Lightning.Workflows.WebhookAuthMethod (Lightning v2.15.0-pre5)

View Source

The Lightning.Workflows.WebhookAuthMethod module defines the schema for webhook authentication methods and provides functionalities to handle them.

Schema

The schema represents a webhook authentication method that can be of two types - :basic and :api. The basic type requires a username and password, while the api type requires an api_key.

The schema fields include:

  • name: the name of the authentication method
  • auth_type: the type of authentication, can be :basic or :api
  • username: the username required for basic authentication
  • password: the password required for basic authentication (virtual field)
  • hashed_password: the hashed version of the password
  • api_key: the API key required for API authentication

Associations

Each WebhookAuthMethod belongs to a project. It is also associated with multiple triggers through a many_to_many relationship.

Validations and Constraints

This module provides changeset functions for casting and validating the schema fields and applying unique constraints on name, username, and api_key within the project scope.

Password Verification

The valid_password?/2 function is provided to verify passwords and it avoids timing attacks by using Bcrypt.no_user_verify/0 when there is no webhook_auth_method or the webhook_auth_method doesn't have a password.

Summary

Types

t()

Functions

basic_auth_for(auth_method)

Retrieves basic auth strings from a WebhookAuthMethod for use in log scrubbing.

changeset(struct, params \\ %{})
generate_api_key(length \\ 32)
sensitive_values_for(auth_method)

Retrieves sensitive values from a WebhookAuthMethod for use in log scrubbing.

update_changeset(struct, params)

Types

t()

@type t() :: %Lightning.Workflows.WebhookAuthMethod{
  __meta__: term(),
  api_key: term(),
  auth_type: term(),
  id: term(),
  inserted_at: term(),
  name: term(),
  password: term(),
  project: term(),
  project_id: term(),
  scheduled_deletion: term(),
  triggers: term(),
  updated_at: term(),
  username: term()
}

Functions

basic_auth_for(auth_method)

@spec basic_auth_for(t() | nil) :: [String.t()]

Retrieves basic auth strings from a WebhookAuthMethod for use in log scrubbing.

Returns a list of base64-encoded "username:password" strings that might appear in Authorization headers.

Examples

iex> basic_auth_for(%WebhookAuthMethod{auth_type: :basic, username: "user", password: "pass"})
["dXNlcjpwYXNz"]

iex> basic_auth_for(%WebhookAuthMethod{auth_type: :api, api_key: "secret"})
[]

changeset(struct, params \\ %{})

generate_api_key(length \\ 32)

sensitive_values_for(auth_method)

@spec sensitive_values_for(t() | nil) :: [String.t()]

Retrieves sensitive values from a WebhookAuthMethod for use in log scrubbing.

For :basic auth, returns the username and password. For :api auth, returns the api_key.

Examples

iex> sensitive_values_for(%WebhookAuthMethod{auth_type: :basic, username: "user", password: "pass"})
["pass"]

iex> sensitive_values_for(%WebhookAuthMethod{auth_type: :api, api_key: "secret123"})
["secret123"]

iex> sensitive_values_for(nil)
[]

update_changeset(struct, params)