WIP: mock repository

fix(server): invalid webhook authorisations
Parameters had been passed in wrong order. Added strong types to prevent a repeat.
2024-05-21 08:58:45 +01:00 · 2024-05-21 08:58:45 +01:00
25 changed files with 300 additions and 119 deletions
--- a/Cargo.toml
+++ b/Cargo.toml
@ -3,7 +3,7 @@ resolver = "2"
 members = ["crates/cli", "crates/server", "crates/config", "crates/git"]

 [workspace.package]
-version = "0.5.0"
+version = "0.5.1"
 edition = "2021"

 [workspace.lints.clippy]
@ -62,6 +62,7 @@ derive_more = { version = "1.0.0-beta.6", features = [
  "deref",
  "from",
 ] }
+derive-with = "0.5"

 # file watcher
 inotify = "0.10"
--- a/crates/config/Cargo.toml
+++ b/crates/config/Cargo.toml
@ -40,9 +40,10 @@ secrecy = { workspace = true }
 # bytes = { workspace = true }
 # ulid = { workspace = true }
 # warp = { workspace = true }
-#
-# # error handling
+
+# boilerplate
 derive_more = { workspace = true }
+derive-with = { workspace = true }
 #
 # # file watcher
 # inotify = { workspace = true }
--- a/crates/config/src/api_token.rs
+++ b/crates/config/src/api_token.rs
@ -9,3 +9,8 @@ impl secrecy::ExposeSecret<String> for ApiToken {
        self.0.expose_secret()
    }
 }
+impl Default for ApiToken {
+    fn default() -> Self {
+        Self("".to_string().into())
+    }
+}
--- a/crates/config/src/branch_name.rs
+++ b/crates/config/src/branch_name.rs
@ -1,5 +1,5 @@
 /// The name of a Branch
-#[derive(Clone, Debug, Hash, PartialEq, Eq, derive_more::Display)]
+#[derive(Clone, Default, Debug, Hash, PartialEq, Eq, derive_more::Display)]
 pub struct BranchName(String);
 impl BranchName {
    pub fn new(str: impl Into<String>) -> Self {
--- a/crates/config/src/forge_details.rs
+++ b/crates/config/src/forge_details.rs
@ -1,7 +1,7 @@
 use crate::{ApiToken, ForgeConfig, ForgeName, ForgeType, Hostname, User};

 /// The derived information about a Forge, used to create interactions with it
-#[derive(Clone, Debug, derive_more::Constructor)]
+#[derive(Clone, Default, Debug, derive_more::Constructor, derive_with::With)]
 pub struct ForgeDetails {
    forge_name: ForgeName,
    forge_type: ForgeType,
@ -27,11 +27,6 @@ impl ForgeDetails {
    pub const fn token(&self) -> &ApiToken {
        &self.token
    }
-    pub fn with_hostname(self, hostname: Hostname) -> Self {
-        let mut me = self;
-        me.hostname = hostname;
-        me
-    }
 }
 impl From<(&ForgeName, &ForgeConfig)> for ForgeDetails {
    fn from(forge: (&ForgeName, &ForgeConfig)) -> Self {
--- a/crates/config/src/forge_name.rs
+++ b/crates/config/src/forge_name.rs
@ -1,7 +1,7 @@
 use std::path::PathBuf;

 /// The name of a Forge to connect to
-#[derive(Clone, Debug, PartialEq, Eq, derive_more::Constructor, derive_more::Display)]
+#[derive(Clone, Default, Debug, PartialEq, Eq, derive_more::Constructor, derive_more::Display)]
 pub struct ForgeName(String);
 impl From<&ForgeName> for PathBuf {
    fn from(value: &ForgeName) -> Self {
--- a/crates/config/src/forge_type.rs
+++ b/crates/config/src/forge_type.rs
@ -1,5 +1,5 @@
 /// Identifier for the type of Forge
-#[derive(Clone, Copy, Debug, PartialEq, Eq, serde::Deserialize)]
+#[derive(Clone, Default, Copy, Debug, PartialEq, Eq, serde::Deserialize)]
 pub enum ForgeType {
    #[cfg(feature = "forgejo")]
    ForgeJo,
@ -7,6 +7,7 @@ pub enum ForgeType {
    // GitHub,
    // GitLab,
    // BitBucket,
+    #[default]
    MockForge,
 }
 impl std::fmt::Display for ForgeType {
--- a/crates/config/src/git_dir.rs
+++ b/crates/config/src/git_dir.rs
@ -1,7 +1,15 @@
 use std::path::PathBuf;

 #[derive(
-    Debug, Clone, PartialEq, Eq, serde::Deserialize, derive_more::Deref, derive_more::From,
+    Clone,
+    Default,
+    Debug,
+    Hash,
+    PartialEq,
+    Eq,
+    serde::Deserialize,
+    derive_more::Deref,
+    derive_more::From,
 )]
 pub struct GitDir(PathBuf);
 impl GitDir {
--- a/crates/config/src/host_name.rs
+++ b/crates/config/src/host_name.rs
@ -1,5 +1,5 @@
 /// The hostname of a forge
-#[derive(Clone, Debug, PartialEq, Eq, derive_more::Display)]
+#[derive(Clone, Default, Debug, PartialEq, Eq, derive_more::Display)]
 pub struct Hostname(String);
 impl Hostname {
    pub fn new(str: impl Into<String>) -> Self {
--- a/crates/config/src/repo_alias.rs
+++ b/crates/config/src/repo_alias.rs
@ -1,6 +1,6 @@
 /// The alias of a repo
 /// This is the alias for the repo within `git-next-server.toml`
-#[derive(Clone, Debug, PartialEq, Eq, Hash, derive_more::Display)]
+#[derive(Clone, Default, Debug, PartialEq, Eq, Hash, derive_more::Display)]
 pub struct RepoAlias(String);
 impl RepoAlias {
    pub fn new(str: impl Into<String>) -> Self {
--- a/crates/config/src/repo_path.rs
+++ b/crates/config/src/repo_path.rs
@ -1,5 +1,5 @@
 /// The path for the repo within the forge.
 /// Typically this is composed of the user or organisation and the name of the repo
 /// e.g. `{user}/{repo}`
-#[derive(Clone, Debug, PartialEq, Eq, derive_more::Constructor, derive_more::Display)]
+#[derive(Clone, Default, Debug, PartialEq, Eq, derive_more::Constructor, derive_more::Display)]
 pub struct RepoPath(String);
--- a/crates/config/src/user.rs
+++ b/crates/config/src/user.rs
@ -1,3 +1,3 @@
 /// The user within the forge to connect as
-#[derive(Clone, Debug, PartialEq, Eq, derive_more::Constructor, derive_more::Display)]
+#[derive(Clone, Default, Debug, PartialEq, Eq, derive_more::Constructor, derive_more::Display)]
 pub struct User(String);
--- a/crates/git/Cargo.toml
+++ b/crates/git/Cargo.toml
@ -45,6 +45,7 @@ secrecy = { workspace = true }

 # error handling
 derive_more = { workspace = true }
+derive-with = { workspace = true }

 # # file watcher
 # inotify = { workspace = true }
@ -54,9 +55,9 @@ derive_more = { workspace = true }
 # actix-rt = { workspace = true }
 # tokio = { workspace = true }
 #
-# [dev-dependencies]
-# # Testing
-# assert2 = { workspace = true }
+[dev-dependencies]
+# Testing
+assert2 = { workspace = true }

 [lints.clippy]
 nursery = { level = "warn", priority = -1 }
--- a/crates/git/src/repo_details.rs
+++ b/crates/git/src/repo_details.rs
@ -6,7 +6,7 @@ use git_next_config::{
 use super::{Generation, GitRemote};

 /// The derived information about a repo, used to interact with it
-#[derive(Clone, Debug, derive_more::Display)]
+#[derive(Clone, Default, Debug, derive_more::Display, derive_with::With)]
 #[display("gen-{}:{}:{}/{}:{}@{}/{}@{}", generation, forge.forge_type(),
    forge.forge_name(), repo_alias, forge.user(), forge.hostname(), repo_path,
    branch)]
--- a/crates/git/src/repository/mock.rs
+++ b/crates/git/src/repository/mock.rs
@ -1,17 +1,116 @@
+use std::{
+    collections::HashMap,
+    sync::{Arc, Mutex},
+};
+
 use git_next_config::GitDir;

 use crate::{
-    repository::{open::OpenRepository, Error, RepositoryLike},
-    RepoDetails,
+    repository::{
+        open::{OpenRepository, OpenRepositoryLike},
+        Direction, RepositoryLike, Result,
+    },
+    GitRemote, RepoDetails,
 };

-pub struct MockRepository;
+use super::Error;
+
+#[derive(Debug, Default, Clone)]
+pub struct MockRepository(Arc<Mutex<Reality>>);
+impl MockRepository {
+    pub fn new() -> Self {
+        Self(Arc::new(Mutex::new(Reality::default())))
+    }
+    pub fn can_open_repo(&mut self, gitdir: &GitDir) -> Result<MockOpenRepository> {
+        self.0
+            .lock()
+            .map_err(|_| Error::MockLock)
+            .map(|mut r| r.can_open_repo(gitdir))
+    }
+    fn open_repository(
+        &self,
+        gitdir: &GitDir,
+    ) -> std::result::Result<MockOpenRepository, crate::repository::Error> {
+        self.0.lock().map_err(|_| Error::MockLock).and_then(|r| {
+            r.open_repository(gitdir)
+                .ok_or_else(|| Error::Open(format!("mock - could not open: {}", gitdir)))
+        })
+    }
+    fn clone_repository(
+        &self,
+    ) -> std::result::Result<MockOpenRepository, crate::repository::Error> {
+        todo!()
+    }
+}
 impl RepositoryLike for MockRepository {
-    fn open(&self, _gitdir: &GitDir) -> Result<OpenRepository, Error> {
-        Ok(OpenRepository::Mock)
+    fn open(
+        &self,
+        gitdir: &GitDir,
+    ) -> std::result::Result<OpenRepository, crate::repository::Error> {
+        Ok(OpenRepository::Mock(self.open_repository(gitdir)?))
    }

-    fn git_clone(&self, _repo_details: &RepoDetails) -> Result<OpenRepository, Error> {
-        Ok(OpenRepository::Mock)
+    fn git_clone(
+        &self,
+        _repo_details: &RepoDetails,
+    ) -> std::result::Result<OpenRepository, crate::repository::Error> {
+        Ok(OpenRepository::Mock(self.clone_repository()?))
+    }
+}
+
+#[derive(Debug, Default)]
+pub struct Reality {
+    openable_repos: HashMap<GitDir, MockOpenRepository>,
+}
+impl Reality {
+    pub fn can_open_repo(&mut self, gitdir: &GitDir) -> MockOpenRepository {
+        let mor = self.openable_repos.get(gitdir);
+        match mor {
+            Some(mor) => mor.clone(),
+            None => {
+                let mor = MockOpenRepository::default();
+                self.openable_repos.insert(gitdir.clone(), mor.clone());
+                mor
+            }
+        }
+    }
+    pub fn open_repository(&self, gitdir: &GitDir) -> Option<MockOpenRepository> {
+        self.openable_repos.get(gitdir).cloned()
+    }
+}
+
+#[derive(Clone, Debug, Default)]
+pub struct MockOpenRepository {
+    default_push_remote: Option<GitRemote>,
+    default_fetch_remote: Option<GitRemote>,
+}
+impl MockOpenRepository {
+    pub fn has_default_remote(&mut self, direction: Direction, git_remote: GitRemote) {
+        match direction {
+            Direction::Push => self.default_push_remote.replace(git_remote),
+            Direction::Fetch => self.default_fetch_remote.replace(git_remote),
+        };
+    }
+}
+impl OpenRepositoryLike for MockOpenRepository {
+    fn find_default_remote(&self, direction: Direction) -> Option<GitRemote> {
+        match direction {
+            Direction::Push => self.default_push_remote.clone(),
+            Direction::Fetch => self.default_fetch_remote.clone(),
+        }
+    }
+
+    fn fetch(&self) -> std::prelude::v1::Result<(), crate::fetch::Error> {
+        todo!()
+    }
+
+    fn push(
+        &self,
+        _repo_details: &RepoDetails,
+        _branch_name: git_next_config::BranchName,
+        _to_commit: crate::GitRef,
+        _force: crate::push::Force,
+    ) -> std::prelude::v1::Result<(), crate::push::Error> {
+        todo!()
    }
 }
--- a/crates/git/src/repository/mod.rs
+++ b/crates/git/src/repository/mod.rs
@ -9,23 +9,26 @@ use git_next_config::GitDir;

 pub use open::OpenRepository;

+use crate::repository::mock::MockRepository;
+
 use super::RepoDetails;

-#[derive(Clone, Copy, Debug)]
+#[derive(Clone, Debug)]
 pub enum Repository {
    Real,
-    Mock,
+    Mock(MockRepository),
 }
 pub const fn new() -> Repository {
    Repository::Real
 }
-pub const fn mock() -> Repository {
-    Repository::Mock
+pub fn mock() -> (Repository, MockRepository) {
+    let mock_repository = MockRepository::new();
+    (Repository::Mock(mock_repository.clone()), mock_repository)
 }

 pub trait RepositoryLike {
-    fn open(&self, gitdir: &GitDir) -> Result<OpenRepository, Error>;
-    fn git_clone(&self, repo_details: &RepoDetails) -> Result<OpenRepository, Error>;
+    fn open(&self, gitdir: &GitDir) -> Result<OpenRepository>;
+    fn git_clone(&self, repo_details: &RepoDetails) -> Result<OpenRepository>;
 }
 impl std::ops::Deref for Repository {
    type Target = dyn RepositoryLike;
@ -33,7 +36,7 @@ impl std::ops::Deref for Repository {
    fn deref(&self) -> &Self::Target {
        match self {
            Self::Real => &real::RealRepository,
-            Self::Mock => &mock::MockRepository,
+            Self::Mock(mock_repository) => mock_repository,
        }
    }
 }
@ -54,6 +57,8 @@ impl From<Direction> for gix::remote::Direction {
    }
 }

+pub type Result<T> = core::result::Result<T, Error>;
+
 #[derive(Debug, derive_more::Display)]
 pub enum Error {
    InvalidGitDir(git_next_config::GitDir),
@ -64,6 +69,7 @@ pub enum Error {
    Clone(String),
    Open(String),
    Fetch(String),
+    MockLock,
 }
 impl std::error::Error for Error {}
 impl From<gix::clone::Error> for Error {
--- a/crates/git/src/repository/open/mod.rs
+++ b/crates/git/src/repository/open/mod.rs
@ -7,19 +7,22 @@ use git_next_config::BranchName;

 use crate::{
    fetch, push,
-    repository::{open::oreal::RealOpenRepository, Direction},
+    repository::{mock::MockOpenRepository, open::oreal::RealOpenRepository, Direction},
    GitRef, GitRemote, RepoDetails,
 };

 #[derive(Clone, Debug)]
 pub enum OpenRepository {
    Real(oreal::RealOpenRepository),
-    Mock, // TODO: (#38) contain a mock model of a repo
+    Mock(MockOpenRepository), // TODO: (#38) contain a mock model of a repo
 }
 impl OpenRepository {
-    pub fn new(gix_repo: gix::Repository) -> Self {
+    pub fn real(gix_repo: gix::Repository) -> Self {
        Self::Real(RealOpenRepository::new(Arc::new(Mutex::new(gix_repo))))
    }
+    pub const fn mock(mock: MockOpenRepository) -> Self {
+        Self::Mock(mock)
+    }
 }
 pub trait OpenRepositoryLike {
    fn find_default_remote(&self, direction: Direction) -> Option<GitRemote>;
@ -38,7 +41,7 @@ impl std::ops::Deref for OpenRepository {
    fn deref(&self) -> &Self::Target {
        match self {
            Self::Real(real) => real,
-            Self::Mock => todo!(),
+            Self::Mock(mock) => mock,
        }
    }
 }
--- a/crates/git/src/repository/real.rs
+++ b/crates/git/src/repository/real.rs
@ -12,7 +12,7 @@ pub struct RealRepository;
 impl RepositoryLike for RealRepository {
    fn open(&self, gitdir: &GitDir) -> Result<OpenRepository, Error> {
        let gix_repo = gix::ThreadSafeRepository::open(gitdir.to_path_buf())?.to_thread_local();
-        Ok(OpenRepository::new(gix_repo))
+        Ok(OpenRepository::real(gix_repo))
    }

    fn git_clone(&self, repo_details: &RepoDetails) -> Result<OpenRepository, Error> {
@ -23,6 +23,6 @@ impl RepositoryLike for RealRepository {
        )?
        .fetch_only(gix::progress::Discard, &AtomicBool::new(false))?;

-        Ok(OpenRepository::new(gix_repo))
+        Ok(OpenRepository::real(gix_repo))
    }
 }
--- a/crates/git/src/tests.rs
+++ b/crates/git/src/tests.rs
@ -160,3 +160,40 @@ mod repo_details {
        );
    }
 }
+mod repository {
+    use assert2::let_assert;
+    use git_next_config::{ForgeDetails, GitDir, Hostname, RepoPath};
+
+    use crate::{
+        repository::{self, Direction},
+        validate, GitRemote, RepoDetails,
+    };
+
+    #[test]
+    fn validate_should_ok_a_valid_repo() {
+        let forge_details =
+            ForgeDetails::default().with_hostname(Hostname::new("localhost".to_string()));
+        let repo_details = RepoDetails::default()
+            .with_forge(forge_details)
+            .with_repo_path(RepoPath::new("kemitix/test".to_string()));
+        let gitdir = GitDir::from("foo");
+        let remote = GitRemote::new(
+            Hostname::new("localhost"),
+            RepoPath::new("kemitix/test".to_string()),
+        );
+
+        let (repository, mut reality) = repository::mock();
+        let_assert!(
+            Ok(_) = reality.can_open_repo(&gitdir).map(|mut open_repo| {
+                open_repo.has_default_remote(Direction::Push, remote.clone());
+                open_repo.has_default_remote(Direction::Fetch, remote);
+            })
+        );
+
+        let_assert!(Ok(open_repository) = repository.open(&gitdir));
+
+        // FIXME: flaky test - failing 1 in 4 times - NoDefaultPushRemote
+        let_assert!(Ok(_) = validate(&open_repository, &repo_details));
+    }
+    // TODO: validate_should_fail_where_????
+}
--- a/crates/server/src/actors/repo/webhook.rs
+++ b/crates/server/src/actors/repo/webhook.rs
@ -24,8 +24,9 @@ pub struct WebhookId(String);
 pub struct WebhookAuth(ulid::Ulid);
 impl WebhookAuth {
    pub fn from_str(authorisation: &str) -> Result<Self, DecodeError> {
-        let id = ulid::Ulid::from_str(authorisation);
-        Ok(Self(id?))
+        let id = ulid::Ulid::from_str(authorisation)?;
+        info!("Parse auth token: {}", id);
+        Ok(Self(id))
    }

    fn generate() -> Self {
@ -186,23 +187,16 @@ impl Handler<WebhookMessage> for RepoActor {
            warn!("Don't know what authorization to expect");
            return;
        };
-        let Some(received_authorization) = &msg.authorisation() else {
-            warn!("Missing authorization token");
-            return;
-        };
-        if received_authorization != expected_authorization {
+        if msg.authorisation() != expected_authorization {
            warn!(
                "Invalid authorization - expected {}",
                expected_authorization
            );
            return;
        }
-        let id = msg.id();
-        let span = tracing::info_span!("handle", %id);
-        let _guard = span.enter();
        let body = msg.body();
-        match serde_json::from_str::<Push>(body) {
-            Err(err) => warn!(?err, %body, "Not a 'push'"),
+        match serde_json::from_str::<Push>(body.as_str()) {
+            Err(err) => warn!(?err, ?body, "Not a 'push'"),
            Ok(push) => {
                if let Some(config) = &self.details.repo_config {
                    match push.branch(config.branches()) {
@ -262,6 +256,10 @@ impl Handler<WebhookMessage> for RepoActor {
    }
 }

+pub fn split_ref(reference: &str) -> (&str, &str) {
+    reference.split_at(11)
+}
+
 #[derive(Debug, serde::Deserialize)]
 struct Push {
    #[serde(rename = "ref")]
@ -298,12 +296,8 @@ impl Push {
    }
 }

-pub fn split_ref(reference: &str) -> (&str, &str) {
-    reference.split_at(11)
-}
-
 #[derive(Debug)]
-enum Branch {
+pub enum Branch {
    Main,
    Next,
    Dev,
--- a/crates/server/src/actors/server.rs
+++ b/crates/server/src/actors/server.rs
@ -177,7 +177,7 @@ impl Server {
        let server_storage = server_storage.clone();
        let webhook = webhook.clone();
        let net = self.net.clone();
-        let repo = self.repo;
+        let repo = self.repo.clone();
        let generation = self.generation;
        move |(repo_alias, server_repo_config)| {
            let span = tracing::info_span!("create_actor", alias = %repo_alias, config = %server_repo_config);
@ -205,8 +205,13 @@ impl Server {
                gitdir,
            );
            info!("Starting Repo Actor");
-            let actor =
-                RepoActor::new(repo_details, webhook.clone(), generation, net.clone(), repo);
+            let actor = RepoActor::new(
+                repo_details,
+                webhook.clone(),
+                generation,
+                net.clone(),
+                repo.clone(),
+            );
            (forge_name.clone(), repo_alias, actor)
        }
    }
--- a/crates/server/src/actors/webhook/message.rs
+++ b/crates/server/src/actors/webhook/message.rs
@ -1,27 +1,33 @@
 //
 use actix::prelude::*;
+use git_next_config::RepoAlias;

 use crate::actors::repo::webhook::WebhookAuth;

 #[derive(Message, Debug, Clone, derive_more::Constructor)]
 #[rtype(result = "()")]
 pub struct WebhookMessage {
-    id: String,
-    path: String,
-    authorisation: String,
-    body: String,
+    // forge // TODO: differentiate between multiple forges
+    repo_alias: RepoAlias,
+    authorisation: WebhookAuth,
+    body: Body,
 }
 impl WebhookMessage {
-    pub const fn id(&self) -> &String {
-        &self.id
+    pub const fn repo_alias(&self) -> &RepoAlias {
+        &self.repo_alias
    }
-    pub const fn path(&self) -> &String {
-        &self.path
-    }
-    pub const fn body(&self) -> &String {
+    pub const fn body(&self) -> &Body {
        &self.body
    }
-    pub fn authorisation(&self) -> Option<WebhookAuth> {
-        WebhookAuth::from_str(&self.authorisation).ok()
+    pub const fn authorisation(&self) -> &WebhookAuth {
+        &self.authorisation
+    }
+}
+
+#[derive(Clone, Debug, derive_more::Constructor)]
+pub struct Body(String);
+impl Body {
+    pub fn as_str(&self) -> &str {
+        self.0.as_str()
    }
 }
--- a/crates/server/src/actors/webhook/router.rs
+++ b/crates/server/src/actors/webhook/router.rs
@ -28,9 +28,9 @@ impl Handler<WebhookMessage> for WebhookRouter {

    fn handle(&mut self, msg: WebhookMessage, _ctx: &mut Self::Context) -> Self::Result {
        let _gaurd = self.span.enter();
-        let repo_alias = RepoAlias::new(msg.path());
+        let repo_alias = msg.repo_alias();
        debug!(repo = %repo_alias, "Router...");
-        if let Some(recipient) = self.repos.get(&repo_alias) {
+        if let Some(recipient) = self.repos.get(repo_alias) {
            info!(repo = %repo_alias, "Sending to Recipient");
            recipient.do_send(msg);
        }
--- a/crates/server/src/actors/webhook/server.rs
+++ b/crates/server/src/actors/webhook/server.rs
@ -2,13 +2,17 @@ use std::net::SocketAddr;

 use actix::prelude::*;

+use git_next_config::RepoAlias;
 use tracing::{info, warn};
+use warp::reject::Rejection;

-use crate::actors::webhook::message::WebhookMessage;
+use crate::actors::{repo::webhook::WebhookAuth, webhook::message::WebhookMessage};
+
+use super::message;

 pub async fn start(
    socket_addr: SocketAddr,
-    address: actix::prelude::Recipient<super::message::WebhookMessage>,
+    address: actix::prelude::Recipient<message::WebhookMessage>,
 ) {
    // start webhook server
    use warp::Filter;
@ -21,35 +25,24 @@ pub async fn start(
        .and(warp::body::bytes())
        .and_then(
            |recipient: Recipient<WebhookMessage>,
-             path,
+             path: String,
             // query: String,
             headers: warp::http::HeaderMap,
             body: bytes::Bytes| async move {
                info!("POST received");
+                let repo_alias = RepoAlias::new(path);
                let bytes = body.to_vec();
-                let request_data = String::from_utf8_lossy(&bytes).to_string();
-                let id = ulid::Ulid::new().to_string();
-                match headers.get("Authorization") {
-                    Some(auhorisation) => {
-                        info!(id, path, "Received webhook");
-                        let authorisation = auhorisation
-                            .to_str()
-                            .map_err(|e| {
-                                warn!("Invalid value in authorization: {:?}", e);
-                                warp::reject()
-                            })? // valid characters
-                            .strip_prefix("Basic ")
-                            .ok_or_else(|| {
-                                warn!("Authorization must be 'Basic'");
-                                warp::reject()
-                            })? // must start with "Basic "
-                            .to_string();
-                        let message = WebhookMessage::new(
-                            id,
-                            path,
-                            /* query, headers, */ request_data,
-                            authorisation,
-                        );
+                let body = message::Body::new(String::from_utf8_lossy(&bytes).to_string());
+                headers.get("Authorization").map_or_else(
+                    || {
+                        warn!("No Authorization header");
+                        Err(warp::reject())
+                    },
+                    |authorisation_header| {
+                        info!(?repo_alias, ?authorisation_header, "Received webhook",);
+                        match parse_auth(authorisation_header) {
+                            Ok(authorisation) => {
+                                let message = WebhookMessage::new(repo_alias, authorisation, body);
                                recipient
                                    .try_send(message)
                                    .map(|_| {
@ -61,15 +54,41 @@ pub async fn start(
                                        warp::reject()
                                    })
                            }
-                    _ => {
-                        warn!("No Authorization header");
+                            Err(e) => {
+                                warn!(?e, "Failed to decode authorization header");
                                Err(warp::reject())
                            }
                        }
                    },
+                )
+            },
        );

    // Start the server
    info!("Starting webhook server: {}", socket_addr);
    warp::serve(route).run(socket_addr).await;
 }
+
+fn parse_auth(authorization_header: &warp::http::HeaderValue) -> Result<WebhookAuth, Rejection> {
+    WebhookAuth::from_str(
+        authorization_header
+            .to_str()
+            .map_err(|e| {
+                warn!("Invalid non-ascii value in authorization: {:?}", e);
+                warp::reject()
+            }) // valid characters
+            .map(|v| {
+                info!("raw auth header: {}", v);
+                v
+            })?
+            .strip_prefix("Basic ")
+            .ok_or_else(|| {
+                warn!("Authorization must be 'Basic'");
+                warp::reject()
+            })?, // must start with "Basic "
+    )
+    .map_err(|e| {
+        warn!(?e, "decode error");
+        warp::reject()
+    })
+}
--- a/crates/server/src/gitforge/tests/forgejo.rs
+++ b/crates/server/src/gitforge/tests/forgejo.rs
@ -13,7 +13,7 @@ fn test_name() {
        panic!("fs")
    };
    let net = Network::new_mock();
-    let repo = git::repository::mock();
+    let (repo, _reality) = git::repository::mock();
    let repo_details = common::repo_details(
        1,
        Generation::new(),
@ -40,7 +40,7 @@ async fn test_branches_get() {
    let body = include_str!("./data-forgejo-branches-get.json");
    net.add_get_response(&url, StatusCode::OK, body);
    let net = Network::from(net);
-    let repo = git::repository::mock();
+    let (repo, _reality) = git::repository::mock();

    let repo_details = common::repo_details(
        1,
Author	SHA1	Message	Date
Paul Campbell	b04c17dc15	WIP: mock repository All checks were successful ci/woodpecker/push/cron-docker-builder Pipeline was successful Details ci/woodpecker/push/push-next Pipeline was successful Details ci/woodpecker/push/tag-created Pipeline was successful Details	2024-05-21 08:58:45 +01:00
Paul Campbell	5176e3e8c7	fix(server): invalid webhook authorisations Some checks failed ci/woodpecker/push/cron-docker-builder Pipeline was successful Details ci/woodpecker/push/push-next Pipeline failed Details ci/woodpecker/push/tag-created Pipeline was successful Details Rust / build (push) Successful in 1m4s Details Parameters had been passed in wrong order. Added strong types to prevent a repeat.	2024-05-21 08:58:45 +01:00