From 7a445eb489dc66c984bcd040074ff495ede230a1 Mon Sep 17 00:00:00 2001
From: Thomas <thomas-@users.noreply.github.com>
Date: Tue, 1 Feb 2022 11:53:28 +0100
Subject: [PATCH] Add dropbox webhook signature verification and decaf cleanup
 (#6352)

* Decaf: move functions to top level, removing unused vars

* Decaf: fix camelcase identifiers

* Decaf: remove unnecessary code created because of implicit returns

* Decaf: remove next() fallback callbacks

* Decaf: shorten null checks, remove decaf/eslint comments

* Add signature verification for Dropbox webhook

* Add overleaf dropbox app secret to web (staging+prod)

* Add simple acceptance test for dropbox webhook events processing

* Add method for modules to register app middleware prior to bodyParser call, move rawBody middleware to Dropbox module

GitOrigin-RevId: 736f489e2eb5906f7b202c1049c4ce143deea74e
---
 services/web/app/src/infrastructure/Modules.js | 9 +++++++++
 services/web/app/src/infrastructure/Server.js  | 1 +
 2 files changed, 10 insertions(+)

diff --git a/services/web/app/src/infrastructure/Modules.js b/services/web/app/src/infrastructure/Modules.js
index 43a81a0590..0157a4b852 100644
--- a/services/web/app/src/infrastructure/Modules.js
+++ b/services/web/app/src/infrastructure/Modules.js
@@ -81,6 +81,14 @@ function loadViewIncludes(app) {
   }
 }
 
+function registerAppMiddleware(app) {
+  for (const module of _modules) {
+    if (module.appMiddleware) {
+      module.appMiddleware(app)
+    }
+  }
+}
+
 function moduleIncludes(view, locals) {
   const compiledPartials = _viewIncludes[view] || []
   let html = ''
@@ -144,6 +152,7 @@ module.exports = {
   loadViewIncludes,
   moduleIncludes,
   moduleIncludesAvailable,
+  registerAppMiddleware,
   hooks: {
     attach: attachHook,
     fire: fireHook,
diff --git a/services/web/app/src/infrastructure/Server.js b/services/web/app/src/infrastructure/Server.js
index 61ba7cf355..bf814d0d9f 100644
--- a/services/web/app/src/infrastructure/Server.js
+++ b/services/web/app/src/infrastructure/Server.js
@@ -132,6 +132,7 @@ app.set('views', Path.join(__dirname, '/../../views'))
 app.set('view engine', 'pug')
 Modules.loadViewIncludes(app)
 
+Modules.registerAppMiddleware(app)
 app.use(bodyParser.urlencoded({ extended: true, limit: '2mb' }))
 app.use(bodyParser.json({ limit: Settings.max_json_request_size }))
 app.use(methodOverride())