Hi,
i’m testing a webhook from Calendly
Calendly sample Response
Content-Type: application/json
User-Agent: Calendly
Accept-Encoding: gzip
X-Calendly-Hook-Id: 12345
Server is an Ubuntu 16.04, with Apache>2.4, YII2 2.0.13 Advanced Project Template
i’ve created an POST Action and wanted to validate my hook id in the sended header.
with Yii::$app->request->headers; i get this {}
in $_SERVER i see the entry "HTTP_X_CALENDLY_HOOK_ID":"12345"
other $_SERVER value is "REQUEST_SCHEME":"https"
Is there anything that i need to add in my configurations?
i found out the thing with csrf valisation YII2.0 Cookbook
My WebHook is running, but i can’t validate header information
My beforeAction & behaviors method in this controller
class CalendlyController extends Controller
{
private $createdWebHookID = '12345'; //TODO
public function beforeAction($action)
{
if (in_array($action->id, ['get-events'])) {
$this->enableCsrfValidation = false;
}
return parent::beforeAction($action);
}
/**
* @inheritdoc
*/
public function behaviors()
{
return [
'access' => [
'class' => AccessControl::className(),
'only' => ['get-events'],
'rules' => [
[
'actions' => ['get-events'],
'allow' => true,
'roles' => ['?'],
],
...
],
],
'verbs' => [
'class' => VerbFilter::className(),
'actions' => [
...
'get-events' => ['POST','GET'],
],
],
];
}
in my app main config
...
'components' => [
'request' => [
'csrfParam' => '_csrf-api',
'parsers' => [
'application/json' => 'yii\web\JsonParser',
]
],
...