Rename token to secret
Signed-off-by: Maxime “pep” Buquet <pep@bouah.net>
This commit is contained in:
parent
1cf93d1ba8
commit
407788af5a
GPG key ID:
DEDA74AEECA9D0F2
3 changed files with 17 additions and 17 deletions
|
|
@ -24,7 +24,7 @@ use hmac::digest::InvalidLength as HmacInvalidLength;
|
|||
#[derive(Debug)]
|
||||
pub(crate) enum Error {
|
||||
MethodMismatch,
|
||||
InvalidToken,
|
||||
InvalidSecret,
|
||||
InvalidContentType,
|
||||
InvalidSignature,
|
||||
InvalidRequest,
|
||||
|
|
@ -44,7 +44,7 @@ impl std::fmt::Display for Error {
|
|||
fn fmt(&self, fmt: &mut std::fmt::Formatter) -> std::fmt::Result {
|
||||
match self {
|
||||
Error::MethodMismatch => write!(fmt, "the method is invalid"),
|
||||
Error::InvalidToken => write!(fmt, "the token is invalid"),
|
||||
Error::InvalidSecret => write!(fmt, "the secret is invalid"),
|
||||
Error::InvalidContentType => write!(fmt, "the content-type is invalid"),
|
||||
Error::InvalidSignature => write!(fmt, "the signature is invalid"),
|
||||
Error::InvalidRequest => write!(fmt, "the request is invalid"),
|
||||
|
|
|
|||
12
src/main.rs
12
src/main.rs
|
|
@ -56,9 +56,9 @@ struct Config {
|
|||
#[serde(default = "default_nickname")]
|
||||
nickname: String,
|
||||
|
||||
/// Token to match the one provided by the Webhook service
|
||||
#[serde(rename = "webhook-token")]
|
||||
webhook_token: String,
|
||||
/// Secret that matches the one provided to the Webhook service
|
||||
#[serde(rename = "secret")]
|
||||
secret: String,
|
||||
|
||||
/// HTTP Webhook listening address and port, e.g., 127.0.0.1:1234 or [::1]:1234
|
||||
#[serde(default = "default_addr")]
|
||||
|
|
@ -140,8 +140,8 @@ async fn main() -> Result<!, Error> {
|
|||
);
|
||||
|
||||
let tcp_bind = TcpListener::bind(config.addr).await?;
|
||||
let token: &'static String =
|
||||
unsafe { core::mem::transmute::<&String, &'static String>(&config.webhook_token) };
|
||||
let secret: &'static String =
|
||||
unsafe { core::mem::transmute::<&String, &'static String>(&config.secret) };
|
||||
let value_tx = Arc::new(Mutex::new(value_tx));
|
||||
|
||||
loop {
|
||||
|
|
@ -158,7 +158,7 @@ async fn main() -> Result<!, Error> {
|
|||
.serve_connection(io, service_fn(|request| {
|
||||
let value_tx = value_tx.clone();
|
||||
async move {
|
||||
hooks(request, token, value_tx).await
|
||||
hooks(request, secret, value_tx).await
|
||||
}
|
||||
}))
|
||||
.await
|
||||
|
|
|
|||
18
src/web.rs
18
src/web.rs
|
|
@ -41,7 +41,7 @@ fn error_res<E: std::fmt::Debug>(e: E) -> Result<Response<Full<Bytes>>, Infallib
|
|||
Ok(res)
|
||||
}
|
||||
|
||||
async fn hooks_inner(req: Request<Incoming>, token: &str) -> Result<Hook, Error> {
|
||||
async fn hooks_inner(req: Request<Incoming>, secret: &str) -> Result<Hook, Error> {
|
||||
match req.method() {
|
||||
&Method::POST => (),
|
||||
_ => return Err(Error::MethodMismatch),
|
||||
|
|
@ -57,16 +57,16 @@ async fn hooks_inner(req: Request<Incoming>, token: &str) -> Result<Hook, Error>
|
|||
}
|
||||
|
||||
if let Some(val) = headers.get("X-Gitlab-Token")
|
||||
&& token != val
|
||||
&& secret != val
|
||||
{
|
||||
return Err(Error::InvalidToken);
|
||||
return Err(Error::InvalidSecret);
|
||||
}
|
||||
|
||||
// Get payload and generate hmac signature
|
||||
let mut payload: Vec<u8> = vec![];
|
||||
let whole_body = req.collect().await?.aggregate();
|
||||
whole_body.reader().read_to_end(&mut payload)?;
|
||||
let mut mac = HmacSha256::new_from_slice(token.as_bytes())?;
|
||||
let mut mac = HmacSha256::new_from_slice(secret.as_bytes())?;
|
||||
mac.update(&payload);
|
||||
let result = mac.finalize().into_bytes();
|
||||
trace!("Payload calculated signature: {:?}", hex::encode(result));
|
||||
|
|
@ -82,10 +82,10 @@ async fn hooks_inner(req: Request<Incoming>, token: &str) -> Result<Hook, Error>
|
|||
let hook: ForgejoHook = serde_json::from_slice(&payload[..])?;
|
||||
return Ok(Hook::Forgejo(hook));
|
||||
} else if let Some(val) = headers.get("X-Gitlab-Token")
|
||||
&& token != val
|
||||
&& secret != val
|
||||
{
|
||||
if token != val {
|
||||
return Err(Error::InvalidToken);
|
||||
if secret != val {
|
||||
return Err(Error::InvalidSecret);
|
||||
}
|
||||
|
||||
let hook: GitlabHook = serde_json::from_slice(&payload[..])?;
|
||||
|
|
@ -98,10 +98,10 @@ async fn hooks_inner(req: Request<Incoming>, token: &str) -> Result<Hook, Error>
|
|||
|
||||
pub async fn hooks(
|
||||
req: Request<Incoming>,
|
||||
token: &str,
|
||||
secret: &str,
|
||||
value_tx: Arc<Mutex<UnboundedSender<Hook>>>,
|
||||
) -> Result<Response<Full<Bytes>>, Infallible> {
|
||||
match hooks_inner(req, token).await {
|
||||
match hooks_inner(req, secret).await {
|
||||
Ok(wh) => {
|
||||
debug!("Passed: {:?}", wh);
|
||||
|
||||
|
|
|
|||
Loading…
Reference in a new issue