diff options
Diffstat (limited to 'src/main/java/com')
-rw-r--r-- | src/main/java/com/juick/config/SecurityConfig.java | 2 | ||||
-rw-r--r-- | src/main/java/com/juick/www/api/webhooks/PatreonWebhook.java | 55 |
2 files changed, 56 insertions, 1 deletions
diff --git a/src/main/java/com/juick/config/SecurityConfig.java b/src/main/java/com/juick/config/SecurityConfig.java index 70dc19fa..a8f54cfd 100644 --- a/src/main/java/com/juick/config/SecurityConfig.java +++ b/src/main/java/com/juick/config/SecurityConfig.java @@ -200,7 +200,7 @@ public class SecurityConfig { "/api/swagger-ui/**", "/api/messages/discussions", "/api/users", "/api/thread", "/api/tags", - "/api/tlgmbtwbhk", "/api/fbwbhk", + "/api/tlgmbtwbhk", "/api/fbwbhk", "/api/_patreon", "/api/skypebotendpoint", "/api/_fblogin", "/api/_vklogin", "/api/_tglogin", "/api/_google", "/api/_applelogin", "/api/signup", diff --git a/src/main/java/com/juick/www/api/webhooks/PatreonWebhook.java b/src/main/java/com/juick/www/api/webhooks/PatreonWebhook.java new file mode 100644 index 00000000..c961dec9 --- /dev/null +++ b/src/main/java/com/juick/www/api/webhooks/PatreonWebhook.java @@ -0,0 +1,55 @@ +/* + * Copyright (C) 2008-2023, Juick + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as + * published by the Free Software Foundation, either version 3 of the + * License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see <http://www.gnu.org/licenses/>. + */ + +package com.juick.www.api.webhooks; + +import com.juick.util.HttpForbiddenException; +import org.apache.commons.codec.digest.HmacUtils; +import org.apache.commons.io.IOUtils; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; +import org.springframework.beans.factory.annotation.Value; +import org.springframework.http.HttpStatus; +import org.springframework.web.bind.annotation.PostMapping; +import org.springframework.web.bind.annotation.RequestHeader; +import org.springframework.web.bind.annotation.ResponseStatus; +import org.springframework.web.bind.annotation.RestController; + +import java.io.InputStream; +import java.nio.charset.StandardCharsets; + +@RestController +public class PatreonWebhook { + private static final Logger logger = LoggerFactory.getLogger("Patreon"); + @Value("${patreon_secret:}") + private String secretKey; + + @PostMapping(value = "/api/_patreon") + @ResponseStatus(value = HttpStatus.OK) + public void processUpdate( + @RequestHeader(name = "X-Patreon-Event") String event, + @RequestHeader(name = "X-Patreon-Signature") String signature, + InputStream body) throws Exception { + String data = IOUtils.toString(body, StandardCharsets.UTF_8); + var actualSignature = HmacUtils.hmacMd5Hex(secretKey, data); + logger.info("Event: {}, signature: {}, actual: {}", event, signature, actualSignature); + if (!actualSignature.equals(signature)) { + throw new HttpForbiddenException(); + } + logger.info("Data: " + data); + } +} |