Compare commits

..

2 commits

Author SHA1 Message Date
b04c17dc15 WIP: mock repository
All checks were successful
ci/woodpecker/push/cron-docker-builder Pipeline was successful
ci/woodpecker/push/push-next Pipeline was successful
ci/woodpecker/push/tag-created Pipeline was successful
2024-05-21 08:58:45 +01:00
5176e3e8c7 fix(server): invalid webhook authorisations
Some checks failed
ci/woodpecker/push/cron-docker-builder Pipeline was successful
ci/woodpecker/push/push-next Pipeline failed
ci/woodpecker/push/tag-created Pipeline was successful
Rust / build (push) Successful in 1m4s
Parameters had been passed in wrong order. Added strong types to prevent
a repeat.
2024-05-21 08:58:45 +01:00
4 changed files with 11 additions and 25 deletions

View file

@ -3,7 +3,7 @@ resolver = "2"
members = ["crates/cli", "crates/server", "crates/config", "crates/git"]
[workspace.package]
version = "0.5.0"
version = "0.5.1"
edition = "2021"
[workspace.lints.clippy]

View file

@ -194,9 +194,6 @@ impl Handler<WebhookMessage> for RepoActor {
);
return;
}
let id = msg.id();
let span = tracing::info_span!("handle", ?id);
let _guard = span.enter();
let body = msg.body();
match serde_json::from_str::<Push>(body.as_str()) {
Err(err) => warn!(?err, ?body, "Not a 'push'"),

View file

@ -1,23 +1,18 @@
//
use actix::prelude::*;
use git_next_config::RepoAlias;
use ulid::Ulid;
use crate::actors::repo::webhook::WebhookAuth;
#[derive(Message, Debug, Clone, derive_more::Constructor)]
#[rtype(result = "()")]
pub struct WebhookMessage {
id: Id,
// forge // TODO: differentiate between multiple forges
repo_alias: RepoAlias,
authorisation: WebhookAuth,
body: Body,
}
impl WebhookMessage {
pub const fn id(&self) -> &Id {
&self.id
}
pub const fn repo_alias(&self) -> &RepoAlias {
&self.repo_alias
}
@ -29,9 +24,6 @@ impl WebhookMessage {
}
}
#[derive(Clone, Copy, Debug, derive_more::Constructor)]
pub struct Id(Ulid);
#[derive(Clone, Debug, derive_more::Constructor)]
pub struct Body(String);
impl Body {

View file

@ -4,7 +4,6 @@ use actix::prelude::*;
use git_next_config::RepoAlias;
use tracing::{info, warn};
use ulid::Ulid;
use warp::reject::Rejection;
use crate::actors::{repo::webhook::WebhookAuth, webhook::message::WebhookMessage};
@ -34,14 +33,16 @@ pub async fn start(
let repo_alias = RepoAlias::new(path);
let bytes = body.to_vec();
let body = message::Body::new(String::from_utf8_lossy(&bytes).to_string());
let id = message::Id::new(Ulid::new());
match headers.get("Authorization") {
Some(authorisation_header) => {
info!(?id, ?repo_alias, ?authorisation_header, "Received webhook",);
headers.get("Authorization").map_or_else(
|| {
warn!("No Authorization header");
Err(warp::reject())
},
|authorisation_header| {
info!(?repo_alias, ?authorisation_header, "Received webhook",);
match parse_auth(authorisation_header) {
Ok(authorisation) => {
let message =
WebhookMessage::new(id, repo_alias, authorisation, body);
let message = WebhookMessage::new(repo_alias, authorisation, body);
recipient
.try_send(message)
.map(|_| {
@ -58,12 +59,8 @@ pub async fn start(
Err(warp::reject())
}
}
}
_ => {
warn!("No Authorization header");
Err(warp::reject())
}
}
},
)
},
);