mirror of
https://0xacab.org/sutty/sutty
synced 2024-11-17 00:16:21 +00:00
fix: add rescue in token_from_signature method #13903
All checks were successful
ci/woodpecker/push/woodpecker Pipeline was successful
All checks were successful
ci/woodpecker/push/woodpecker Pipeline was successful
This commit is contained in:
parent
c5406acb26
commit
aeb2105dc7
1 changed files with 10 additions and 3 deletions
|
@ -9,6 +9,8 @@ module Api
|
||||||
|
|
||||||
# Trae los cambios a partir de un post de Webhooks:
|
# Trae los cambios a partir de un post de Webhooks:
|
||||||
# (Gitlab, Github, Gitea, etc)
|
# (Gitlab, Github, Gitea, etc)
|
||||||
|
#
|
||||||
|
# @return [nil]
|
||||||
def pull
|
def pull
|
||||||
message = I18n.with_locale(site.default_locale) do
|
message = I18n.with_locale(site.default_locale) do
|
||||||
I18n.t('webhooks.pull.message')
|
I18n.t('webhooks.pull.message')
|
||||||
|
@ -36,22 +38,27 @@ module Api
|
||||||
request.headers['X-Gitlab-Token']
|
request.headers['X-Gitlab-Token']
|
||||||
# Github
|
# Github
|
||||||
elsif request.headers['X-HUB-SIGNATURE-256']
|
elsif request.headers['X-HUB-SIGNATURE-256']
|
||||||
request.env['HTTP_X_HUB_SIGNATURE_256']
|
token_from_signature(request.env['HTTP_X_HUB_SIGNATURE_256'])
|
||||||
# Gitea
|
# Gitea
|
||||||
else
|
else
|
||||||
request.env['HTTP_X_GITEA_SIGNATURE']
|
token_from_signatureq(request.env['HTTP_X_GITEA_SIGNATURE'])
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
# valida token a partir de firma de webhook
|
# valida token a partir de firma de webhook
|
||||||
#
|
#
|
||||||
# @return [String]
|
# @return [String, Boolean]
|
||||||
def token_from_signature(signature)
|
def token_from_signature(signature)
|
||||||
payload = request.body.read
|
payload = request.body.read
|
||||||
site.roles.where(temporal: false, rol: 'usuarie').pluck(:token).find do |token|
|
site.roles.where(temporal: false, rol: 'usuarie').pluck(:token).find do |token|
|
||||||
new_signature = 'sha256=' + OpenSSL::HMAC.hexdigest(OpenSSL::Digest.new('sha256'), token, payload)
|
new_signature = 'sha256=' + OpenSSL::HMAC.hexdigest(OpenSSL::Digest.new('sha256'), token, payload)
|
||||||
ActiveSupport::SecurityUtils.secure_compare(new_signature, signature)
|
ActiveSupport::SecurityUtils.secure_compare(new_signature, signature)
|
||||||
|
end.tap do |t|
|
||||||
|
raise ArgumentError, 'token no encontrado' if t.nil?
|
||||||
|
rescue ArgumentError => e
|
||||||
|
ExceptionNotifier.notify_exception(e, data: { params: params.to_h })
|
||||||
|
raise ActiveRecord::RecordNotFound
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue