From d4835570ad0180e11aed15d476d8541a0f48ee4c Mon Sep 17 00:00:00 2001 From: KelvinTegelaar Date: Tue, 9 Jan 2024 14:03:35 +0100 Subject: [PATCH] deny old webhooks with 403. --- PublicWebhooks/run.ps1 | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/PublicWebhooks/run.ps1 b/PublicWebhooks/run.ps1 index ad13d0546ef7..124f05bd761a 100644 --- a/PublicWebhooks/run.ps1 +++ b/PublicWebhooks/run.ps1 @@ -10,22 +10,23 @@ Write-Host 'Received request' Write-Host "CIPPID: $($request.Query.CIPPID)" $url = ($request.headers.'x-ms-original-url').split('/API') | Select-Object -First 1 Write-Host $url -if ($Request.Query.CIPPID -in $Webhooks.RowKey) { +if ($Request.Query.CIPPID -in $Webhooks.RowKey -and $Webhooks.Resource -ne 'M365AuditLogs') { Write-Host 'Found matching CIPPID' - if ($Request.query.ValidationToken -or $Request.body.validationCode) { Write-Host 'Validation token received' $body = $request.query.ValidationToken } else { Push-OutputBinding -Name QueueWebhook -Value $Request $Body = 'Webhook Recieved' + $StatusCode = [HttpStatusCode]::OK } } else { $body = 'This webhook is not authorized.' + $StatusCode = [HttpStatusCode]::Forbidden } # Associate values to output bindings by calling 'Push-OutputBinding'. Push-OutputBinding -Name Response -Value ([HttpResponseContext]@{ - StatusCode = [HttpStatusCode]::OK + StatusCode = $StatusCode Body = $body })