From 8811076c91cf93858522f4521aa44718b1a37b5d Mon Sep 17 00:00:00 2001 From: n0str Date: Wed, 18 Dec 2024 17:07:17 +0300 Subject: [PATCH 1/3] Change catcher type --- pkg/server/errorshandler/handler_sentry.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkg/server/errorshandler/handler_sentry.go b/pkg/server/errorshandler/handler_sentry.go index 1e39878..7e05676 100644 --- a/pkg/server/errorshandler/handler_sentry.go +++ b/pkg/server/errorshandler/handler_sentry.go @@ -10,7 +10,7 @@ import ( ) const SentryQueueName = "external/sentry" -const CatcherType = "sentry" +const CatcherType = "external/sentry" // HandleHTTP processes HTTP requests with JSON body func (handler *Handler) HandleSentry(ctx *fasthttp.RequestCtx) { From e047330933d7e21829a77c444e583107b05d2bea Mon Sep 17 00:00:00 2001 From: n0str Date: Wed, 18 Dec 2024 20:57:26 +0300 Subject: [PATCH 2/3] support sentry_key provided by Query param --- pkg/server/errorshandler/handler_sentry.go | 18 ++++++++++++------ pkg/server/server.go | 7 +------ 2 files changed, 13 insertions(+), 12 deletions(-) diff --git a/pkg/server/errorshandler/handler_sentry.go b/pkg/server/errorshandler/handler_sentry.go index 7e05676..f3b6a5a 100644 --- a/pkg/server/errorshandler/handler_sentry.go +++ b/pkg/server/errorshandler/handler_sentry.go @@ -20,17 +20,23 @@ func (handler *Handler) HandleSentry(ctx *fasthttp.RequestCtx) { return } - // check that X-Sentry-Auth header is available - auth := ctx.Request.Header.Peek("X-Sentry-Auth") + var auth []byte + // parse incoming get request params + auth = ctx.QueryArgs().Peek("sentry_key") if auth == nil { - log.Warnf("Incoming request without X-Sentry-Auth header") - sendAnswerHTTP(ctx, ResponseMessage{Code: 400, Error: true, Message: "X-Sentry-Auth header is missing"}) - return + log.Warnf("Incoming request with deprecated sentry_key parameter") + // check that X-Sentry-Auth header is available + auth = ctx.Request.Header.Peek("X-Sentry-Auth") + if auth == nil { + log.Warnf("Incoming request without X-Sentry-Auth header") + sendAnswerHTTP(ctx, ResponseMessage{Code: 400, Error: true, Message: "X-Sentry-Auth header is missing"}) + return + } } hawkToken, err := getSentryKeyFromAuth(string(auth)) if err != nil { - log.Warnf("Incoming request with invalid X-Sentry-Auth header: %s", err) + log.Warnf("Incoming request with invalid X-Sentry-Auth header=%s: %s", auth, err) sendAnswerHTTP(ctx, ResponseMessage{Code: 400, Error: true, Message: err.Error()}) return } diff --git a/pkg/server/server.go b/pkg/server/server.go index 7bca183..dbf20fe 100644 --- a/pkg/server/server.go +++ b/pkg/server/server.go @@ -137,12 +137,7 @@ func (s *Server) handler(ctx *fasthttp.RequestCtx) { case "/release": s.ReleaseHandler.HandleHTTP(ctx) case "/api/0/envelope/": - auth := ctx.Request.Header.Peek("X-Sentry-Auth") - if auth != nil { - s.ErrorsHandler.HandleSentry(ctx) - } else { - ctx.Error("X-Sentry-Auth not found", fasthttp.StatusBadRequest) - } + s.ErrorsHandler.HandleSentry(ctx) default: ctx.Error("Not found", fasthttp.StatusNotFound) } From 61471d56bcea00f0b348d7b14b6da3d72880abb7 Mon Sep 17 00:00:00 2001 From: n0str Date: Wed, 18 Dec 2024 21:17:58 +0300 Subject: [PATCH 3/3] Support gzip optional decoding --- pkg/server/errorshandler/handler_sentry.go | 42 +++++++++++++--------- 1 file changed, 25 insertions(+), 17 deletions(-) diff --git a/pkg/server/errorshandler/handler_sentry.go b/pkg/server/errorshandler/handler_sentry.go index f3b6a5a..befdd77 100644 --- a/pkg/server/errorshandler/handler_sentry.go +++ b/pkg/server/errorshandler/handler_sentry.go @@ -20,38 +20,46 @@ func (handler *Handler) HandleSentry(ctx *fasthttp.RequestCtx) { return } - var auth []byte + var hawkToken string + var err error + // parse incoming get request params - auth = ctx.QueryArgs().Peek("sentry_key") - if auth == nil { + sentryKey := ctx.QueryArgs().Peek("sentry_key") + if sentryKey == nil { log.Warnf("Incoming request with deprecated sentry_key parameter") + // check that X-Sentry-Auth header is available - auth = ctx.Request.Header.Peek("X-Sentry-Auth") + auth := ctx.Request.Header.Peek("X-Sentry-Auth") if auth == nil { log.Warnf("Incoming request without X-Sentry-Auth header") sendAnswerHTTP(ctx, ResponseMessage{Code: 400, Error: true, Message: "X-Sentry-Auth header is missing"}) return } - } - hawkToken, err := getSentryKeyFromAuth(string(auth)) - if err != nil { - log.Warnf("Incoming request with invalid X-Sentry-Auth header=%s: %s", auth, err) - sendAnswerHTTP(ctx, ResponseMessage{Code: 400, Error: true, Message: err.Error()}) - return + hawkToken, err = getSentryKeyFromAuth(string(auth)) + if err != nil { + log.Warnf("Incoming request with invalid X-Sentry-Auth header=%s: %s", auth, err) + sendAnswerHTTP(ctx, ResponseMessage{Code: 400, Error: true, Message: err.Error()}) + return + } + } else { + hawkToken = string(sentryKey) } log.Debugf("Incoming request with hawk integration token: %s", hawkToken) - body := ctx.PostBody() + sentryEnvelopeBody := ctx.PostBody() - sentryEnvelopeBody, err := decompressGzipString(body) - if err != nil { - log.Warnf("Failed to decompress gzip body: %s", err) - sendAnswerHTTP(ctx, ResponseMessage{Code: 400, Error: true, Message: "Failed to decompress gzip body"}) - return + // todo: add check of gzip header + if sentryKey == nil { + sentryEnvelopeBody, err = decompressGzipString(sentryEnvelopeBody) + if err != nil { + log.Warnf("Failed to decompress gzip body: %s", err) + sendAnswerHTTP(ctx, ResponseMessage{Code: 400, Error: true, Message: "Failed to decompress gzip body"}) + return + } + log.Debugf("Decompressed body: %s", sentryEnvelopeBody) } - log.Debugf("Decompressed body: %s", sentryEnvelopeBody) projectId, ok := handler.AccountsMongoDBClient.ValidTokens[hawkToken] if !ok {