Updated the method for checking the slack DN to make it more reliable

skybet · Jan 13, 2021 · 25dc239 · 25dc239
1 parent 14ed2a1
commit 25dc239
Show file tree

Hide file tree

Showing 3 changed files with 9 additions and 17 deletions.
diff --git a/.circleci/config.yml b/.circleci/config.yml
@@ -5,7 +5,7 @@ version: 2
 jobs:
   build:
     docker:
-      - image: cimg/go:1.13
+      - image: cimg/go:1.15
     working_directory: ~/go/src/github.com/skybet/go-helpdesk
     steps:
       - checkout
@@ -14,7 +14,7 @@ jobs:
       - run: go test -v ./...
       - run: goveralls -service=circle-ci -coverprofile=coverage.txt -repotoken=$COVERALLS_REPO_TOKEN
       - setup_remote_docker
-      - run: docker build -t adampointer83/go-helpdesk:$CIRCLE_BRANCH .
+      - run: docker build -t adampointer83/go-helpdesk:$CIRCLE_SHA1 .
       - run: docker login -u $DOCKER_USER -p $DOCKER_PASS
-      - run: docker push adampointer83/go-helpdesk:$CIRCLE_BRANCH
+      - run: docker push adampointer83/go-helpdesk:$CIRCLE_SHA1
 
diff --git a/go.mod b/go.mod
@@ -1,6 +1,6 @@
 module github.com/skybet/go-helpdesk
 
-go 1.13
+go 1.15
 
 require (
 	github.com/fsnotify/fsnotify v1.4.9 // indirect

diff --git a/server/request.go b/server/request.go
@@ -8,15 +8,15 @@ import (
 	"encoding/json"
 	"errors"
 	"fmt"
-	"github.com/nlopes/slack/slackevents"
 	"io/ioutil"
 	"net/http"
 	"strconv"
 	"strings"
 	"time"
 
+	"github.com/nlopes/slack/slackevents"
+
 	"github.com/nlopes/slack"
-	"regexp"
 )
 
 // Request wraps http.Request
@@ -30,16 +30,8 @@ func (r *Request) Validate(secret string, dnHeader *string) error {
 	// If a dnHeader has been provided, check that the header contains the slack CN
 	if dnHeader != nil {
 		slackDNHeader := r.Header.Get(*dnHeader)
-		dnError := fmt.Errorf("invalid CN in DN header")
-
-		r, _ := regexp.Compile("CN=(.*?),")
-		cn := r.FindStringSubmatch(slackDNHeader)
-		if len(cn) != 2 {		// It should match the CN exactly one, and contain the CN value as a group
-			return dnError
-		}
-
-		if cn[1] != "platform-tls-client.slack.com" {
-			return dnError
+		if !strings.Contains(slackDNHeader, "platform-tls-client.slack.com") {
+			return fmt.Errorf("invalid CN in DN header")
 		}
 	}
 
@@ -125,4 +117,4 @@ func (r *Request) parseInteractionPayload() error {
 	}
 	r.payload = &payload
 	return nil
-}
+}