merge features from hosted branch (#32)

major merge of features from the hosted branch that was created temporarily during the initial launch of jambonz.org

lib/utils/requestor.js

@@ -2,8 +2,30 @@ const bent = require('bent');
 const parseUrl = require('parse-url');
 const assert = require('assert');
 const snakeCaseKeys = require('./snakecase-keys');
+const crypto = require('crypto');
+const timeSeries = require('@jambonz/time-series');
+let alerter ;
+
 const toBase64 = (str) => Buffer.from(str || '', 'utf8').toString('base64');
 
+function computeSignature(payload, timestamp, secret) {
+  assert(secret);
+  const data = `${timestamp}.${JSON.stringify(payload)}`;
+  return crypto
+    .createHmac('sha256', secret)
+    .update(data, 'utf8')
+    .digest('hex');
+}
+
+function generateSigHeader(payload, secret) {
+  const timestamp = Math.floor(Date.now() / 1000);
+  const signature = computeSignature(payload, timestamp, secret);
+  const scheme = 'v1';
+  return {
+    'Jambonz-Signature': `t=${timestamp},${scheme}=${signature}`
+  };
+}
+
 function basicAuth(username, password) {
   if (!username || !password) return {};
   const creds = `${username}:${password || ''}`;
@@ -21,7 +43,7 @@ function isAbsoluteUrl(u) {
 }
 
 class Requestor {
-  constructor(logger, hook) {
+  constructor(logger, account_sid, hook, secret) {
     assert(typeof hook === 'object');
 
     this.logger = logger;
@@ -38,12 +60,22 @@ class Requestor {
 
     this.username = hook.username;
     this.password = hook.password;
+    this.secret = secret;
+    this.account_sid = account_sid;
 
     assert(isAbsoluteUrl(this.url));
     assert(['GET', 'POST'].includes(this.method));
 
     const {stats} = require('../../').srf.locals;
     this.stats = stats;
+
+    if (!alerter) {
+      alerter = timeSeries(logger, {
+        host: process.env.JAMBONES_TIME_SERIES_HOST,
+        commitSize: 50,
+        commitInterval: 'test' === process.env.NODE_ENV ? 7 : 20
+      });
+    }
   }
 
   get baseUrl() {
@@ -65,7 +97,6 @@ class Requestor {
     const payload = params ? snakeCaseKeys(params, ['customerData', 'sip']) : null;
     const url = hook.url || hook;
     const method = hook.method || 'POST';
-    const {username, password} = typeof hook === 'object' ? hook : {};
 
     assert.ok(url, 'Requestor:request url was not provided');
     assert.ok, (['GET', 'POST'].includes(method), `Requestor:request method must be 'GET' or 'POST' not ${method}`);
@@ -75,12 +106,27 @@ class Requestor {
 
     let buf;
     try {
+      const sigHeader = generateSigHeader(payload, this.secret);
+      const headers = {...sigHeader, ...this.authHeader};
+      this.logger.info({url, headers}, 'send webhook');
       buf = isRelativeUrl(url) ?
-        await this.post(url, payload, this.authHeader) :
-        await bent(method, 'buffer', 200, 201, 202)(url, payload, basicAuth(username, password));
+        await this.post(url, payload, headers) :
+        await bent(method, 'buffer', 200, 201, 202)(url, payload, headers);
     } catch (err) {
-      this.logger.info({baseUrl: this.baseUrl, url, statusCode: err.statusCode},
+      this.logger.error({err, secret: this.secret, baseUrl: this.baseUrl, url, statusCode: err.statusCode},
         `web callback returned unexpected error code ${err.statusCode}`);
+      let opts = {account_sid: this.account_sid};
+      if (err.code === 'ECONNREFUSED') {
+        opts = {...opts, alert_type: alerter.AlertType.WEBHOOK_CONNECTION_FAILURE, url};
+      }
+      else if (err.name === 'StatusError') {
+        opts = {...opts, alert_type: alerter.AlertType.WEBHOOK_STATUS_FAILURE, url, status: err.statusCode};
+      }
+      else {
+        opts = {...opts, alert_type: alerter.AlertType.WEBHOOK_CONNECTION_FAILURE, url, detail: err.message};
+      }
+      alerter.writeAlerts(opts).catch((err) => this.logger.info({err, opts}, 'Error writing alert'));
+
       throw err;
     }
     const diff = process.hrtime(startAt);