use the Gogs secret defined on the job, so it can be different for each job instead of all the same (now Jenkins can even find one without first manually load and save the configuration of one job

Author: willemvd

src/main/java/org/jenkinsci/plugins/gogs/GogsWebHook.java

@@ -24,40 +24,29 @@ associated documentation files (the "Software"), to deal in the Software without
 package org.jenkinsci.plugins.gogs;
 
 import hudson.Extension;
-import hudson.tasks.Builder;
-import hudson.model.Descriptor;
+import hudson.model.Job;
 import hudson.model.UnprotectedRootAction;
-
-import java.util.Map;
-import java.util.List;
-import java.util.LinkedList;
-import java.util.LinkedHashMap;
-
-import java.io.IOException;
-import java.net.URLDecoder;
-import java.util.logging.Level;
-import java.util.logging.Logger;
-import java.io.UnsupportedEncodingException;
-import javax.inject.Inject;
-import javax.servlet.ServletException;
-
-import net.sf.json.JSONObject;
-
 import jenkins.model.Jenkins;
-
+import net.sf.json.JSONObject;
 import org.apache.commons.io.IOUtils;
-import org.kohsuke.stapler.HttpResponse;
-import org.kohsuke.stapler.QueryParameter;
 import org.kohsuke.stapler.StaplerRequest;
 import org.kohsuke.stapler.StaplerResponse;
 
+import java.io.IOException;
+import java.io.UnsupportedEncodingException;
+import java.net.URLDecoder;
+import java.util.LinkedHashMap;
+import java.util.Map;
+import java.util.logging.Logger;
+
 /**
  * @author Alexander Verhaar
  */
 @Extension
 public class GogsWebHook implements UnprotectedRootAction {
  private final static Logger LOGGER = Logger.getLogger(GogsWebHook.class.getName());
  public static final String URLNAME = "gogs-webhook";
+ private static final String DEFAULT_CHARSET = "UTF-8";
  private Jenkins jenkins = Jenkins.getInstance();
  private StaplerResponse resp;
 
@@ -79,10 +68,9 @@ public String getUrlName() {
  * @param req request
  */
  public void doIndex(StaplerRequest req, StaplerResponse rsp) throws IOException {
- String url = null;
  GogsResults result = new GogsResults();
  GogsPayloadProcessor payloadProcessor = new GogsPayloadProcessor();
- GogsProjectProperty.DescriptorImpl projectProperty = jenkins.getDescriptorByType(GogsProjectProperty.DescriptorImpl.class);
+
  this.resp = rsp;
 
  // Get X-Gogs-Event
@@ -109,41 +97,48 @@ public void doIndex(StaplerRequest req, StaplerResponse rsp) throws IOException
  }
 
  // Get the POST stream
- String body = IOUtils.toString(req.getInputStream());
+ String body = IOUtils.toString(req.getInputStream(), DEFAULT_CHARSET);
  if ( !body.isEmpty() && req.getRequestURI().contains("/" + URLNAME + "/") ) {
  String contentType = req.getContentType();
  if (contentType != null && contentType.startsWith("application/x-www-form-urlencoded")) {
- body = URLDecoder.decode(body);
+ body = URLDecoder.decode(body, DEFAULT_CHARSET);
  }
  if (body.startsWith("payload=")) {
  body = body.substring(8);
  }
 
  JSONObject jsonObject = JSONObject.fromObject(body);
  String gSecret = jsonObject.getString("secret"); /* Secret provided by Gogs */
- String jSecret = projectProperty.getGogsSecret(); /* Secret provided by Jenkins */
- // JSONObject repo = jsonObject.getJSONObject("repository");
- // if (repo!=null) {
- // url = repo.getString("url");
- // }
-
- if ( gSecret!=null && !gSecret.isEmpty() ) {
- /* Gogs secret is set */
- if ( jSecret!=null && !jSecret.isEmpty()) {
- /* Jenkins secret is set */
- if ( !jSecret.equals(gSecret) ) {
- /* Gogs and Jenkins secrets differs */
- result.setStatus(403, "Incorrect secret");
- } else {
- /* Password is set in Jenkins and Gogs, and is correct */
- result = payloadProcessor.triggerJobs(jobName, gogsDelivery);
+
+ String jSecret = null;
+ /* secret is stored in the properties of Job */
+ boolean foundJob = false;
+ for (Job job : jenkins.getAllItems(Job.class)) {
+ foundJob = job.getName().equals(jobName);
+ if (foundJob) {
+ final GogsProjectProperty property = (GogsProjectProperty) job
+ .getProperty(GogsProjectProperty.class);
+ if (property != null) { /* only if Gogs secret is defined on the job */
+ jSecret = property.getGogsSecret(); /* Secret provided by Jenkins */
  }
- } else {
- result.setStatus(403, "Incorrect secret");
+  /* no need to go through all other jobs */
+ break;
  }
- } else {
- /* No password is set in Jenkins or Gogs, run without secrets */
+ }
+
+ if (!foundJob) {
+ String msg = String.format("Job '%s' is not defined in Jenkins", jobName);
+ result.setStatus(404, msg);
+ LOGGER.warning(msg);
+ } else if (isNullOrEmpty(jSecret) && isNullOrEmpty(gSecret)) {
+ /* No password is set in Jenkins and Gogs, run without secrets */
+ result = payloadProcessor.triggerJobs(jobName, gogsDelivery);
+ } else if (!isNullOrEmpty(jSecret) && jSecret.equals(gSecret)) {
+ /* Password is set in Jenkins and Gogs, and is correct */
  result = payloadProcessor.triggerJobs(jobName, gogsDelivery);
+ } else {
+ /* Gogs and Jenkins secrets differs */
+ result.setStatus(403, "Incorrect secret");
  }
  } else {
  result.setStatus(404, "No payload or URI contains invalid entries.");
@@ -155,7 +150,7 @@ public void doIndex(StaplerRequest req, StaplerResponse rsp) throws IOException
  /**
  * Exit the WebHook
  *
- * @param results GogsResults
+ * @param result GogsResults
  */
  private void exitWebHook(GogsResults result) throws IOException {
  if ( result.getStatus() != 200 ) {
@@ -180,12 +175,16 @@ private static Map<String, String> splitQuery(String qs) throws UnsupportedEncod
  final String[] pairs = qs.split("&");
  for (String pair : pairs) {
  final int idx = pair.indexOf("=");
- final String key = idx > 0 ? URLDecoder.decode(pair.substring(0, idx), "UTF-8") : pair;
- final String value = idx > 0 && pair.length() > idx + 1 ? URLDecoder.decode(pair.substring(idx + 1), "UTF-8") : null;
+ final String key = idx > 0 ? URLDecoder.decode(pair.substring(0, idx), DEFAULT_CHARSET) : pair;
+ final String value = idx > 0 && pair.length() > idx + 1 ? URLDecoder.decode(pair.substring(idx + 1), DEFAULT_CHARSET) : null;
  query_pairs.put(key,value);
  }
  return query_pairs;
  }
+
+ private boolean isNullOrEmpty(String s) {
+ return s == null || s.trim().isEmpty();
+ }
 }
 
 // vim: set ts=4 sw=4 tw=0 ft=java et :