[#322] WebHook (Callback) doesn't fire

system · January 29, 2019, 10:08am

Migrated from Redmine #322 | Author: Claus Muchardt-Pind
Status: Closed | Priority: High, I’m very impatient | Created: 2019-01-29

Hi guys,

I have a Callback URL (webhook) that doesn’t seem to get fired when bookings are touched.

Could you please have a look, and tell me if there’s anything I miss out on ?

Company login: bestsecurity1

Please let me know if you need more info, and if so, what kind.

Thanks

system · February 1, 2019, 11:55am

Claus Muchardt-Pind wrote:

Hi guys,

As the priority says “… I’m very impatient …” - I really need some kind of feedback from you guys.

Thanks,
Claus

system · February 1, 2019, 1:20pm

Dmytro Bondarev wrote:

Hello! We have checked and we do call your callback URL.
Please check your server logs.

system · February 1, 2019, 1:34pm

Claus Muchardt-Pind wrote:

Hi Dmitry,

My serverlogs gives me nothing

The webhook is a pretty simple piece of code, and just to make sure that I receive something, I only dump the ‘php://input’ to a local log-file. The local log-file is as empty as the serverlog.

Could you take a look at this, and tell me if something is missing:

error_log( print_r("SimplyFetch begun ...", TRUE), 3, "hook_content.log" );
$webhookContent = "";

$webhook = fopen('php://input' , 'rb');
while (!feof($webhook)) {
    $webhookContent .= fread($webhook, 4096);
}
fclose($webhook);

$orderHook = json_decode($webhookContent, true);
error_log( print_r("\nHook content : " . $orderHook, TRUE), 3, "hook_content.log" );

Thanks,
Claus

system · February 1, 2019, 1:46pm

Dmytro Bondarev wrote:

Here is answer from your server:

403 Forbidden

nginx

403

system · February 1, 2019, 6:23pm

Claus Muchardt-Pind wrote:

Hi,

Alright - looks like that I need to allow calls (CORS)

Can you tell me what domain I should grant access ?

Thanks,
Claus

system · February 1, 2019, 6:50pm

Dmytro Bondarev wrote:

CORS is using by browser to check if it is allowed to call url from different domain.

Cross-Origin Resource Sharing (CORS) is a mechanism that uses additional HTTP headers to tell a browser to let a web application running at one origin (domain) have permission to access selected resources from a server at a different origin.

Before POST browser makes OPTIONS request and get answer from server if it is possible to make call.
When server makes call to other server there is no place for CORS, because there is no browser.

system · February 2, 2019, 9:57am

Claus Muchardt-Pind wrote:

Ok - my mistake. I’ll contact the host supplier and hope they can fix the 403.

Thanks,
Claus

system · February 4, 2019, 12:38pm

Claus Muchardt-Pind wrote:

Hi Dmitry,

Our host supplier has whitelisted domain: user-api.simplybook.me

Could you please try to make a call again, and tell me whether you still get a 403?

I see nothing in my logfiles :-/

Thanks,
Claus

system · February 4, 2019, 12:41pm

Redmine Admin wrote:

API is working fine as it should. Unfortunately our developers do not have time to debug third party code. Please investigate the issue with your server admin

system · February 4, 2019, 12:43pm

Claus Muchardt-Pind wrote:

Hi Redmine Admin,

I’m not asking for a debug at all. I was just asking you if you still gets a 403 (to verify the whitelist).

Thanks,
Claus

system · February 4, 2019, 12:46pm

Redmine Admin wrote:

Please send queries to your callback url from another server. When you will see it working then it will be possible to go to the API step