Skip to content

Commit

Permalink
Clearer error from whitelist filter #139
Browse files Browse the repository at this point in the history
  • Loading branch information
@tomasbjerre
tomasbjerre committed Oct 20, 2019
1 parent d2dd767 commit 7f585f8
Show file tree
Hide file tree
Showing 5 changed files with 28 additions and 11 deletions.
2 changes: 1 addition & 1 deletion CHANGELOG.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -30,7 +30,7 @@ Changelog of Generic Webhook Plugin.
**Whitelist and HMAC #139**


[c6a7a3c7c527f29](https://github.com/jenkinsci/generic-webhook-trigger-plugin/commit/c6a7a3c7c527f29) Tomas Bjerre *2019-10-20 15:45:48*
[d39f81c3ccefaa6](https://github.com/jenkinsci/generic-webhook-trigger-plugin/commit/d39f81c3ccefaa6) Tomas Bjerre *2019-10-20 19:20:49*


### No issue
Expand Down
23 changes: 15 additions & 8 deletions src/main/java/org/jenkinsci/plugins/gwt/GenericWebHookRequestReceiver.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -24,6 +24,7 @@
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.io.IOUtils;
import org.jenkinsci.plugins.gwt.jobfinder.JobFinder;
import org.jenkinsci.plugins.gwt.whitelist.WhitelistException;
import org.jenkinsci.plugins.gwt.whitelist.WhitelistVerifier;
import org.kohsuke.stapler.HttpResponse;
import org.kohsuke.stapler.StaplerRequest;
Expand Down Expand Up @@ -53,15 +54,21 @@ public HttpResponse doInvoke(final StaplerRequest request) {
LOGGER.log(SEVERE, "", e);
}

if (!WhitelistVerifier.verifyWhitelist(request.getRemoteHost(), headers, postContent)) {
try {
if (!WhitelistVerifier.verifyWhitelist(request.getRemoteHost(), headers, postContent)) {
final Map<String, Object> response = new HashMap<>();
response.put(
"triggerResults",
"Sender, "
+ request.getRemoteHost()
+ ", with headers "
+ headers
+ " did not pass whitelist.");
return okJSON(response);
}
} catch (final WhitelistException e) {
final Map<String, Object> response = new HashMap<>();
response.put(
"triggerResults",
"Sender, "
+ request.getRemoteHost()
+ ", with headers "
+ headers
+ " did not pass whitelist.");
response.put("triggerResults", e.getMessage());
return okJSON(response);
}

Expand Down
2 changes: 1 addition & 1 deletion src/main/java/org/jenkinsci/plugins/gwt/whitelist/HMACVerifier.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -63,7 +63,7 @@ private static String getHeaderValue(
return value;
}
}
throw new RuntimeException(
throw new WhitelistException(
"Was unable to find header with name \"" + hmacHeader + "\" among " + headers);
}
}
10 changes: 10 additions & 0 deletions src/main/java/org/jenkinsci/plugins/gwt/whitelist/WhitelistException.java
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,10 @@
package org.jenkinsci.plugins.gwt.whitelist;

public class WhitelistException extends RuntimeException {

private static final long serialVersionUID = -3821871257758501700L;

public WhitelistException(final String string) {
super(string);
}
}
2 changes: 1 addition & 1 deletion src/main/java/org/jenkinsci/plugins/gwt/whitelist/WhitelistVerifier.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -41,7 +41,7 @@ static boolean whitelistVerify(
final Optional<StringCredentials> hmacKeyOpt =
CredentialsHelper.findCredentials(whitelistItem.getHmacCredentialId());
if (!hmacKeyOpt.isPresent()) {
throw new RuntimeException(
throw new WhitelistException(
"Was unable to find secret text credential " + whitelistItem.getHmacCredentialId());
}
final String hmacHeader = whitelistItem.getHmacHeader();
Expand Down

0 comments on commit 7f585f8

Please sign in to comment.