fix signing

Author: julianbenegas

.changeset/mean-waves-study.md

@@ -0,0 +1,5 @@
+---
+"basehub": patch
+---
+
+fix

.changeset/pre.json

@@ -29,6 +29,7 @@
     "lucky-eyes-ring",
     "many-cherries-sleep",
     "mean-panthers-give",
+    "mean-waves-study",
     "modern-tools-repeat",
     "nasty-bananas-ring",
     "nasty-insects-teach",
@@ -40,6 +41,7 @@
     "perfect-cougars-shout",
     "popular-pots-help",
     "quick-experts-complain",
+    "selfish-ligers-roll",
     "shaggy-months-talk",
     "short-spiders-taste",
     "six-sheep-dress",

.changeset/selfish-ligers-roll.md

@@ -0,0 +1,5 @@
+---
+"basehub": patch
+---
+
+fix secret parsing

packages/basehub/CHANGELOG.md

@@ -1,5 +1,17 @@
 # basehub
 
+## 8.0.0-canary.45
+
+### Patch Changes
+
+- fix secret parsing
+
+## 8.0.0-canary.44
+
+### Patch Changes
+
+- fix
+
 ## 8.0.0-canary.43
 
 ### Patch Changes

packages/basehub/package.json

@@ -2,7 +2,7 @@
   "name": "basehub",
   "description": "A very fast Headless CMS.",
   "author": "JB <[email protected]>",
-  "version": "8.0.0-canary.43",
+  "version": "8.0.0-canary.45",
   "license": "MIT",
   "repository": "basehub-ai/basehub",
   "bugs": "https://github.com/basehub-ai/basehub/issues",

packages/basehub/src/workflows/primitive.tsx

@@ -5,7 +5,6 @@ import {
   // @ts-ignore
   // eslint-disable-next-line import/no-unresolved
 } from "../schema";
-import crypto from "crypto";
 
 /* -------------------------------------------------------------------------------------------------
  * Client
@@ -31,7 +30,7 @@ type WorkflowSchemaMap = {
 export const authenticateWebhook = async <
   Key extends `${WorkflowKeys}:${string}`,
 >({
-  secret,
+  secret: _secret,
   body,
   signature,
 }: {
@@ -65,6 +64,14 @@ export const authenticateWebhook = async <
       return { success: false, error: "Signature is required" };
     }
 
+    let secret: string | undefined = _secret;
+    if (_secret.startsWith("bshb_workflow")) {
+      secret = _secret.split(":")[1];
+    }
+    if (typeof secret !== "string") {
+      return { success: false, error: "Invalid secret" };
+    }
+
     // Handle different body types
     let rawBody: string;
     let parsedBody: unknown;
@@ -131,12 +138,14 @@ export const authenticateWebhook = async <
       payload: parsedBody as WorkflowSchemaMap[ExtractWorkflowKey<Key>],
     };
   } catch (error) {
+    let message =
+      error instanceof Error ? error.message : "Signature verification failed";
+    if (message === "Unexpected end of JSON input") {
+      message = "Invalid body";
+    }
     return {
       success: false,
-      error:
-        error instanceof Error
-          ? error.message
-          : "Signature verification failed",
+      error: message,
     };
   }
 };

playground/CHANGELOG.md

@@ -1,5 +1,19 @@
 # playground
 
+## 0.0.164-canary.45
+
+### Patch Changes
+
+- Updated dependencies
+  - [email protected]
+
+## 0.0.164-canary.44
+
+### Patch Changes
+
+- Updated dependencies
+  - [email protected]
+
 ## 0.0.164-canary.43
 
 ### Patch Changes

playground/package.json

@@ -1,7 +1,7 @@
 {
   "name": "playground",
   "private": true,
-  "version": "0.0.164-canary.43",
+  "version": "0.0.164-canary.45",
   "scripts": {
     "dev": "basehub dev & next dev --port 3003",
     "build": "basehub && next build",