Page MenuHomeDevCentral
Differential D260

Reject requests without X-Hub-Signature when needed
ClosedPublic
Actions

Authored by dereckson on Jan 24 2016, 07:07.
Tags
None
Referenced Files
Unknown Object (File)
Thu, Nov 14, 22:00
Unknown Object (File)
Tue, Nov 12, 19:46
Unknown Object (File)
Fri, Nov 8, 19:12
Unknown Object (File)
Fri, Nov 8, 01:58
Unknown Object (File)
Thu, Nov 7, 17:16
Unknown Object (File)
Thu, Nov 7, 16:58
Unknown Object (File)
Sat, Oct 26, 17:12
Unknown Object (File)
Sat, Oct 26, 17:12
View All Files
Subscribers
alken-orin

Details

Reviewers
dereckson
Maniphest Tasks
T695: Send a non JSON error to /gate/GitHub should fail sooner
Commits
Unknown Object (Diffusion Commit)
rNOTIF47efed1d9a30: Reject requests without X-Hub-Signature when needed
Summary

A request to /gate/GitHub/<service with secret defined> must has
a X-Hub-Signature header, so we can directly consider not legit
those without.

This fixes the following exception:

ErrorException in XHubSignature.php line 83:
hash_equals(): Expected user_string to be a string, null given
Test Plan

Fire a Phabricator payload to /gate/GitHub/<door with secret>

Diff Detail

Repository
rNOTIF Notifications center
Lint
Lint Passed
Unit
No Test Coverage
Branch
T695

Unit TestsFailed
View All

TimeTest
3,609 msJenkins > Nasqueron\Notifications\Tests\Http\Controllers\GitHubGateControllerTest::Unknown Unit Message ("")
3,281 msJenkins > Nasqueron\Notifications\Tests\Http\Controllers\GitHubGateControllerTest::Unknown Unit Message ("")
3,154 msJenkins > Nasqueron\Notifications\Tests\PayloadFullTest::Unknown Unit Message ("")
3,136 msJenkins > Nasqueron\Notifications\Tests\PayloadFullTest::Unknown Unit Message ("")
3,095 msJenkins > Nasqueron\Notifications\Tests\PayloadFullTest::Unknown Unit Message ("")
View Full Test Results (16 Failed · 21 Passed)

Event Timeline

dereckson updated this revision to Diff 606.Jan 24 2016, 07:07
dereckson added a task: T695: Send a non JSON error to /gate/GitHub should fail sooner.
dereckson retitled this revision from to Reject requests without X-Hub-Signature when needed.
dereckson updated this object.
dereckson edited the test plan for this revision. (Show Details)
dereckson added a reviewer: dereckson.
alken-orin added a subscriber: alken-orin.Jan 24 2016, 07:07

Build started: https://ci.nasqueron.org/job/test-notifications-phab/49/ (console: https://ci.nasqueron.org/job/test-notifications-phab/49/console)

dereckson planned changes to this revision.Jan 24 2016, 07:08
dereckson added inline comments.
app/Http/Controllers/Gate/GitHubGateController.php
130

"signature is missing" or "no signature is included"

131

… perform any other validation

dereckson updated this revision to Diff 607.Jan 24 2016, 07:10
dereckson marked 2 inline comments as done.
dereckson edited edge metadata.

Improve code comment

dereckson accepted this revision.Jan 24 2016, 07:11
dereckson edited edge metadata.
This revision is now accepted and ready to land.Jan 24 2016, 07:11
alken-orin added a comment.Jan 24 2016, 07:11

Build has FAILED

Link to build: https://ci.nasqueron.org/job/test-notifications-phab/49/
See console output for more information: https://ci.nasqueron.org/job/test-notifications-phab/49/console

alken-orin added a comment.Jan 24 2016, 07:11

Build started: https://ci.nasqueron.org/job/test-notifications-phab/50/ (console: https://ci.nasqueron.org/job/test-notifications-phab/50/console)

alken-orin added a comment.Jan 24 2016, 07:14

Build has FAILED

Link to build: https://ci.nasqueron.org/job/test-notifications-phab/50/
See console output for more information: https://ci.nasqueron.org/job/test-notifications-phab/50/console

dereckson mentioned this in Q4: A PHP application source code has been updated, but all behaves like before. (Answer 4).EditedJan 24 2016, 07:45
In D260#4122, @alken-orin wrote:

Build has FAILED

Link to build: https://ci.nasqueron.org/job/test-notifications-phab/50/
See console output for more information: https://ci.nasqueron.org/job/test-notifications-phab/50/console

Some caching issue for tests, see Q4.

alken-orin added a comment.Jan 24 2016, 07:47

Build started: https://ci.nasqueron.org/job/test-notifications-phab/51/ (console: https://ci.nasqueron.org/job/test-notifications-phab/51/console)

alken-orin added a comment.Jan 24 2016, 07:51

Build is green https://ci.nasqueron.org/job/test-notifications-phab/51/ for more details.

Closed by commit rNOTIF47efed1d9a30: Reject requests without X-Hub-Signature when needed (authored by dereckson, committed by dereckson). · Explain WhyJan 24 2016, 07:52
This revision was automatically updated to reflect the committed changes.

Revision Contents
Changeset List

PathSize
app/
Http/
Controllers/
Gate/
7 lines

Diff 606

View Options

app/Http/Controllers/Gate/GitHubGateController.php

Loading...
Nasqueron DevCentral · If it had been much bigger the moon would have had a core of ice. · Powered by Phabricator