Assist_Design/apps/bff/src/webhooks/webhooks.controller.ts

import {
  Controller,
  Post,
  Body,
  Headers,
  UseGuards,
  HttpCode,
  HttpStatus,
  BadRequestException,
} from "@nestjs/common";
import { WebhooksService } from "./webhooks.service";
import { ApiTags, ApiOperation, ApiResponse, ApiHeader } from "@nestjs/swagger";
import { ThrottlerGuard } from "@nestjs/throttler";
import { EnhancedWebhookSignatureGuard } from "./guards/enhanced-webhook-signature.guard";
import { Public } from "../auth/decorators/public.decorator";

@ApiTags("webhooks")
@Controller("webhooks")
@Public() // Webhooks use signature-based authentication, not JWT
@UseGuards(ThrottlerGuard) // Rate limit webhook endpoints
export class WebhooksController {
  constructor(private webhooksService: WebhooksService) {}

  @Post("whmcs")
  @HttpCode(HttpStatus.OK)
  @UseGuards(EnhancedWebhookSignatureGuard)
  @ApiOperation({ summary: "WHMCS webhook endpoint" })
  @ApiResponse({ status: 200, description: "Webhook processed successfully" })
  @ApiResponse({ status: 400, description: "Invalid webhook data" })
  @ApiResponse({ status: 401, description: "Invalid signature" })
  @ApiHeader({ name: "X-WHMCS-Signature", description: "WHMCS webhook signature" })
  handleWhmcsWebhook(@Body() payload: unknown, @Headers("x-whmcs-signature") signature: string) {
    try {
      this.webhooksService.processWhmcsWebhook(payload, signature);
      return { success: true, message: "Webhook processed successfully" };
    } catch {
      throw new BadRequestException("Failed to process webhook");
    }
  }

  @Post("salesforce")
  @HttpCode(HttpStatus.OK)
  @UseGuards(EnhancedWebhookSignatureGuard)
  @ApiOperation({ summary: "Salesforce webhook endpoint" })
  @ApiResponse({ status: 200, description: "Webhook processed successfully" })
  @ApiResponse({ status: 400, description: "Invalid webhook data" })
  @ApiResponse({ status: 401, description: "Invalid signature" })
  @ApiHeader({ name: "X-SF-Signature", description: "Salesforce webhook signature" })
  handleSalesforceWebhook(@Body() payload: unknown, @Headers("x-sf-signature") signature: string) {
    try {
      this.webhooksService.processSalesforceWebhook(payload, signature);
      return { success: true, message: "Webhook processed successfully" };
    } catch {
      throw new BadRequestException("Failed to process webhook");
    }
  }
}
clean up 2025-08-22 17:02:49 +09:00			`import {`
			`Controller,`
			`Post,`
			`Body,`
			`Headers,`
			`UseGuards,`
			`HttpCode,`
			`HttpStatus,`
			`BadRequestException,`
			`} from "@nestjs/common";`
structure changes 2025-08-21 15:24:40 +09:00			`import { WebhooksService } from "./webhooks.service";`
clean up 2025-08-22 17:02:49 +09:00			`import { ApiTags, ApiOperation, ApiResponse, ApiHeader } from "@nestjs/swagger";`
			`import { ThrottlerGuard } from "@nestjs/throttler";`
Enhance Salesforce order fulfillment process and security measures - Updated PLESK_DEPLOYMENT.md to include new Salesforce credentials and webhook security configurations. - Refactored order fulfillment controller to streamline the process and improve readability. - Introduced EnhancedWebhookSignatureGuard for improved HMAC signature validation and nonce management. - Updated various documentation files to reflect changes in endpoint naming from `/provision` to `/fulfill` for clarity and consistency. - Enhanced Redis integration for nonce storage to prevent replay attacks. - Removed deprecated WebhookSignatureGuard in favor of the new enhanced guard. 2025-09-04 14:17:54 +09:00			`import { EnhancedWebhookSignatureGuard } from "./guards/enhanced-webhook-signature.guard";`
catalog page consistency fix 2025-08-28 16:57:57 +09:00			`import { Public } from "../auth/decorators/public.decorator";`
Initial Customer Portal setup - production ready 2025-08-20 18:02:50 +09:00
structure changes 2025-08-21 15:24:40 +09:00			`@ApiTags("webhooks")`
			`@Controller("webhooks")`
catalog page consistency fix 2025-08-28 16:57:57 +09:00			`@Public() // Webhooks use signature-based authentication, not JWT`
clean up 2025-08-22 17:02:49 +09:00			`@UseGuards(ThrottlerGuard) // Rate limit webhook endpoints`
Initial Customer Portal setup - production ready 2025-08-20 18:02:50 +09:00			`export class WebhooksController {`
			`constructor(private webhooksService: WebhooksService) {}`

clean up 2025-08-22 17:02:49 +09:00			`@Post("whmcs")`
			`@HttpCode(HttpStatus.OK)`
Enhance Salesforce order fulfillment process and security measures - Updated PLESK_DEPLOYMENT.md to include new Salesforce credentials and webhook security configurations. - Refactored order fulfillment controller to streamline the process and improve readability. - Introduced EnhancedWebhookSignatureGuard for improved HMAC signature validation and nonce management. - Updated various documentation files to reflect changes in endpoint naming from `/provision` to `/fulfill` for clarity and consistency. - Enhanced Redis integration for nonce storage to prevent replay attacks. - Removed deprecated WebhookSignatureGuard in favor of the new enhanced guard. 2025-09-04 14:17:54 +09:00			`@UseGuards(EnhancedWebhookSignatureGuard)`
clean up 2025-08-22 17:02:49 +09:00			`@ApiOperation({ summary: "WHMCS webhook endpoint" })`
			`@ApiResponse({ status: 200, description: "Webhook processed successfully" })`
			`@ApiResponse({ status: 400, description: "Invalid webhook data" })`
			`@ApiResponse({ status: 401, description: "Invalid signature" })`
			`@ApiHeader({ name: "X-WHMCS-Signature", description: "WHMCS webhook signature" })`
Add email functionality and update environment configurations - Introduced email configuration for both development and production environments in `.env.dev.example` and `.env.production.example`. - Added SendGrid API key and email settings to support password reset and welcome emails. - Implemented password reset and request password reset endpoints in the AuthController. - Enhanced signup form to include additional fields such as Customer Number, address, nationality, date of birth, and gender. - Updated various services and controllers to integrate email functionality and handle new user data. - Refactored logging and error handling for improved clarity and maintainability. - Adjusted Docker configuration for production deployment. 2025-08-23 17:24:37 +09:00			`handleWhmcsWebhook(@Body() payload: unknown, @Headers("x-whmcs-signature") signature: string) {`
clean up 2025-08-22 17:02:49 +09:00			`try {`
Add email functionality and update environment configurations - Introduced email configuration for both development and production environments in `.env.dev.example` and `.env.production.example`. - Added SendGrid API key and email settings to support password reset and welcome emails. - Implemented password reset and request password reset endpoints in the AuthController. - Enhanced signup form to include additional fields such as Customer Number, address, nationality, date of birth, and gender. - Updated various services and controllers to integrate email functionality and handle new user data. - Refactored logging and error handling for improved clarity and maintainability. - Adjusted Docker configuration for production deployment. 2025-08-23 17:24:37 +09:00			`this.webhooksService.processWhmcsWebhook(payload, signature);`
clean up 2025-08-22 17:02:49 +09:00			`return { success: true, message: "Webhook processed successfully" };`
			`} catch {`
			`throw new BadRequestException("Failed to process webhook");`
			`}`
			`}`

			`@Post("salesforce")`
			`@HttpCode(HttpStatus.OK)`
Enhance Salesforce order fulfillment process and security measures - Updated PLESK_DEPLOYMENT.md to include new Salesforce credentials and webhook security configurations. - Refactored order fulfillment controller to streamline the process and improve readability. - Introduced EnhancedWebhookSignatureGuard for improved HMAC signature validation and nonce management. - Updated various documentation files to reflect changes in endpoint naming from `/provision` to `/fulfill` for clarity and consistency. - Enhanced Redis integration for nonce storage to prevent replay attacks. - Removed deprecated WebhookSignatureGuard in favor of the new enhanced guard. 2025-09-04 14:17:54 +09:00			`@UseGuards(EnhancedWebhookSignatureGuard)`
clean up 2025-08-22 17:02:49 +09:00			`@ApiOperation({ summary: "Salesforce webhook endpoint" })`
			`@ApiResponse({ status: 200, description: "Webhook processed successfully" })`
			`@ApiResponse({ status: 400, description: "Invalid webhook data" })`
			`@ApiResponse({ status: 401, description: "Invalid signature" })`
			`@ApiHeader({ name: "X-SF-Signature", description: "Salesforce webhook signature" })`
Add email functionality and update environment configurations - Introduced email configuration for both development and production environments in `.env.dev.example` and `.env.production.example`. - Added SendGrid API key and email settings to support password reset and welcome emails. - Implemented password reset and request password reset endpoints in the AuthController. - Enhanced signup form to include additional fields such as Customer Number, address, nationality, date of birth, and gender. - Updated various services and controllers to integrate email functionality and handle new user data. - Refactored logging and error handling for improved clarity and maintainability. - Adjusted Docker configuration for production deployment. 2025-08-23 17:24:37 +09:00			`handleSalesforceWebhook(@Body() payload: unknown, @Headers("x-sf-signature") signature: string) {`
clean up 2025-08-22 17:02:49 +09:00			`try {`
Add email functionality and update environment configurations - Introduced email configuration for both development and production environments in `.env.dev.example` and `.env.production.example`. - Added SendGrid API key and email settings to support password reset and welcome emails. - Implemented password reset and request password reset endpoints in the AuthController. - Enhanced signup form to include additional fields such as Customer Number, address, nationality, date of birth, and gender. - Updated various services and controllers to integrate email functionality and handle new user data. - Refactored logging and error handling for improved clarity and maintainability. - Adjusted Docker configuration for production deployment. 2025-08-23 17:24:37 +09:00			`this.webhooksService.processSalesforceWebhook(payload, signature);`
clean up 2025-08-22 17:02:49 +09:00			`return { success: true, message: "Webhook processed successfully" };`
			`} catch {`
			`throw new BadRequestException("Failed to process webhook");`
			`}`
			`}`
Initial Customer Portal setup - production ready 2025-08-20 18:02:50 +09:00			`}`