From 9e097482df883318abe90b6a44b2b626945ebed9 Mon Sep 17 00:00:00 2001
From: content-bot <55035720+content-bot@users.noreply.github.com>
Date: Wed, 21 Jun 2023 08:22:00 +0300
Subject: [PATCH] Generic Webhook enhancements (#27478) (#27596)

* Added request header information to the rawJSON output.
Restructures the rawJSON output to include header and body details.

* Updated Release notes and pack_metadata.json

* Updated Release notes.

* Updated Release notes.

* Updated Release notes. Updated docker version.

* Adjusted raw_json output.
Aligned README.md and release note.

* Updated Docker Image

* Update Packs/GenericWebhook/ReleaseNotes/1_0_25.md



* Remove Authorization header details.

* Updated Known_Words in .pack-ignore

* Fixed header_name

* fixed secret_header

---------

Co-authored-by: Martin Ohl <Martin.Ohl@ohl-net.eu>
Co-authored-by: michal-dagan <109464765+michal-dagan@users.noreply.github.com>
---
 Packs/GenericWebhook/.pack-ignore                    |  3 +++
 .../Integrations/GenericWebhook/GenericWebhook.py    | 12 ++++++++++--
 .../Integrations/GenericWebhook/GenericWebhook.yml   |  2 +-
 .../Integrations/GenericWebhook/README.md            | 12 ++++++------
 Packs/GenericWebhook/ReleaseNotes/1_0_25.md          |  6 ++++++
 Packs/GenericWebhook/pack_metadata.json              |  2 +-
 6 files changed, 27 insertions(+), 10 deletions(-)
 create mode 100644 Packs/GenericWebhook/ReleaseNotes/1_0_25.md

diff --git a/Packs/GenericWebhook/.pack-ignore b/Packs/GenericWebhook/.pack-ignore
index 30a6fcf37ada..a85082f3bec4 100644
--- a/Packs/GenericWebhook/.pack-ignore
+++ b/Packs/GenericWebhook/.pack-ignore
@@ -1,3 +1,6 @@
 [file:GenericWebhook.yml]
 ignore=BA124
 
+[known_words]
+Webhook
+rawJSON
\ No newline at end of file
diff --git a/Packs/GenericWebhook/Integrations/GenericWebhook/GenericWebhook.py b/Packs/GenericWebhook/Integrations/GenericWebhook/GenericWebhook.py
index c16a9ae75903..c0412eeab790 100644
--- a/Packs/GenericWebhook/Integrations/GenericWebhook/GenericWebhook.py
+++ b/Packs/GenericWebhook/Integrations/GenericWebhook/GenericWebhook.py
@@ -1,3 +1,4 @@
+import json
 from collections import deque
 from copy import copy
 from secrets import compare_digest
@@ -56,11 +57,14 @@ async def handle_post(
         credentials: HTTPBasicCredentials = Depends(basic_auth),
         token: APIKey = Depends(token_auth)
 ):
+    header_name = None
+    request_headers = dict(request.headers)
+
     credentials_param = demisto.params().get('credentials')
+
     if credentials_param and (username := credentials_param.get('identifier')):
         password = credentials_param.get('password', '')
         auth_failed = False
-        header_name = None
         if username.startswith('_header'):
             header_name = username.split(':')[1]
             token_auth.model.name = header_name
@@ -70,14 +74,18 @@ async def handle_post(
                                    and compare_digest(credentials.password, password))):
             auth_failed = True
         if auth_failed:
-            request_headers = dict(request.headers)
             secret_header = (header_name or 'Authorization').lower()
             if secret_header in request_headers:
                 request_headers[secret_header] = '***'
             demisto.debug(f'Authorization failed - request headers {request_headers}')
             return Response(status_code=status.HTTP_401_UNAUTHORIZED, content='Authorization failed.')
 
+    secret_header = (header_name or 'Authorization').lower()
+    request_headers.pop(secret_header, None)
+
     raw_json = incident.raw_json or await request.json()
+    raw_json['headers'] = request_headers
+
     incident = {
         'name': incident.name or 'Generic webhook triggered incident',
         'type': incident.type or demisto.params().get('incidentType'),
diff --git a/Packs/GenericWebhook/Integrations/GenericWebhook/GenericWebhook.yml b/Packs/GenericWebhook/Integrations/GenericWebhook/GenericWebhook.yml
index b7adea6e3236..613f7147e34a 100644
--- a/Packs/GenericWebhook/Integrations/GenericWebhook/GenericWebhook.yml
+++ b/Packs/GenericWebhook/Integrations/GenericWebhook/GenericWebhook.yml
@@ -56,7 +56,7 @@ display: Generic Webhook
 name: Generic Webhook
 script:
   commands: []
-  dockerimage: demisto/fastapi:1.0.0.43666
+  dockerimage: demisto/fastapi:1.0.0.63688
   feed: false
   isfetch: false
   longRunning: true
diff --git a/Packs/GenericWebhook/Integrations/GenericWebhook/README.md b/Packs/GenericWebhook/Integrations/GenericWebhook/README.md
index f09444f9415c..a83d791c59d2 100644
--- a/Packs/GenericWebhook/Integrations/GenericWebhook/README.md
+++ b/Packs/GenericWebhook/Integrations/GenericWebhook/README.md
@@ -31,12 +31,12 @@ The examples below assume you invoke the integration via the server HTTPS endpoi
 ## Usage
 The Generic Webhook integration accepts POST HTTP queries, with the following optional fields in the request body:
 
-| **Field** | **Type** | **Description** |
-| --- | --- | --- |
-| name | string | Name of the incident to be created. |
-| type | string | Type of the incident to be created. If not provided, the value of the integration parameter ***Incident type*** will be used.  |
-| occurred | string | Date the incident occurred in ISO-8601 format. If not provided, the trigger time will be used. |
-| raw_json | object | Details of the incident to be created. For example, `{"field1":"value1","field2":"value2"}` |
+| **Field** | **Type** | **Description**                                                                                                                                                                   |
+| --- | --- |-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
+| name | string | Name of the incident to be created.                                                                                                                                               |
+| type | string | Type of the incident to be created. If not provided, the value of the integration parameter ***Incident type*** will be used.                                                     |
+| occurred | string | Date the incident occurred in ISO-8601 format. If not provided, the trigger time will be used.                                                                                    |
+| raw_json | object | Details of the incident to be created. Headers can be found in a seperate key. For example, `{"field1":"value1","field2":"value2","headers": {"header_field3": "header_value3"}}` |
 
 For example, the following triggers the webhook using cURL:
 
diff --git a/Packs/GenericWebhook/ReleaseNotes/1_0_25.md b/Packs/GenericWebhook/ReleaseNotes/1_0_25.md
new file mode 100644
index 000000000000..c1bbe38a839b
--- /dev/null
+++ b/Packs/GenericWebhook/ReleaseNotes/1_0_25.md
@@ -0,0 +1,6 @@
+#### Integrations
+
+##### Generic Webhook
+
+- Updated the output to include a separate key for the request headers inside the rawJSON field.
+- Updated the Docker image to: *demisto/fastapi:1.0.0.63688*.
diff --git a/Packs/GenericWebhook/pack_metadata.json b/Packs/GenericWebhook/pack_metadata.json
index b934af0cfd34..150e8349eab7 100644
--- a/Packs/GenericWebhook/pack_metadata.json
+++ b/Packs/GenericWebhook/pack_metadata.json
@@ -2,7 +2,7 @@
     "name": "Generic Webhook",
     "description": "The Generic Webhook integration is used to create incidents on event triggers.",
     "support": "xsoar",
-    "currentVersion": "1.0.24",
+    "currentVersion": "1.0.25",
     "author": "Cortex XSOAR",
     "url": "https://www.paloaltonetworks.com/cortex",
     "email": "",