Merge branch 'issue-13903' of https://0xacab.org/sutty/sutty into 17.3.alpine.panel.sutty.nl

app/controllers/api/v1/webhooks_controller.rb

@@ -37,13 +37,13 @@ module Api
             if request.headers['X-Gitlab-Token']
               request.headers['X-Gitlab-Token']
             # Github
-            elsif request.headers['X-HUB-SIGNATURE-256']
+            elsif request.headers['X-Hub-Signature-256']
-              token_from_signature(request.env['HTTP_X_HUB_SIGNATURE_256'])
+              token_from_signature(request.headers['X_Hub_Signature_256'], 'sha256=')
             # Gitea
-            elsif request.headers['HTTP_X_GITEA_SIGNATURE']
+            elsif request.headers['X_Gitea_Signature']
-              token_from_signature(request.env['HTTP_X_GITEA_SIGNATURE'])
+              token_from_signature(request.headers['X_Gitea_Signature'])
             else
-              raise ActiveRecord::RecordNotFound 
+              raise ActiveRecord::RecordNotFound, 'proveedor no soportado'
             end
           end
       end
@@ -51,10 +51,10 @@ module Api
       # valida token a partir de firma de webhook
       #
       # @return [String, Boolean]
-      def token_from_signature(signature)
+      def token_from_signature(signature, prepend = '')
         payload = request.body.read
         site.roles.where(temporal: false, rol: 'usuarie').pluck(:token).find do |token|
-          new_signature = 'sha256=' + OpenSSL::HMAC.hexdigest(OpenSSL::Digest.new('sha256'), token, payload)
+          new_signature = prepend + OpenSSL::HMAC.hexdigest(OpenSSL::Digest.new('sha256'), token, payload)
           ActiveSupport::SecurityUtils.secure_compare(new_signature, signature)
         end.tap do |t|
           raise ActiveRecord::RecordNotFound, 'token no encontrado' if t.nil?
@@ -68,8 +68,10 @@ module Api
 
       # respuesta de error a plataformas
       def platforms_answer(exception)
+        ExceptionNotifier.notify_exception(exception, env: request.env, data: { headers: request.headers.to_h })
+
         head :forbidden
-        ExceptionNotifier.notify_exception(exception, data: { params: params.to_h })
+      end
     end
   end
 end

config/locales/en.yml

@@ -469,7 +469,7 @@ en:
         success: 'Site upgrade has been completed.  Your next build will run this upgrade :)'
         error: "There was an error when trying to upgrade your site.  This could be due to conflicts that couldn't be solved automatically.  A report of the issue has already been sent to our admins. Sorry for the inconvenience! :("
         message: 'Skeleton upgrade'
-  webhooks_controller:
+  webhooks:
     pull:
       message: 'Webhooks pull'
   footer:

config/locales/es.yml

@@ -477,7 +477,7 @@ es:
         success: 'Ya se incorporaron los cambios en el sitio, se aplicarán en la próxima compilación que hagas :)'
         error: 'Hubo un error al incorporar los cambios en el sitio.  Esto puede deberse a conflictos entre cambios que no se pueden resolver automáticamente.  Hemos enviado un reporte del problema a les administradores de Sutty para que estén al tanto de la situación.  ¡Lo sentimos! :('
         message: 'Actualización del esqueleto'
-  webhooks_controller:
+  webhooks:
     pull:
       message: 'Traer los cambios a partir de un evento remoto'
   footer: