From c21ba5794231d9d35cc03b1e9e304f0d9e19a50f Mon Sep 17 00:00:00 2001 From: marko-bekhta Date: Wed, 23 Oct 2024 17:45:46 +0200 Subject: [PATCH] Add extra logging to signature filter check --- .../jira/service/validation/RequestSignatureFilter.java | 3 +++ 1 file changed, 3 insertions(+) diff --git a/src/main/java/org/hibernate/infra/replicate/jira/service/validation/RequestSignatureFilter.java b/src/main/java/org/hibernate/infra/replicate/jira/service/validation/RequestSignatureFilter.java index 896279e..349e4e3 100644 --- a/src/main/java/org/hibernate/infra/replicate/jira/service/validation/RequestSignatureFilter.java +++ b/src/main/java/org/hibernate/infra/replicate/jira/service/validation/RequestSignatureFilter.java @@ -21,6 +21,7 @@ import org.jboss.resteasy.reactive.server.ServerRequestFilter; import org.jboss.resteasy.reactive.server.WithFormRead; +import io.quarkus.logging.Log; import jakarta.enterprise.context.ApplicationScoped; import jakarta.inject.Inject; import jakarta.ws.rs.container.ContainerRequestContext; @@ -63,6 +64,7 @@ public Response checkSignature(ContainerRequestContext requestContext) throws IO String signature = requestContext.getHeaderString("x-hub-signature"); if (signature == null || !requestContext.hasEntity()) { + Log.warnf("Rejecting a web hook event because of the missing signature. Posted to %s", path); return Response.status(401).entity("Invalid request. Missing x-hub-signature header.").build(); } try (InputStream entityStream = requestContext.getEntityStream()) { @@ -70,6 +72,7 @@ public Response checkSignature(ContainerRequestContext requestContext) throws IO final String calculatedSignature = sign(mac, payload); if (!calculatedSignature.equals(signature)) { + Log.warnf("Rejecting a web hook event because of the signature mismatch. Posted to %s", path); return Response.status(401).entity("Signatures do not match.").build(); } requestContext.setEntityStream(new ByteArrayInputStream(payload));