examples.sh


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162

#!/bin/bash

# Example usage of posthook API

BASE_URL="${BASE_URL:-http://localhost:9000}"

echo "=== Posthook Examples ==="
echo

# 1. Register a simple JSON webhook
echo "1. Registering a simple JSON webhook..."
curl -X POST "$BASE_URL/admin/routes" \
  -H "Content-Type: application/json" \
  -d '{
    "name": "simple-webhook",
    "contentType": "json",
    "hcaptchaProtected": false
  }'
echo
echo

# 2. Register a form webhook
echo "2. Registering a form webhook..."
curl -X POST "$BASE_URL/admin/routes" \
  -H "Content-Type: application/json" \
  -d '{
    "name": "form-webhook",
    "contentType": "form",
    "hcaptchaProtected": false
  }'
echo
echo

# 3. Register an hCaptcha-protected webhook
echo "3. Registering an hCaptcha-protected webhook..."
curl -X POST "$BASE_URL/admin/routes" \
  -H "Content-Type: application/json" \
  -d '{
    "name": "protected-webhook",
    "contentType": "json",
    "hcaptchaProtected": true,
    "hcaptchaSecret": "0x0000000000000000000000000000000000000000"
  }'
echo
echo

# 3b. Register a webhook with ntfy notifications
echo "3b. Registering a webhook with ntfy notifications..."
curl -X POST "$BASE_URL/admin/routes" \
  -H "Content-Type: application/json" \
  -d '{
    "name": "ntfy-webhook",
    "contentType": "json",
    "hcaptchaProtected": false,
    "ntfy": {
      "enabled": true,
      "server": "https://ntfy.sh",
      "topic": "posthook-demo-alerts"
    }
  }'
echo
echo

# 3c. Register a CSRF token-protected form
echo "3c. Registering a CSRF token-protected form..."
curl -X POST "$BASE_URL/admin/routes" \
  -H "Content-Type: application/json" \
  -d '{
    "name": "secure-form",
    "contentType": "form",
    "hcaptchaProtected": false,
    "requireToken": true
  }'
echo
echo

# 4. List all routes
echo "4. Listing all routes..."
curl -X GET "$BASE_URL/admin/routes"
echo
echo

# 5. Send a test webhook to simple-webhook
echo "5. Sending test data to simple-webhook..."
curl -X POST "$BASE_URL/hook/simple-webhook" \
  -H "Content-Type: application/json" \
  -d '{
    "event": "test",
    "data": {
      "foo": "bar",
      "timestamp": 1234567890
    }
  }'
echo
echo

# 6. Send a form webhook
echo "6. Sending form data to form-webhook..."
curl -X POST "$BASE_URL/hook/form-webhook" \
  -H "Content-Type: application/x-www-form-urlencoded" \
  -d "name=John&email=john@example.com&message=Hello+World"
echo
echo

# 6b. Send a webhook to ntfy-enabled route (will trigger notification)
echo "6b. Sending webhook to ntfy-webhook (check https://ntfy.sh/posthook-demo-alerts)..."
curl -X POST "$BASE_URL/hook/ntfy-webhook" \
  -H "Content-Type: application/json" \
  -d '{
    "event": "test-notification",
    "message": "This should trigger an ntfy alert"
  }'
echo
echo

# 6c. Send a form with redirect (should return 303 redirect)
echo "6c. Sending form with _redirect (should return 303 redirect)..."
curl -v -X POST "$BASE_URL/hook/form-webhook" \
  -H "Content-Type: application/x-www-form-urlencoded" \
  -d "name=Jane&email=jane@example.com&message=Testing+redirect&_redirect=https://example.com/thank-you"
echo
echo

# 6d. Get CSRF token for secure-form
echo "6d. Getting CSRF token for secure-form..."
TOKEN_RESPONSE=$(curl -s -X GET "$BASE_URL/hook/secure-form/token")
TOKEN=$(echo $TOKEN_RESPONSE | jq -r '.ok.token')
echo "Token: $TOKEN"
echo
echo

# 6e. Send form with CSRF token
echo "6e. Sending form with CSRF token..."
curl -X POST "$BASE_URL/hook/secure-form" \
  -H "Content-Type: application/x-www-form-urlencoded" \
  -d "name=Secure&email=secure@example.com&message=With+token&_token=$TOKEN"
echo
echo

# 6f. Try sending without token (should fail with 400)
echo "6f. Trying to send without token (should fail)..."
curl -X POST "$BASE_URL/hook/secure-form" \
  -H "Content-Type: application/x-www-form-urlencoded" \
  -d "name=Insecure&email=insecure@example.com&message=No+token"
echo
echo

# 7. Test 404 on non-existent route
echo "7. Testing 404 on non-existent route..."
curl -X POST "$BASE_URL/hook/does-not-exist" \
  -H "Content-Type: application/json" \
  -d '{"test": true}'
echo
echo

# 8. Health check
echo "8. Health check..."
curl -X GET "$BASE_URL/health"
echo
echo

echo "=== Examples complete ==="