Webhooks are a simple way to glue disparate web services together using standing HTTP protocols in an easy to build for way.

I’d just like to introduce a very simple plugin that will add simple webhook functionality to your known site, allowing the administrator and individual site users to configure a URL that will be pinged whenever a user notification is sent (for example by a comment being received).

I use this to do some back end data analysis stuff on a couple of servers, so hopefully this will be useful to you!

» Visit the project on Github...

For many reasons, not least of which their decision to appoint a surveillance loving war criminal to their board of directors, I’ve been steadily migrating away from Dropbox.

Thankfully, there is a drop-in replacement for much of it, providing you run your own server. So, I’ve got a syncing file store/backup running across my devices, which can be accessed while I’m on the go as well.

However, one of the things I do use dropbox for (which is not terribly important in the grand scheme of things, but which I find quite useful) is, via the use of an IFTTT rule, to take a copy of any photos I’m tagged in on Facebook, so that I can see them (and to break them out of the silo) without actually having to go onto Facebook. This is possible using dropbox, owing to it being a centralised service, but obviously isn’t possible using your own server.

Webhooks to the rescue!

So a little while ago I put together a hack that used IFTTT’s wordpress channel to add a pluggable webhooks interface to IFTTT.

Since this tool supports plugins, I was therefore able to write a simple Facebook adapter which, when triggered would extract the image URL from the push message and then simply download it.

Since my owncloud install was on the same server, all I had to do was output this file to the appropriate owncloud data directory and any files retrieved are automatically synced to your client devices. You can of course opt to write to any directory, and not use owncloud at all, but since I wanted a like for like replacement for IFTTT+Dropbox I went for owncloud server storage!

Here’s the facebookphoto.php plugin code:

Simple, and obviously you could extend this to do other things with it.

Place the code in your plugins directory, and create a new recipe on ifttt triggering your plugin whenever you’re tagged on Facebook, remembering to pass plugin:FacebookPhoto as your category.

» Visit the Ifttt webhook project on github...

WebHookWebmention, as well as the legacy Pingback, provide a way of notifying a third party site that you have made some reference to something on their site. So, for example if I reference somebody elses blogpost in mine, that blog will be notified and my reference may appear as a comment on the post (unless they’re blogging on a passive aggressive silo like Google+ or Facebook, or their blog uses Disqus, which is, in many ways I won’t go into now, the suck).

Pingbacks, and increasingly Webmention, are supported by most major web frameworks and blogging platforms, but adding them to a home rolled platform can be a little bit of a faff, especially if these platforms are build on static HTML.

So, inspired by Pingback.me written by Aaron Parecki, I wrote a bit of middleware that can be installed on a web server with minimal fuss, and can provide pingback/webmention services to other sites.

The reason I didn’t use Pingback.me was that I needed something quickly, I had reasons why I didn’t want to install an entire Ruby stack, and I needed the webhook functionality for a couple of projects (including some funky node.js dataset regeneration to tackle some scalability challenges, but that’s a different story).

Setup

One of the main requirements for pingback2hook was ease of setup, which I hope I’ve achieved.

  1. Start by checking out the source code from the github repo here, and place this on your web server.
  2. You’ll need to have PHP 5.3 running with mod-rewrite, and also CouchDB (to store pings), which on Debian systems, should be a fairly straightforward setup.

    apt-get install apache2 libapache2-mod-php5 couchdb; a2enmod rewrite

  3. If you’re running pingback2hook on its own subdomain, you should be up and running, but if you’re installing to a subdirectory of your site you’ll need to modify the RewriteBase in .htaccess.

Enabling pingback and webmentions on your site

Once you’ve got the software up and running somewhere, you can then start enabling pingback support in your sites. This is a two step process:

  1. On the pingback2hook server, define an endpoint for your site in a .ini file. This file will define the endpoint label, a secret key for communicating with the API, and zero or more webhook endpoints to ping. E.g.

    [mysite]
    secret = "flkjlskjefsliduji4es4iutsiud"

    ; Zero or more webhook endpoints
    webhooks[] = "http://updates.mysite.com"
    webhooks[] = "http://data.mysite.com"

  2. On your website, declare the necessary hooks in your metadata, either by headers:

    // Webmention
    header('Link: <http://pingback2hook.myserver.com/webmention/myendpoint/>; rel="http://webmention.org/"');

    // Pingback
    header('X-Pingback: http://pingback2hook.myserver.com/pingback/myendpoint/xmlrpc');

    And/or in the header metadata…

Once set up, you will get an entry in the database for every pingback or webmention a given permalink receives. If you’ve defined some webhooks, these will be pinged in turn with the JSON content of the ping.

Viewing your pingbacks

To view your pingbacks you can either make a direct query of the couch database (default: pingback2hook), or make use of the API.

Currently, you can query the API via its endpoint at https://pingback2hook.myserver.com/api/myendpoint/command.format, passing any required parameters on the GET line.

At the time of writing only one command is supported, but I’ll add more as I have need to:

Command Parameters Details
latest.json|jsonp target_url, limit (optional), offset (optional) Retrieve the latest pings or webmentions for a given permalink url.

To make the query, you need to authenticate yourself. This is done very simply by passing the ‘secret’ for the endpoint in your request header as X-PINGBACK2HOOK-SECRET: mysecret. This is very basic security, and your code is being sent in the clear, so it goes without saying that you should ONLY make queries to the API via HTTPS!

Have a play, and let me know what you think!

» Visit the project on Github…