append("X-Phoenix-Signature", sig.hex())
}
}
}
launch { launch {
eventsFlow.collect { event -> eventsFlow.collect { event ->
client.post(url) { client.post(url) {
@ -231,5 +243,3 @@ class Api(private val nodeParams: NodeParams, private val peer: Peer, private va
private fun Parameters.getOptionalLong(argName: String): Long? = this[argName]?.let { it.toLongOrNull() ?: invalidType(argName, "integer") } private fun Parameters.getOptionalLong(argName: String): Long? = this[argName]?.let { it.toLongOrNull() ?: invalidType(argName, "integer") }
} }

28
src/commonMain/kotlin/fr/acinq/lightning/bin/Main.kt
View File

@ -102,16 +102,26 @@ class Phoenixd : CliktCommand() {
.default(10.minutes) .default(10.minutes)
private val httpBindIp by option("--http-bind-ip", help = "Bind ip for the http api").default("127.0.0.1") private val httpBindIp by option("--http-bind-ip", help = "Bind ip for the http api").default("127.0.0.1")
private val httpBindPort by option("--http-bind-port", help = "Bind port for the http api").int().default(9740) private val httpBindPort by option("--http-bind-port", help = "Bind port for the http api").int().default(9740)
private val httpPassword by option("--http-password", help = "Password for the http api").defaultLazy { private val httpPassword by option("--http-password", help = "Password for the http api")
// the additionalValues map already contains values in phoenix.conf, so if we are here then there are no existing password .defaultLazy {
terminal.print(yellow("Generating default api password...")) // if we are here then no value is defined in phoenix.conf
val value = randomBytes32().toHex() terminal.print(yellow("Generating default api password..."))
FileSystem.SYSTEM.appendingSink(confFile, mustExist = false).buffer().use { it.writeUtf8("\nhttp-password=$value\n") } val value = randomBytes32().toHex()
terminal.println(white("done")) FileSystem.SYSTEM.appendingSink(confFile, mustExist = false).buffer().use { it.writeUtf8("\nhttp-password=$value") }
value terminal.println(white("done"))
} value
}
private val webHookUrl by option("--webhook", help = "Webhook http endpoint for push notifications (alternative to websocket)") private val webHookUrl by option("--webhook", help = "Webhook http endpoint for push notifications (alternative to websocket)")
.convert { Url(it) } .convert { Url(it) }
private val webHookSecret by option("--webhook-secret", help = "Secret used to authenticate webhook calls")
.defaultLazy {
// if we are here then no value is defined in phoenix.conf
terminal.print(yellow("Generating webhook secret..."))
val value = randomBytes32().toHex()
FileSystem.SYSTEM.appendingSink(confFile, mustExist = false).buffer().use { it.writeUtf8("\nwebhook-secret=$value") }
terminal.println(white("done"))
value
}
class LiquidityOptions : OptionGroup(name = "Liquidity Options") { class LiquidityOptions : OptionGroup(name = "Liquidity Options") {
val autoLiquidity by option("--auto-liquidity", help = "Amount automatically requested when inbound liquidity is needed").choice( val autoLiquidity by option("--auto-liquidity", help = "Amount automatically requested when inbound liquidity is needed").choice(
@ -353,7 +363,7 @@ class Phoenixd : CliktCommand() {
reuseAddress = true reuseAddress = true
}, },
module = { module = {
Api(nodeParams, peer, eventsFlow, httpPassword, webHookUrl).run { module() } Api(nodeParams, peer, eventsFlow, httpPassword, webHookUrl, webHookSecret).run { module() }
} }
) )
val serverJob = scope.launch { val serverJob = scope.launch {

5
src/commonMain/kotlin/fr/acinq/lightning/bin/json/JsonSerializers.kt
View File

@ -25,6 +25,7 @@ import fr.acinq.lightning.channel.states.ChannelStateWithCommitments
import fr.acinq.lightning.db.LightningOutgoingPayment import fr.acinq.lightning.db.LightningOutgoingPayment
import fr.acinq.lightning.json.JsonSerializers import fr.acinq.lightning.json.JsonSerializers
import fr.acinq.lightning.utils.UUID import fr.acinq.lightning.utils.UUID
import kotlinx.datetime.Clock
import kotlinx.serialization.SerialName import kotlinx.serialization.SerialName
import kotlinx.serialization.Serializable import kotlinx.serialization.Serializable
import kotlinx.serialization.UseSerializers import kotlinx.serialization.UseSerializers
@ -70,7 +71,9 @@ sealed class ApiType {
data class GeneratedInvoice(@SerialName("amountSat") val amount: Satoshi?, val paymentHash: ByteVector32, val serialized: String) : ApiType() data class GeneratedInvoice(@SerialName("amountSat") val amount: Satoshi?, val paymentHash: ByteVector32, val serialized: String) : ApiType()
@Serializable @Serializable
sealed class ApiEvent : ApiType() sealed class ApiEvent : ApiType() {
val timestamp: Long = Clock.System.now().toEpochMilliseconds()
}
@Serializable @Serializable
@SerialName("payment_received") @SerialName("payment_received")