validate HMAC
This commit is contained in:
Divyansh Manchanda
Родитель
7994802c2e
Коммит
067050d2e9
65
main.go
65
main.go
|
|
@ -22,35 +22,44 @@ func main() {
|
|||
}
|
||||
|
||||
func AcquireAgentHandler(resp http.ResponseWriter, req *http.Request) {
|
||||
if(req.Method == "POST") {
|
||||
var agentRequest AgentRequest
|
||||
requestBody, _ := ioutil.ReadAll(req.Body)
|
||||
json.Unmarshal(requestBody, &agentRequest)
|
||||
// HTTP method should be POST and the HMAC header should be valid
|
||||
if (req.Method == "POST") {
|
||||
if (isRequestHmacValid(req)) {
|
||||
var agentRequest AgentRequest
|
||||
requestBody, _ := ioutil.ReadAll(req.Body)
|
||||
json.Unmarshal(requestBody, &agentRequest)
|
||||
|
||||
if(agentRequest.AgentId == "") {
|
||||
http.Error(resp, "No AgentId sent in request body.", http.StatusCreated)
|
||||
if(agentRequest.AgentId == "") {
|
||||
http.Error(resp, "No AgentId sent in request body.", http.StatusCreated)
|
||||
}
|
||||
|
||||
var pods = CreatePod(agentRequest.AgentId)
|
||||
writeJsonResponse(resp, pods)
|
||||
} else{
|
||||
http.Error(resp, "Endpoint can only be invoked with AzureDevOps with the correct Shared Signature.", http.StatusForbidden)
|
||||
}
|
||||
|
||||
var pods = CreatePod(agentRequest.AgentId)
|
||||
WriteJsonResponse(resp, pods)
|
||||
} else {
|
||||
http.Error(resp, "Invalid request Method.", http.StatusMethodNotAllowed)
|
||||
}
|
||||
}
|
||||
|
||||
func ReleaseAgentHandler(resp http.ResponseWriter, req *http.Request) {
|
||||
if(req.Method == "POST") {
|
||||
var agentRequest ReleaseAgentRequest
|
||||
requestBody, _ := ioutil.ReadAll(req.Body)
|
||||
json.Unmarshal(requestBody, &agentRequest)
|
||||
// HTTP method should be POST and the HMAC header should be valid
|
||||
if (req.Method == "POST") {
|
||||
if (isRequestHmacValid(req)) {
|
||||
var agentRequest ReleaseAgentRequest
|
||||
requestBody, _ := ioutil.ReadAll(req.Body)
|
||||
json.Unmarshal(requestBody, &agentRequest)
|
||||
|
||||
if(agentRequest.AgentId == "") {
|
||||
http.Error(resp, "No AgentId sent in request body.", http.StatusCreated)
|
||||
}
|
||||
if(agentRequest.AgentId == "") {
|
||||
http.Error(resp, "No AgentId sent in request body.", http.StatusCreated)
|
||||
}
|
||||
|
||||
var pods = DeletePodWithAgentId(agentRequest.AgentId)
|
||||
|
||||
WriteJsonResponse(resp, pods)
|
||||
var pods = DeletePodWithAgentId(agentRequest.AgentId)
|
||||
writeJsonResponse(resp, pods)
|
||||
} else {
|
||||
http.Error(resp, "Endpoint can only be invoked with AzureDevOps with the correct Shared Signature.", http.StatusForbidden)
|
||||
}
|
||||
} else {
|
||||
http.Error(resp, "Invalid request Method.", http.StatusMethodNotAllowed)
|
||||
}
|
||||
|
|
@ -58,12 +67,26 @@ func ReleaseAgentHandler(resp http.ResponseWriter, req *http.Request) {
|
|||
|
||||
func EmptyResponeHandler(resp http.ResponseWriter, req *http.Request) {
|
||||
var emptyResponse PodResponse
|
||||
WriteJsonResponse(resp, emptyResponse)
|
||||
writeJsonResponse(resp, emptyResponse)
|
||||
}
|
||||
|
||||
func WriteJsonResponse(resp http.ResponseWriter, podResponse PodResponse) {
|
||||
func writeJsonResponse(resp http.ResponseWriter, podResponse PodResponse) {
|
||||
jsonData, _ := json.Marshal(podResponse)
|
||||
resp.Header().Set("Content-Type", "application/json")
|
||||
resp.WriteHeader(http.StatusCreated)
|
||||
resp.Write(jsonData)
|
||||
}
|
||||
|
||||
func isRequestHmacValid(req *http.Request) bool {
|
||||
azureDevOpsHeader := "X-Azure-Signature"
|
||||
headerVal := req.Header.Get(azureDevOpsHeader)
|
||||
requestBody, _ := ioutil.ReadAll(req.Body)
|
||||
|
||||
// No header is specified
|
||||
if (headerVal == "") {
|
||||
return false
|
||||
}
|
||||
|
||||
// Compute HMAC for body and compare against the one sent by azure dev ops
|
||||
return ValidateHash(string(requestBody), headerVal)
|
||||
}
|
||||
Загрузка…
Ссылка в новой задаче