Skip to main content

Module webhook_trigger

Module webhook_trigger 

Source
Expand description

HTTP webhook trigger system for OxiMedia workflows.

This module provides a self-contained webhook trigger registry that maps incoming HTTP requests to workflow IDs. It is transport-agnostic: callers construct a WebhookPayload from whatever HTTP framework they use and pass it to WebhookTriggerRegistry::match_trigger.

§Signature verification

When a WebhookTrigger is configured with a secret_token, the registry validates the X-Signature request header against a deterministic XOR-based MAC of the raw body. The MAC is not cryptographically secure (it is a lightweight stub for integration testing); production deployments should use the full HMAC-SHA256 implementation in crate::triggers.

§Example

use oximedia_workflow::webhook_trigger::{
    WebhookTrigger, WebhookTriggerRegistry, WebhookPayload,
};

let mut registry = WebhookTriggerRegistry::new();
registry.add_trigger(WebhookTrigger {
    id: "t1".to_string(),
    path: "/webhooks/ingest".to_string(),
    workflow_id: "wf-ingest".to_string(),
    secret_token: None,
});

let payload = WebhookPayload {
    method: "POST".to_string(),
    path: "/webhooks/ingest".to_string(),
    body: "{}".to_string(),
    headers: vec![],
};

let trigger = registry.match_trigger(&payload);
assert!(trigger.is_some());
assert_eq!(trigger.unwrap().workflow_id, "wf-ingest");

Structs§

SimpleWebhookTrigger
A lightweight webhook trigger keyed only by destination URL.
WebhookPayload
Represents an incoming HTTP request delivered to a webhook endpoint.
WebhookTrigger
A registered webhook trigger that binds an HTTP path to a workflow.
WebhookTriggerRegistry
In-process registry that matches incoming WebhookPayloads to registered WebhookTriggers.

Functions§

validate_signature
Validate the X-Signature header of a WebhookPayload against a secret.
xor_mac
Compute a lightweight 64-bit XOR-based MAC of body keyed with secret.