kemitix/git-next
1
1
Fork 1
Code Issues 14 Pull requests 1 Projects 1 Releases 41 Packages Wiki Activity Actions

feat(server): display expected auth in logs in invalid request
All checks were successful
Rust / build (push) Successful in 1m43s
Details
ci/woodpecker/push/push-next Pipeline was successful
Details
ci/woodpecker/push/cron-docker-builder Pipeline was successful
Details
ci/woodpecker/push/tag-created Pipeline was successful
Details

Browse source
This commit is contained in:
Paul Campbell 2024-05-19 18:20:54 +01:00
parent 4977619c70
commit c6c8dcedc5
1 changed files with 16 additions and 5 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

21
crates/server/src/actors/repo/webhook.rs
View file

@ -20,7 +20,7 @@ use crate::{
)] )]
pub struct WebhookId(String); pub struct WebhookId(String);
#[derive(Clone, Debug, PartialEq, Eq, derive_more::Deref)] #[derive(Clone, Debug, PartialEq, Eq, derive_more::Deref, derive_more::Display)]
pub struct WebhookAuth(ulid::Ulid); pub struct WebhookAuth(ulid::Ulid);
impl WebhookAuth { impl WebhookAuth {
pub fn from_str(authorisation: &str) -> Result<Self, DecodeError> { pub fn from_str(authorisation: &str) -> Result<Self, DecodeError> {
@ -33,7 +33,7 @@ impl WebhookAuth {
} }
fn header_value(&self) -> String { fn header_value(&self) -> String {
format!("Basic {}", self.0.to_string()) format!("Basic {}", self)
} }
} }
@ -182,9 +182,20 @@ impl Handler<WebhookMessage> for RepoActor {
#[allow(clippy::cognitive_complexity)] // TODO: (#49) reduce complexity #[allow(clippy::cognitive_complexity)] // TODO: (#49) reduce complexity
#[tracing::instrument(name = "RepoActor::WebhookMessage", skip_all, fields(token = %self.message_token, repo = %self.details))] #[tracing::instrument(name = "RepoActor::WebhookMessage", skip_all, fields(token = %self.message_token, repo = %self.details))]
fn handle(&mut self, msg: WebhookMessage, ctx: &mut Self::Context) -> Self::Result { fn handle(&mut self, msg: WebhookMessage, ctx: &mut Self::Context) -> Self::Result {
if msg.authorisation() != self.webhook_auth { let Some(expected_authorization) = &self.webhook_auth else {
warn!("Invalid authorization"); warn!("Don't know what authorization to expect");
return; // invalid auth return;
};
let Some(received_authorization) = &msg.authorisation() else {
warn!("Missing authorization token");
return;
};
if received_authorization != expected_authorization {
warn!(
"Invalid authorization - expected {}",
expected_authorization
);
return;
} }
let id = msg.id(); let id = msg.id();
let span = tracing::info_span!("handle", %id); let span = tracing::info_span!("handle", %id);