Webhook

Webhook is a provision in cidaas that allows executing business specific requirements when specific events occur during the registration or login.

cidaas provides a Webhook URL (location / client's Webhook receiver) and key to be configured by the Administrator user.

Find the below pre-defined events list cidaas provides:

// The commentated Section denote the particular event description.
1. ACCOUNT_CREATED_WITH_CIDAAS_IDENTITY - //user registered via classic login.
2. ACCOUNT_CREATED_WITH_SOCIAL_IDENTITY - //user registered via social login.
3. ACCOUNT_DELETED - //user details deleted by admin
4. ACCOUNT_MODIFIED - //user details modified by user/admin.
5. ACCOUNT_EMAIL_VERIFIED - //user verified the email.
6. ACCOUNT_MOBILE_NO_VERIFIED - //user verified the mobile no.
7. ACCOUNT_ACTIVATED - //user activated by admin or user.
8. ACCOUNT_DEACTIVATED - //user activated by admin or user.
9. ACCOUNT_SOCIALIDENTITY_ADDED - //user registered with same email id but different provider.
10. ACCOUNT_SOCIALIDENTITY_REMOVED - //user unlink/removed the unused provider.
11. ACCOUNT_CIDAASIDENTITY_ADDED - //user registered with same email id via classic registration.
12. ACCOUNT_CIDAASIDENTITY_REMOVED - //user unlink the classic email id.
13. PASSWORD_CHANGED - //user changed the password in user profile management.
14. EMAIL_CHANGED - //user/admin change the email id.
15. PASSWORD_RESET - //user reset the password via email.
16. COMBINED - //combine/link the account if the user has two account with different email id.
17. MOVED - //combine/link the account if the user has two account with different email id.
18. LOGOUT - //logout from the business.
19. TOKEN_RENEWED - //access token renewed with refresh token.
20. CODE_OBTAINED - //cidaas return the code if the business requested the responseType is code in authorization request.
21. ACCESS_TOKEN_OBTAINED - //cidaas return the code if the business requested the responseType is token in authorization request.
22. TWO_FA_VERIFIED - //the user login with classic/social login and verify with the multi factor option(Email,SMS,Face).
23. LOGIN_WITH_CIDAAS - //the user login with classic.
24. LOGIN_WITH_SOCIAL - //the user login with social (facebook,google...).
25. APP_CREATED - //new app created in cidaas.
26. APP_MODIFIED - //app updated in cidaas.
27. ACCESS_TOKEN_REVOKED - //logout from all devices.
28. APP_DELETED - //app deleted in cidaas.
29. GROUP_UPDATED - //the user mapped with group.
30. LOGIN_FAILURE - //the user give the invalid credentials (username/password).
31. LOGIN_ATTEMPT_OVERDUE
32. LOGIN_ATTEMPT_RESET
33. LOGIN_ATTEMPT_PREVENTED
34. ROLE_CREATED - //new role created in cidaas.
35. ROLE_DELETED - //role removed from cidaas.
36. SOCIAL_PROVIDER_ENABLED - //social provider enabled in cidaas.
37. SOCIAL_PROVIDER_DISABLED - //social provider disabled in cidaas.
38. DOOR_CREATED
39. DOOR_UPDATED
40. DOOR_DELETED
41. DOOR_GROUP_CREATED
42. DOOR_GROUP_UPDATED
43. DOOR_GROUP_DELETED

Create Webhook

1. Click “Create Webhook” button.

2. Select the Webhook events from the drop down.

3. Enter the Webhook URL.

4. Enter the Webhook API-Key, as in the below screen,

5. Click “Save Changes” button, a message window popup “Webhook Saved Successfully”,

6. Click “OK” button, the webbook grid table get displayed as in the below screen,

Edit Webhook Template:

1. From the created Webhooks, click on the icon Edit Template,

2. Edit the appropriate changes

3. Click “Save” button.

Delete Webhook Template:

1. From the created Webhooks, click on the delete icon.

2. A confirmation window popup to delete the Webhooks.

3. Click “YES” button to confirm the delete or click “NO” button to cancel the delete.

Client Webhook Receiver Implementation

The Client Webhook receiver needs to handle the following:

1. Receive the event and acknowledge the cidaas Webhook event.

2. Get Access Token.

3. Get User Info.

4. Handle the Event Types.

5. Receive the Event and acknowledge the cidaas Webhook: That is, parse the payload from the cidaas Webhook event and respond back with 200 ok, if not this will appear in the failed Webhooks report.

6. Get Access Token: Use your Non-Interactive Client application's client_id and client_secret to obtain the access_token from cidaas.

7. Let us see how by using sample node js application: This is my sample node js application's folder structure

TokenResolver.js

TokenResolver.js

var request = require('request');

var getAccessToken = (config, callback) => {

    var options = {
        uri: config.token_url,
        form: {
            grant_type: 'client_credentials',
            client_id: config.client_id,
            client_secret: config.client_secret
        }
    };

    request.post(options, (error, response, body) => {
        if (error) {

            callback({
                error: error
            });
            return;
        }
        if (body && typeof body == "string") {
            try {
                body = JSON.parse(body);
                callback({
                    error: null,
                    data: body
                });
                return;
            } catch (error) {
                console.log("error while parsing");
            }
        }
        callback({
            error: "error while getting token info"
        });
    });

};

module.exports = {
    getAccessToken: getAccessToken
};

  1. Get User Info UserinfoResolver.js
var request = require('request');

var getUserInfo = (config, userId, access_token, callback) => {

    var options = {
        uri: config.userinfo_url + "/" + userId,
        headers: {
            "access_token": access_token,
            "content-type": 'application/json'
        }
    };

    request.get(options, (error, response, body) => {
        if (error) {

            callback({
                error: error
            });
            return;
        }
        if (body && typeof body == "string") {
            try {
                body = JSON.parse(body);
                callback({
                    error: null,
                    data: body
                });
                return;
            } catch (error) {
                console.log("error while parsing");
            }
        }
        callback({
            error: "error while getting user info"
        });
    });

};

module.exports = {
    getUserInfo: getUserInfo
};
  1. Handle the Event Types WebhookHandlerController.js
var HttpStatus = require('http-status-codes');
var request = require('request');
var async = require('async');
var tokenResolver = require.main.require("./Model/TokenResolver.js");
var userInfoResolver = require.main.require("./Model/UserInfoResolver.js");

var cidaasConfig = require.main.require("./Resources/conf/cidaas-service.json");

module.exports = function (app) {

    /**
     * Sample Body JSON 
     {

        "eventtype":"ACCOUNT_CREATED_WITH_CIDAAS_IDENTITY",

        "userId":"09874dac-f3bc-422a-b169-786f2a079157",

        "createTime":1472451637774,

        "providerName":"Facebook",

        "client_id":"5a5a0a92511f46a58e505d223e0eddb4"

    }
     */
    app.post("/receiver", function (req, res) {
        var requestData = req.body;
        async.parallel({
            handlewebhook: function (callback) {

                try {
                    tokenResolver.getAccessToken(cidaasConfig, (tokenResponse) => {
                        if (tokenResponse.error) {
                            callback(null, {
                                error: tokenResponse.error,
                                status: HttpStatus.INTERNAL_SERVER_ERROR
                            });
                            return;
                        }
                        userInfoResolver.getUserInfo(cidaasConfig, requestData.userId, tokenResponse.data.access_token, (userInfo) => {
                            if (userInfo.error) {
                                callback(null, {
                                    error: userInfo.error,
                                    status: HttpStatus.INTERNAL_SERVER_ERROR
                                });
                                return;
                            }

                            switch (requestData.eventtype) {
                                case "ACCOUNT_CREATED_WITH_CIDAAS_IDENTITY":
                                case "ACCOUNT_CREATED_WITH_SOCIAL_IDENTITY":
                                    console.log("New user created in cidaas ");
                                    console.log(userInfo);

                                    callback(null, {
                                        data: "New user created in cidaas ",
                                        status: HttpStatus.OK
                                    });
                                    break;

                                case "LOGIN_WITH_CIDAAS":
                                case "LOGIN_WITH_SOCIAL":
                                    console.log("User logged in Cidaas ");
                                    console.log(userInfo);
                                    callback(null, {
                                        data: "done",
                                        status: HttpStatus.OK
                                    });
                                    break;

                                default:
                                    console.log("Un handled events ");
                                    callback(null, {
                                        data: "done",
                                        status: HttpStatus.OK
                                    });
                                    break;
                            }
                        });
                    });

                } catch (error) {
                    callback(null, {
                        error: userInfo.error,
                        status: HttpStatus.INTERNAL_SERVER_ERROR
                    });
                }
            }
        }, function (error, results) {
            if (results.handlewebhook.status == HttpStatus.OK) {
                return res.status(results.handlewebhook.status).send(results.handlewebhook.data);
            } else {
                return res.status(results.handlewebhook.status).end();
            }
        });
    });


};
Note In the receiver side, you must use @JsonIgnoreProperties(ignoreUnknown=true) if you are using the strict JSON parser validation.



results matching ""

    No results matching ""