forked from kemitix/git-next
feat(server): display expected auth in logs in invalid request
This commit is contained in:
parent
4977619c70
commit
c6c8dcedc5
1 changed files with 16 additions and 5 deletions
|
@ -20,7 +20,7 @@ use crate::{
|
|||
)]
|
||||
pub struct WebhookId(String);
|
||||
|
||||
#[derive(Clone, Debug, PartialEq, Eq, derive_more::Deref)]
|
||||
#[derive(Clone, Debug, PartialEq, Eq, derive_more::Deref, derive_more::Display)]
|
||||
pub struct WebhookAuth(ulid::Ulid);
|
||||
impl WebhookAuth {
|
||||
pub fn from_str(authorisation: &str) -> Result<Self, DecodeError> {
|
||||
|
@ -33,7 +33,7 @@ impl WebhookAuth {
|
|||
}
|
||||
|
||||
fn header_value(&self) -> String {
|
||||
format!("Basic {}", self.0.to_string())
|
||||
format!("Basic {}", self)
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -182,9 +182,20 @@ impl Handler<WebhookMessage> for RepoActor {
|
|||
#[allow(clippy::cognitive_complexity)] // TODO: (#49) reduce complexity
|
||||
#[tracing::instrument(name = "RepoActor::WebhookMessage", skip_all, fields(token = %self.message_token, repo = %self.details))]
|
||||
fn handle(&mut self, msg: WebhookMessage, ctx: &mut Self::Context) -> Self::Result {
|
||||
if msg.authorisation() != self.webhook_auth {
|
||||
warn!("Invalid authorization");
|
||||
return; // invalid auth
|
||||
let Some(expected_authorization) = &self.webhook_auth else {
|
||||
warn!("Don't know what authorization to expect");
|
||||
return;
|
||||
};
|
||||
let Some(received_authorization) = &msg.authorisation() else {
|
||||
warn!("Missing authorization token");
|
||||
return;
|
||||
};
|
||||
if received_authorization != expected_authorization {
|
||||
warn!(
|
||||
"Invalid authorization - expected {}",
|
||||
expected_authorization
|
||||
);
|
||||
return;
|
||||
}
|
||||
let id = msg.id();
|
||||
let span = tracing::info_span!("handle", %id);
|
||||
|
|
Loading…
Reference in a new issue