Skip to content

Instantly share code, notes, and snippets.

Created December 28, 2022 11:27
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
Star You must be signed in to star a gist
What would you like to do?
Netbox Webhook Listener written with APIFlask
import hmac
from apiflask import APIFlask
import logging
from flask import request
from apiflask import Schema, abort
from apiflask.fields import String, Dict, DateTime, UUID
APP_NAME = "netbox-webhook-listener"
class WebhookResponse(Schema):
result = String()
class WebhookData(Schema):
username = String()
data = Dict()
event = String()
timestamp = DateTime()
model = String()
request_id = UUID()
snapshots = Dict()
app = APIFlask(__name__, title="Netbox Webhook Listener", version="1.0")
logger = logging.getLogger(APP_NAME)
formatter = logging.Formatter("%(asctime)s %(name)s %(levelname)s: %(message)s")
file_logging = logging.FileHandler(f"{APP_NAME}.log")
def do_something(data):"WebhookData received:")"Raw data: {data}")"Request ID: {data['request_id']}")"Username: {data['username']}")"Event: {data['event']}")"Timestamp: {data['timestamp']}")"Model: {data['model']}")"Data: {data['data']}")"URL in data: {data['data']['url']}")'/webhook')
def webhook(data):
x_hook_signature = request.headers.get('X-Hook-Signature', None)
content_length = int(request.headers.get('Content-Length', 0))
if content_length > 1_000_000:
# To prevent memory allocation attacks
logger.error(f"Content too long ({content_length})")
abort(400, "Content too long")
if x_hook_signature:
# Check signature
raw_input =
input_hmac =, msg=raw_input, digestmod="sha512")
if not hmac.compare_digest(input_hmac.hexdigest(), x_hook_signature):
logger.error("Invalid message signature")
abort(400, "Invalid message signature")"Message signature checked ok")
logger.error("No message signature to check")
abort(400, "No message signature to check")
# Do something here
return {"result": "ok"}
if __name__ == "__main__":"", 7000)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment