diff --git a/src/error.rs b/src/error.rs index 645bb03..eaf7675 100644 --- a/src/error.rs +++ b/src/error.rs @@ -24,7 +24,7 @@ use hmac::digest::InvalidLength as HmacInvalidLength; #[derive(Debug)] pub(crate) enum Error { MethodMismatch, - InvalidToken, + InvalidSecret, InvalidContentType, InvalidSignature, InvalidRequest, @@ -44,7 +44,7 @@ impl std::fmt::Display for Error { fn fmt(&self, fmt: &mut std::fmt::Formatter) -> std::fmt::Result { match self { Error::MethodMismatch => write!(fmt, "the method is invalid"), - Error::InvalidToken => write!(fmt, "the token is invalid"), + Error::InvalidSecret => write!(fmt, "the secret is invalid"), Error::InvalidContentType => write!(fmt, "the content-type is invalid"), Error::InvalidSignature => write!(fmt, "the signature is invalid"), Error::InvalidRequest => write!(fmt, "the request is invalid"), diff --git a/src/main.rs b/src/main.rs index 667dd7b..2156a36 100644 --- a/src/main.rs +++ b/src/main.rs @@ -56,9 +56,9 @@ struct Config { #[serde(default = "default_nickname")] nickname: String, - /// Token to match the one provided by the Webhook service - #[serde(rename = "webhook-token")] - webhook_token: String, + /// Secret that matches the one provided to the Webhook service + #[serde(rename = "secret")] + secret: String, /// HTTP Webhook listening address and port, e.g., 127.0.0.1:1234 or [::1]:1234 #[serde(default = "default_addr")] @@ -140,8 +140,8 @@ async fn main() -> Result { ); let tcp_bind = TcpListener::bind(config.addr).await?; - let token: &'static String = - unsafe { core::mem::transmute::<&String, &'static String>(&config.webhook_token) }; + let secret: &'static String = + unsafe { core::mem::transmute::<&String, &'static String>(&config.secret) }; let value_tx = Arc::new(Mutex::new(value_tx)); loop { @@ -158,7 +158,7 @@ async fn main() -> Result { .serve_connection(io, service_fn(|request| { let value_tx = value_tx.clone(); async move { - hooks(request, token, value_tx).await + hooks(request, secret, value_tx).await } })) .await diff --git a/src/web.rs b/src/web.rs index 89d8494..93fc41b 100644 --- a/src/web.rs +++ b/src/web.rs @@ -41,7 +41,7 @@ fn error_res(e: E) -> Result>, Infallib Ok(res) } -async fn hooks_inner(req: Request, token: &str) -> Result { +async fn hooks_inner(req: Request, secret: &str) -> Result { match req.method() { &Method::POST => (), _ => return Err(Error::MethodMismatch), @@ -57,16 +57,16 @@ async fn hooks_inner(req: Request, token: &str) -> Result } if let Some(val) = headers.get("X-Gitlab-Token") - && token != val + && secret != val { - return Err(Error::InvalidToken); + return Err(Error::InvalidSecret); } // Get payload and generate hmac signature let mut payload: Vec = vec![]; let whole_body = req.collect().await?.aggregate(); whole_body.reader().read_to_end(&mut payload)?; - let mut mac = HmacSha256::new_from_slice(token.as_bytes())?; + let mut mac = HmacSha256::new_from_slice(secret.as_bytes())?; mac.update(&payload); let result = mac.finalize().into_bytes(); trace!("Payload calculated signature: {:?}", hex::encode(result)); @@ -82,10 +82,10 @@ async fn hooks_inner(req: Request, token: &str) -> Result let hook: ForgejoHook = serde_json::from_slice(&payload[..])?; return Ok(Hook::Forgejo(hook)); } else if let Some(val) = headers.get("X-Gitlab-Token") - && token != val + && secret != val { - if token != val { - return Err(Error::InvalidToken); + if secret != val { + return Err(Error::InvalidSecret); } let hook: GitlabHook = serde_json::from_slice(&payload[..])?; @@ -98,10 +98,10 @@ async fn hooks_inner(req: Request, token: &str) -> Result pub async fn hooks( req: Request, - token: &str, + secret: &str, value_tx: Arc>>, ) -> Result>, Infallible> { - match hooks_inner(req, token).await { + match hooks_inner(req, secret).await { Ok(wh) => { debug!("Passed: {:?}", wh);