ligbox/ligbox-ops-platform
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
ligbox-ops-platform/verify-webhook.sh
Ligbox Spec Hub 3a2c64834b Initial import: ligbox-ops-platform + specs + LAPTOP + obsidian merge (CT130) 
Source: VM122 /opt + obsidian-infra + LAPTOP
Hub: CT130 spec-hub 10.10.10.130
2026-06-19 17:26:41 +00:00

61 lines
2.1 KiB
Bash
Executable file
Raw Permalink Blame History

#!/usr/bin/env bash
set -euo pipefail
ENV_FILE="${ENV_FILE:-/opt/ligbox-ops-platform/.env}"
if [[ -f "$ENV_FILE" ]]; then
set -a
# shellcheck disable=SC1090
source "$ENV_FILE"
set +a
fi
OPS_URL="${OPS_URL:-http://10.10.10.122:8080}"
SECRET="${WEBHOOK_SECRET:-ligbox-ops-dev-secret}"
SESSION_ID="verify-$(date +%s)"
DOMAIN="verify.ops.ligbox"
echo "=== Ligbox Ops Webhook Verification ==="
echo "OPS_URL=$OPS_URL"
echo "[1] Health"
curl -sf "$OPS_URL/health" | python3 -m json.tool
echo "[2] Send account.created"
curl -sf -X POST "$OPS_URL/api/v1/webhooks/onboard" \
-H "Content-Type: application/json" \
-H "X-Webhook-Secret: $SECRET" \
-d "{\"event\":\"account.created\",\"domain\":\"$DOMAIN\",\"session_id\":\"$SESSION_ID\",\"data\":{\"email\":\"admin@$DOMAIN\",\"account_verified\":true,\"needs_review\":false}}" \
| python3 -m json.tool
echo "[3] Duplicate (expect duplicate=true, no new ticket)"
curl -sf -X POST "$OPS_URL/api/v1/webhooks/onboard" \
-H "Content-Type: application/json" \
-H "X-Webhook-Secret: $SECRET" \
-d "{\"event\":\"account.created\",\"domain\":\"$DOMAIN\",\"session_id\":\"$SESSION_ID\",\"data\":{\"email\":\"admin@$DOMAIN\",\"account_verified\":true,\"needs_review\":false}}" \
| python3 -m json.tool
echo "[4] Invalid secret (expect 401)"
if curl -sf -X POST "$OPS_URL/api/v1/webhooks/onboard" \
-H "Content-Type: application/json" \
-H "X-Webhook-Secret: wrong-secret" \
-d "{\"event\":\"account.created\",\"domain\":\"$DOMAIN\",\"session_id\":\"bad\"}"; then
echo "FAIL: expected 401"
exit 1
else
echo "OK: rejected invalid secret"
fi
echo "[5] Tickets (auth required)"
DESK_PASS="${DESK_BOOTSTRAP_PASSWORD:-805353}"
sleep 2
TOKEN=$(curl -s -X POST "$OPS_URL/api/v1/auth/login" \
-H "Content-Type: application/json" \
-d "{\"username\":\"root\",\"password\":\"$DESK_PASS\"}" \
| python3 -c "import sys,json; d=json.load(sys.stdin); print(d.get('access_token',''))")
if [[ -z "$TOKEN" ]]; then
echo "FAIL: could not obtain auth token (rate limit?)"
exit 1
fi
curl -sf -H "Authorization: Bearer $TOKEN" "$OPS_URL/api/v1/desk/tickets" | python3 -m json.tool | head -30
echo "=== Verification complete ==="
Reference in a new issue View git blame Copy permalink