aboutsummaryrefslogtreecommitdiff
path: root/src/main/java/com
diff options
context:
space:
mode:
Diffstat (limited to 'src/main/java/com')
-rw-r--r--src/main/java/com/juick/config/SecurityConfig.java2
-rw-r--r--src/main/java/com/juick/www/api/webhooks/PatreonWebhook.java55
2 files changed, 56 insertions, 1 deletions
diff --git a/src/main/java/com/juick/config/SecurityConfig.java b/src/main/java/com/juick/config/SecurityConfig.java
index 70dc19fa..a8f54cfd 100644
--- a/src/main/java/com/juick/config/SecurityConfig.java
+++ b/src/main/java/com/juick/config/SecurityConfig.java
@@ -200,7 +200,7 @@ public class SecurityConfig {
"/api/swagger-ui/**",
"/api/messages/discussions",
"/api/users", "/api/thread", "/api/tags",
- "/api/tlgmbtwbhk", "/api/fbwbhk",
+ "/api/tlgmbtwbhk", "/api/fbwbhk", "/api/_patreon",
"/api/skypebotendpoint", "/api/_fblogin",
"/api/_vklogin", "/api/_tglogin",
"/api/_google", "/api/_applelogin", "/api/signup",
diff --git a/src/main/java/com/juick/www/api/webhooks/PatreonWebhook.java b/src/main/java/com/juick/www/api/webhooks/PatreonWebhook.java
new file mode 100644
index 00000000..c961dec9
--- /dev/null
+++ b/src/main/java/com/juick/www/api/webhooks/PatreonWebhook.java
@@ -0,0 +1,55 @@
+/*
+ * Copyright (C) 2008-2023, Juick
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program. If not, see <http://www.gnu.org/licenses/>.
+ */
+
+package com.juick.www.api.webhooks;
+
+import com.juick.util.HttpForbiddenException;
+import org.apache.commons.codec.digest.HmacUtils;
+import org.apache.commons.io.IOUtils;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.http.HttpStatus;
+import org.springframework.web.bind.annotation.PostMapping;
+import org.springframework.web.bind.annotation.RequestHeader;
+import org.springframework.web.bind.annotation.ResponseStatus;
+import org.springframework.web.bind.annotation.RestController;
+
+import java.io.InputStream;
+import java.nio.charset.StandardCharsets;
+
+@RestController
+public class PatreonWebhook {
+ private static final Logger logger = LoggerFactory.getLogger("Patreon");
+ @Value("${patreon_secret:}")
+ private String secretKey;
+
+ @PostMapping(value = "/api/_patreon")
+ @ResponseStatus(value = HttpStatus.OK)
+ public void processUpdate(
+ @RequestHeader(name = "X-Patreon-Event") String event,
+ @RequestHeader(name = "X-Patreon-Signature") String signature,
+ InputStream body) throws Exception {
+ String data = IOUtils.toString(body, StandardCharsets.UTF_8);
+ var actualSignature = HmacUtils.hmacMd5Hex(secretKey, data);
+ logger.info("Event: {}, signature: {}, actual: {}", event, signature, actualSignature);
+ if (!actualSignature.equals(signature)) {
+ throw new HttpForbiddenException();
+ }
+ logger.info("Data: " + data);
+ }
+}