From 8ed18ab76ec72bf42a922783bc545726a7ee0f30 Mon Sep 17 00:00:00 2001
From: tsoganov <sergei.tsoganov@ut.ee>
Date: Thu, 10 Oct 2024 10:37:11 +0300
Subject: [PATCH] Skipped authenticity token for webhook controller

---
 .../eeid/webhooks/identification_requests_controller.rb        | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/app/controllers/eeid/webhooks/identification_requests_controller.rb b/app/controllers/eeid/webhooks/identification_requests_controller.rb
index 0eb45c4e1..346cd03c1 100644
--- a/app/controllers/eeid/webhooks/identification_requests_controller.rb
+++ b/app/controllers/eeid/webhooks/identification_requests_controller.rb
@@ -4,13 +4,14 @@ module Eeid
   module Webhooks
     # Controller for handling eeID identification requests webhook
     class IdentificationRequestsController < ActionController::Base
+      skip_before_action :verify_authenticity_token
+
       THROTTLED_ACTIONS = %i[create].freeze
       include Shunter::Integration::Throttle
 
       rescue_from Shunter::ThrottleError, with: :handle_throttle_error
 
       # POST /eeid/webhooks/identification_requests
-
       def create
         return render_unauthorized unless ip_whitelisted?
         return render_invalid_signature unless valid_hmac_signature?(request.headers['X-HMAC-Signature'])