Add checks for supported content types

proxy/callback.functions.php

@@ -33,6 +33,9 @@ function civiproxy_callback_validate_body_xwwwformurlencoded($expected, $actual)
   //TODO
 }
 
+// For now, I have written this 'placeholder' method to pass on post requests.
+// Sparkpost says that it works OK. Might be a good idea to refactor/improve
+// civiproxy_redirect() instead/as well.
 function civiproxy_callback_redirect($target_path, $method) {
   switch ($method) {
     case 'POST':

proxy/callback.php

@@ -43,6 +43,7 @@ if(!isset($query_params['secret']) || $definition['secret'] !== $query_params['s
   civiproxy_http_error("Invalid secret", 403);
 }
 
+// Check this is a supported request method
 if(!in_array($_SERVER['REQUEST_METHOD'], ['POST'])){
   civiproxy_http_error("Unsupported request method", 501);
 }
@@ -52,6 +53,11 @@ if(isset($definition['request_method'])){
   civiproxy_callback_validate_request_method($definition['request_method'], $_SERVER['REQUEST_METHOD']);
 }
 
+// Check this is a supported content type
+if(!in_array($_SERVER['CONTENT_TYPE'], ['application/json', 'application/x-www-form-urlencoded'])){
+  civiproxy_http_error("Unsupported content type", 501);
+}
+
 // If a content type has been defined, validate it
 if(isset($definition['content_type'])){
   civiproxy_callback_validate_content_type($definition['content_type'], $_SERVER['CONTENT_TYPE']);
@@ -63,7 +69,4 @@ if(isset($validator['body'])){
 }
 
 // We have passed all the validators, forward the request
-
-// TODO for now, I have written my own method to pass on post requests. Would be
-// better to refactor / improve civiproxy_redirect()
 civiproxy_callback_redirect($definition['target_path'], $_SERVER['REQUEST_METHOD']);

proxy/config.php

@@ -124,6 +124,7 @@ $callbacks = [
   'sparkpost' => [
     // 'secret' => '',
     'request_method' => 'POST',
+    'content_type' => 'application/json',
     'target_path' => 'civicrm/sparkpost/callback'
   ]
 ];