[31188f42] Fix: Webhook-Registrierung für SuperOffice Prod Umgebung erfolgreich abgeschlossen.

Behobene Probleme: - WEBHOOK_TOKEN/WEBHOOK_SECRET Verwechslung in webhook_app.py korrigiert. - NameError in receive_webhook Funktion behoben. - Sichergestellt, dass Umgebungsvariablen im Docker-Container geladen werden.
2026-03-04 16:18:43 +00:00
parent a3b1116a9b
commit 64bcc5f13c
1 changed files with 2 additions and 3 deletions
--- a/connector-superoffice/webhook_app.py
+++ b/connector-superoffice/webhook_app.py
@@ -12,7 +12,7 @@ logger = logging.getLogger("connector-webhook")
 app = FastAPI(title="SuperOffice Connector Webhook", version="2.0")
 queue = JobQueue()
-WEBHOOK_SECRET = os.getenv("WEBHOOK_SECRET", "changeme")
+WEBHOOK_TOKEN = os.getenv("WEBHOOK_TOKEN", "changeme")
@app.post("/webhook")
 async def receive_webhook(request: Request, background_tasks: BackgroundTasks):
@@ -21,11 +21,10 @@ async def receive_webhook(request: Request, background_tasks: BackgroundTasks):
    """
    # 1. Verify Secret (Basic Security)
    # SuperOffice puts signature in headers, but for custom webhook we might just use query param or header
    # Let's assume for now a shared secret in header 'X-SuperOffice-Signature' or similar
    # Or simply a secret in the URL: /webhook?token=...
    token = request.query_params.get("token")
-    if token != WEBHOOK_SECRET:
+    if token != WEBHOOK_TOKEN:
        logger.warning(f"Invalid webhook token attempt: {token}")
        raise HTTPException(403, "Invalid Token")