diff --git a/.gitignore b/.gitignore index a024c5d..ee81ecc 100644 --- a/.gitignore +++ b/.gitignore @@ -14,5 +14,5 @@ .idea venv .DS_Store -hawk.collector +bin/hawk.collector .env \ No newline at end of file diff --git a/pkg/accounts/cache.go b/pkg/accounts/cache.go index 30e30aa..d366c25 100644 --- a/pkg/accounts/cache.go +++ b/pkg/accounts/cache.go @@ -2,6 +2,9 @@ package accounts import ( "context" + "encoding/base64" + "encoding/json" + "strings" "time" "go.mongodb.org/mongo-driver/bson/primitive" @@ -14,6 +17,11 @@ import ( const projectsCollectionName = "projects" const contextTimeout = 5 * time.Second +type acountToken struct { + IntegrationId string `json:"integrationId"` + Secret string `json:"secret"` +} + type accountProject struct { ProjectID primitive.ObjectID `bson:"_id"` Token string `bson:"token"` @@ -39,7 +47,12 @@ func (client *AccountsMongoDBClient) UpdateTokenCache() error { client.ValidTokens = make(map[string]string) for _, project := range projects { - client.ValidTokens[project.Token] = project.ProjectID.Hex() + integrationSecret, err := DecodeToken(project.Token) + if err == nil { + client.ValidTokens[integrationSecret] = project.ProjectID.Hex() + } else { + log.Errorf("Integration token %s is invalid: %s", project.Token, err) + } } log.Debugf("Cache for MongoDB tokens successfully updates with %d tokens", len(client.ValidTokens)) @@ -47,3 +60,20 @@ func (client *AccountsMongoDBClient) UpdateTokenCache() error { return nil } + +// decodeToken decodes token from base64 to integrationId + secret +func DecodeToken(token string) (string, error) { + decoded, err := base64.StdEncoding.DecodeString(token) + if err != nil { + return "", err + } + var data acountToken + err = json.Unmarshal(decoded, &data) + if err != nil { + return "", err + } + + integrationId := strings.ReplaceAll(data.IntegrationId, "-", "") + secret := strings.ReplaceAll(data.Secret, "-", "") + return integrationId + secret, nil +} diff --git a/pkg/server/errorshandler/handler.go b/pkg/server/errorshandler/handler.go index 4ab37f2..3976b9c 100644 --- a/pkg/server/errorshandler/handler.go +++ b/pkg/server/errorshandler/handler.go @@ -52,12 +52,18 @@ func (handler *Handler) process(body []byte) ResponseMessage { return ResponseMessage{400, true, "CatcherType is empty"} } - projectId, ok := handler.AccountsMongoDBClient.ValidTokens[message.Token] + integrationSecret, err := accounts.DecodeToken(string(message.Token)) + if err != nil { + log.Warnf("[release] Token decoding error: %s", err) + return ResponseMessage{400, true, "Token decoding error"} + } + + projectId, ok := handler.AccountsMongoDBClient.ValidTokens[integrationSecret] if !ok { - log.Debugf("Token %s is not in the accounts cache", message.Token) - return ResponseMessage{400, true, fmt.Sprintf("Integration token invalid: %s", message.Token)} + log.Debugf("Token %s is not in the accounts cache", integrationSecret) + return ResponseMessage{400, true, fmt.Sprintf("Integration token invalid: %s", integrationSecret)} } - log.Debugf("Found project with ID %s for integration token %s", projectId, message.Token) + log.Debugf("Found project with ID %s for integration token %s", projectId, integrationSecret) if handler.RedisClient.IsBlocked(projectId) { handler.ErrorsBlockedByLimit.Inc() diff --git a/pkg/server/errorshandler/handler_sentry.go b/pkg/server/errorshandler/handler_sentry.go index 90dbd4d..1e39878 100644 --- a/pkg/server/errorshandler/handler_sentry.go +++ b/pkg/server/errorshandler/handler_sentry.go @@ -9,7 +9,7 @@ import ( "github.com/valyala/fasthttp" ) -const SentryQueueName = "errors/sentry" +const SentryQueueName = "external/sentry" const CatcherType = "sentry" // HandleHTTP processes HTTP requests with JSON body diff --git a/pkg/server/releasehandler/handler_http.go b/pkg/server/releasehandler/handler_http.go index 23da571..7089773 100644 --- a/pkg/server/releasehandler/handler_http.go +++ b/pkg/server/releasehandler/handler_http.go @@ -4,6 +4,7 @@ import ( "encoding/json" "errors" + "github.com/codex-team/hawk.collector/pkg/accounts" "github.com/codex-team/hawk.collector/pkg/hawk" log "github.com/sirupsen/logrus" "github.com/valyala/fasthttp" @@ -39,8 +40,15 @@ func (handler *Handler) HandleHTTP(ctx *fasthttp.RequestCtx) { log.Debugf("[release] Multipart form with token: %s", token) + integrationSecret, err := accounts.DecodeToken(string(token)) + if err != nil { + log.Warnf("[release] Token decoding error: %s", err) + sendAnswerHTTP(ctx, ResponseMessage{400, true, "Token decoding error"}) + return + } + // process raw body via unified sourcemap handler - response := handler.process(form, string(token)) + response := handler.process(form, integrationSecret) log.Debugf("[release] Multipart form response: %s", response.Message) sendAnswerHTTP(ctx, response)