"use strict"; var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) { if (k2 === undefined) k2 = k; var desc = Object.getOwnPropertyDescriptor(m, k); if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) { desc = { enumerable: true, get: function() { return m[k]; } }; } Object.defineProperty(o, k2, desc); }) : (function(o, m, k, k2) { if (k2 === undefined) k2 = k; o[k2] = m[k]; })); var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) { Object.defineProperty(o, "default", { enumerable: true, value: v }); }) : function(o, v) { o["default"] = v; }); var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) { var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d; if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc); else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r; return c > 3 && r && Object.defineProperty(target, key, r), r; }; var __importStar = (this && this.__importStar) || (function () { var ownKeys = function(o) { ownKeys = Object.getOwnPropertyNames || function (o) { var ar = []; for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k; return ar; }; return ownKeys(o); }; return function (mod) { if (mod && mod.__esModule) return mod; var result = {}; if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]); __setModuleDefault(result, mod); return result; }; })(); var __metadata = (this && this.__metadata) || function (k, v) { if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v); }; var __param = (this && this.__param) || function (paramIndex, decorator) { return function (target, key) { decorator(target, key, paramIndex); } }; var WebhookController_1; Object.defineProperty(exports, "__esModule", { value: true }); exports.WebhookController = void 0; const common_1 = require("@nestjs/common"); const swagger_1 = require("@nestjs/swagger"); const config_1 = require("@nestjs/config"); const crypto = __importStar(require("crypto")); const webhook_service_1 = require("./webhook.service"); const webhook_dto_1 = require("./dto/webhook.dto"); let WebhookController = WebhookController_1 = class WebhookController { constructor(webhookService, configService) { this.webhookService = webhookService; this.configService = configService; this.logger = new common_1.Logger(WebhookController_1.name); } verifyWebhook(mode, token, challenge) { const result = this.webhookService.verifyWebhook(mode, token, challenge); if (result === null) { throw new common_1.ForbiddenException('Webhook verification failed'); } return result; } async handleWebhook(req, payload) { const appSecret = this.configService.get('WHATSAPP_APP_SECRET'); if (appSecret && req.rawBody) { const signature = req.headers['x-hub-signature-256']; if (!this.verifySignature(req.rawBody, signature, appSecret)) { this.logger.warn('Invalid webhook signature'); throw new common_1.ForbiddenException('Invalid signature'); } } this.logger.debug(`Webhook received: ${JSON.stringify(payload)}`); for (const entry of payload.entry) { for (const change of entry.changes) { if (change.field !== 'messages') continue; const value = change.value; const phoneNumberId = value.metadata?.phone_number_id; if (value.messages && value.contacts) { for (let i = 0; i < value.messages.length; i++) { const message = value.messages[i]; const contact = value.contacts[i] || value.contacts[0]; this.webhookService .processIncomingMessage(message, contact, phoneNumberId) .catch((err) => this.logger.error(`Error processing message: ${err.message}`)); } } if (value.statuses) { for (const status of value.statuses) { this.webhookService.processStatusUpdate(status); } } } } return 'OK'; } verifySignature(rawBody, signature, appSecret) { if (!signature) return false; const expectedSignature = crypto .createHmac('sha256', appSecret) .update(rawBody) .digest('hex'); return signature === `sha256=${expectedSignature}`; } }; exports.WebhookController = WebhookController; __decorate([ (0, common_1.Get)('whatsapp'), (0, swagger_1.ApiOperation)({ summary: 'WhatsApp webhook verification' }), (0, swagger_1.ApiQuery)({ name: 'hub.mode', required: true }), (0, swagger_1.ApiQuery)({ name: 'hub.verify_token', required: true }), (0, swagger_1.ApiQuery)({ name: 'hub.challenge', required: true }), (0, swagger_1.ApiResponse)({ status: 200, description: 'Challenge returned' }), (0, swagger_1.ApiResponse)({ status: 403, description: 'Verification failed' }), __param(0, (0, common_1.Query)('hub.mode')), __param(1, (0, common_1.Query)('hub.verify_token')), __param(2, (0, common_1.Query)('hub.challenge')), __metadata("design:type", Function), __metadata("design:paramtypes", [String, String, String]), __metadata("design:returntype", String) ], WebhookController.prototype, "verifyWebhook", null); __decorate([ (0, common_1.Post)('whatsapp'), (0, common_1.HttpCode)(common_1.HttpStatus.OK), (0, swagger_1.ApiOperation)({ summary: 'Receive WhatsApp webhook events' }), (0, swagger_1.ApiResponse)({ status: 200, description: 'Event processed' }), __param(0, (0, common_1.Req)()), __param(1, (0, common_1.Body)()), __metadata("design:type", Function), __metadata("design:paramtypes", [Object, webhook_dto_1.WebhookPayloadDto]), __metadata("design:returntype", Promise) ], WebhookController.prototype, "handleWebhook", null); exports.WebhookController = WebhookController = WebhookController_1 = __decorate([ (0, swagger_1.ApiTags)('webhook'), (0, common_1.Controller)('webhook'), __metadata("design:paramtypes", [webhook_service_1.WebhookService, config_1.ConfigService]) ], WebhookController); //# sourceMappingURL=webhook.controller.js.map