1
0

webhook.go 21 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709710711712713714715716717718719720721722723724725726727728729730731732733734735736737738739740741742743744745746747748749750751752753754755756757758759760761762763764765766767768769770771772773774775776777778779780781782783784785786787788789790791792793794795796797798799800801802803804805806807808809810811812813814815816817818819820821822823824825826827
  1. // Copyright 2014 The Gogs Authors. All rights reserved.
  2. // Use of this source code is governed by a MIT-style
  3. // license that can be found in the LICENSE file.
  4. package database
  5. import (
  6. "crypto/hmac"
  7. "crypto/sha256"
  8. "crypto/tls"
  9. "encoding/hex"
  10. "fmt"
  11. "io"
  12. "net/url"
  13. "strings"
  14. "time"
  15. jsoniter "github.com/json-iterator/go"
  16. gouuid "github.com/satori/go.uuid"
  17. log "unknwon.dev/clog/v2"
  18. "xorm.io/xorm"
  19. api "github.com/gogs/go-gogs-client"
  20. "gogs.io/gogs/internal/conf"
  21. "gogs.io/gogs/internal/errutil"
  22. "gogs.io/gogs/internal/httplib"
  23. "gogs.io/gogs/internal/netutil"
  24. "gogs.io/gogs/internal/sync"
  25. "gogs.io/gogs/internal/testutil"
  26. )
  27. var HookQueue = sync.NewUniqueQueue(1000)
  28. type HookContentType int
  29. const (
  30. JSON HookContentType = iota + 1
  31. FORM
  32. )
  33. var hookContentTypes = map[string]HookContentType{
  34. "json": JSON,
  35. "form": FORM,
  36. }
  37. // ToHookContentType returns HookContentType by given name.
  38. func ToHookContentType(name string) HookContentType {
  39. return hookContentTypes[name]
  40. }
  41. func (t HookContentType) Name() string {
  42. switch t {
  43. case JSON:
  44. return "json"
  45. case FORM:
  46. return "form"
  47. }
  48. return ""
  49. }
  50. // IsValidHookContentType returns true if given name is a valid hook content type.
  51. func IsValidHookContentType(name string) bool {
  52. _, ok := hookContentTypes[name]
  53. return ok
  54. }
  55. type HookEvents struct {
  56. Create bool `json:"create"`
  57. Delete bool `json:"delete"`
  58. Fork bool `json:"fork"`
  59. Push bool `json:"push"`
  60. Issues bool `json:"issues"`
  61. PullRequest bool `json:"pull_request"`
  62. IssueComment bool `json:"issue_comment"`
  63. Release bool `json:"release"`
  64. }
  65. // HookEvent represents events that will delivery hook.
  66. type HookEvent struct {
  67. PushOnly bool `json:"push_only"`
  68. SendEverything bool `json:"send_everything"`
  69. ChooseEvents bool `json:"choose_events"`
  70. HookEvents `json:"events"`
  71. }
  72. type HookStatus int
  73. const (
  74. HOOK_STATUS_NONE = iota
  75. HOOK_STATUS_SUCCEED
  76. HOOK_STATUS_FAILED
  77. )
  78. // Webhook represents a web hook object.
  79. type Webhook struct {
  80. ID int64
  81. RepoID int64
  82. OrgID int64
  83. URL string `xorm:"url TEXT"`
  84. ContentType HookContentType
  85. Secret string `xorm:"TEXT"`
  86. Events string `xorm:"TEXT"`
  87. *HookEvent `xorm:"-"` // LEGACY [1.0]: Cannot ignore JSON (i.e. json:"-") here, it breaks old backup archive
  88. IsSSL bool `xorm:"is_ssl"`
  89. IsActive bool
  90. HookTaskType HookTaskType
  91. Meta string `xorm:"TEXT"` // store hook-specific attributes
  92. LastStatus HookStatus // Last delivery status
  93. Created time.Time `xorm:"-" json:"-" gorm:"-"`
  94. CreatedUnix int64
  95. Updated time.Time `xorm:"-" json:"-" gorm:"-"`
  96. UpdatedUnix int64
  97. }
  98. func (w *Webhook) BeforeInsert() {
  99. w.CreatedUnix = time.Now().Unix()
  100. w.UpdatedUnix = w.CreatedUnix
  101. }
  102. func (w *Webhook) BeforeUpdate() {
  103. w.UpdatedUnix = time.Now().Unix()
  104. }
  105. func (w *Webhook) AfterSet(colName string, _ xorm.Cell) {
  106. var err error
  107. switch colName {
  108. case "events":
  109. w.HookEvent = &HookEvent{}
  110. if err = jsoniter.Unmarshal([]byte(w.Events), w.HookEvent); err != nil {
  111. log.Error("Unmarshal [%d]: %v", w.ID, err)
  112. }
  113. case "created_unix":
  114. w.Created = time.Unix(w.CreatedUnix, 0).Local()
  115. case "updated_unix":
  116. w.Updated = time.Unix(w.UpdatedUnix, 0).Local()
  117. }
  118. }
  119. func (w *Webhook) SlackMeta() *SlackMeta {
  120. s := &SlackMeta{}
  121. if err := jsoniter.Unmarshal([]byte(w.Meta), s); err != nil {
  122. log.Error("Failed to get Slack meta [webhook_id: %d]: %v", w.ID, err)
  123. }
  124. return s
  125. }
  126. // History returns history of webhook by given conditions.
  127. func (w *Webhook) History(page int) ([]*HookTask, error) {
  128. return HookTasks(w.ID, page)
  129. }
  130. // UpdateEvent handles conversion from HookEvent to Events.
  131. func (w *Webhook) UpdateEvent() error {
  132. data, err := jsoniter.Marshal(w.HookEvent)
  133. w.Events = string(data)
  134. return err
  135. }
  136. // HasCreateEvent returns true if hook enabled create event.
  137. func (w *Webhook) HasCreateEvent() bool {
  138. return w.SendEverything ||
  139. (w.ChooseEvents && w.HookEvents.Create)
  140. }
  141. // HasDeleteEvent returns true if hook enabled delete event.
  142. func (w *Webhook) HasDeleteEvent() bool {
  143. return w.SendEverything ||
  144. (w.ChooseEvents && w.HookEvents.Delete)
  145. }
  146. // HasForkEvent returns true if hook enabled fork event.
  147. func (w *Webhook) HasForkEvent() bool {
  148. return w.SendEverything ||
  149. (w.ChooseEvents && w.HookEvents.Fork)
  150. }
  151. // HasPushEvent returns true if hook enabled push event.
  152. func (w *Webhook) HasPushEvent() bool {
  153. return w.PushOnly || w.SendEverything ||
  154. (w.ChooseEvents && w.HookEvents.Push)
  155. }
  156. // HasIssuesEvent returns true if hook enabled issues event.
  157. func (w *Webhook) HasIssuesEvent() bool {
  158. return w.SendEverything ||
  159. (w.ChooseEvents && w.HookEvents.Issues)
  160. }
  161. // HasPullRequestEvent returns true if hook enabled pull request event.
  162. func (w *Webhook) HasPullRequestEvent() bool {
  163. return w.SendEverything ||
  164. (w.ChooseEvents && w.HookEvents.PullRequest)
  165. }
  166. // HasIssueCommentEvent returns true if hook enabled issue comment event.
  167. func (w *Webhook) HasIssueCommentEvent() bool {
  168. return w.SendEverything ||
  169. (w.ChooseEvents && w.HookEvents.IssueComment)
  170. }
  171. // HasReleaseEvent returns true if hook enabled release event.
  172. func (w *Webhook) HasReleaseEvent() bool {
  173. return w.SendEverything ||
  174. (w.ChooseEvents && w.HookEvents.Release)
  175. }
  176. type eventChecker struct {
  177. checker func() bool
  178. typ HookEventType
  179. }
  180. func (w *Webhook) EventsArray() []string {
  181. events := make([]string, 0, 8)
  182. eventCheckers := []eventChecker{
  183. {w.HasCreateEvent, HOOK_EVENT_CREATE},
  184. {w.HasDeleteEvent, HOOK_EVENT_DELETE},
  185. {w.HasForkEvent, HOOK_EVENT_FORK},
  186. {w.HasPushEvent, HOOK_EVENT_PUSH},
  187. {w.HasIssuesEvent, HOOK_EVENT_ISSUES},
  188. {w.HasPullRequestEvent, HOOK_EVENT_PULL_REQUEST},
  189. {w.HasIssueCommentEvent, HOOK_EVENT_ISSUE_COMMENT},
  190. {w.HasReleaseEvent, HOOK_EVENT_RELEASE},
  191. }
  192. for _, c := range eventCheckers {
  193. if c.checker() {
  194. events = append(events, string(c.typ))
  195. }
  196. }
  197. return events
  198. }
  199. // CreateWebhook creates a new web hook.
  200. func CreateWebhook(w *Webhook) error {
  201. _, err := x.Insert(w)
  202. return err
  203. }
  204. var _ errutil.NotFound = (*ErrWebhookNotExist)(nil)
  205. type ErrWebhookNotExist struct {
  206. args map[string]any
  207. }
  208. func IsErrWebhookNotExist(err error) bool {
  209. _, ok := err.(ErrWebhookNotExist)
  210. return ok
  211. }
  212. func (err ErrWebhookNotExist) Error() string {
  213. return fmt.Sprintf("webhook does not exist: %v", err.args)
  214. }
  215. func (ErrWebhookNotExist) NotFound() bool {
  216. return true
  217. }
  218. // getWebhook uses argument bean as query condition,
  219. // ID must be specified and do not assign unnecessary fields.
  220. func getWebhook(bean *Webhook) (*Webhook, error) {
  221. has, err := x.Get(bean)
  222. if err != nil {
  223. return nil, err
  224. } else if !has {
  225. return nil, ErrWebhookNotExist{args: map[string]any{"webhookID": bean.ID}}
  226. }
  227. return bean, nil
  228. }
  229. // GetWebhookByID returns webhook by given ID.
  230. // Use this function with caution of accessing unauthorized webhook,
  231. // which means should only be used in non-user interactive functions.
  232. func GetWebhookByID(id int64) (*Webhook, error) {
  233. return getWebhook(&Webhook{
  234. ID: id,
  235. })
  236. }
  237. // GetWebhookOfRepoByID returns webhook of repository by given ID.
  238. func GetWebhookOfRepoByID(repoID, id int64) (*Webhook, error) {
  239. return getWebhook(&Webhook{
  240. ID: id,
  241. RepoID: repoID,
  242. })
  243. }
  244. // GetWebhookByOrgID returns webhook of organization by given ID.
  245. func GetWebhookByOrgID(orgID, id int64) (*Webhook, error) {
  246. return getWebhook(&Webhook{
  247. ID: id,
  248. OrgID: orgID,
  249. })
  250. }
  251. // getActiveWebhooksByRepoID returns all active webhooks of repository.
  252. func getActiveWebhooksByRepoID(e Engine, repoID int64) ([]*Webhook, error) {
  253. webhooks := make([]*Webhook, 0, 5)
  254. return webhooks, e.Where("repo_id = ?", repoID).And("is_active = ?", true).Find(&webhooks)
  255. }
  256. // GetWebhooksByRepoID returns all webhooks of a repository.
  257. func GetWebhooksByRepoID(repoID int64) ([]*Webhook, error) {
  258. webhooks := make([]*Webhook, 0, 5)
  259. return webhooks, x.Find(&webhooks, &Webhook{RepoID: repoID})
  260. }
  261. // UpdateWebhook updates information of webhook.
  262. func UpdateWebhook(w *Webhook) error {
  263. _, err := x.Id(w.ID).AllCols().Update(w)
  264. return err
  265. }
  266. // deleteWebhook uses argument bean as query condition,
  267. // ID must be specified and do not assign unnecessary fields.
  268. func deleteWebhook(bean *Webhook) (err error) {
  269. sess := x.NewSession()
  270. defer sess.Close()
  271. if err = sess.Begin(); err != nil {
  272. return err
  273. }
  274. if _, err = sess.Delete(bean); err != nil {
  275. return err
  276. } else if _, err = sess.Delete(&HookTask{HookID: bean.ID}); err != nil {
  277. return err
  278. }
  279. return sess.Commit()
  280. }
  281. // DeleteWebhookOfRepoByID deletes webhook of repository by given ID.
  282. func DeleteWebhookOfRepoByID(repoID, id int64) error {
  283. return deleteWebhook(&Webhook{
  284. ID: id,
  285. RepoID: repoID,
  286. })
  287. }
  288. // DeleteWebhookOfOrgByID deletes webhook of organization by given ID.
  289. func DeleteWebhookOfOrgByID(orgID, id int64) error {
  290. return deleteWebhook(&Webhook{
  291. ID: id,
  292. OrgID: orgID,
  293. })
  294. }
  295. // GetWebhooksByOrgID returns all webhooks for an organization.
  296. func GetWebhooksByOrgID(orgID int64) (ws []*Webhook, err error) {
  297. err = x.Find(&ws, &Webhook{OrgID: orgID})
  298. return ws, err
  299. }
  300. // getActiveWebhooksByOrgID returns all active webhooks for an organization.
  301. func getActiveWebhooksByOrgID(e Engine, orgID int64) ([]*Webhook, error) {
  302. ws := make([]*Webhook, 0, 3)
  303. return ws, e.Where("org_id=?", orgID).And("is_active=?", true).Find(&ws)
  304. }
  305. // ___ ___ __ ___________ __
  306. // / | \ ____ ____ | | _\__ ___/____ _____| | __
  307. // / ~ \/ _ \ / _ \| |/ / | | \__ \ / ___/ |/ /
  308. // \ Y ( <_> | <_> ) < | | / __ \_\___ \| <
  309. // \___|_ / \____/ \____/|__|_ \ |____| (____ /____ >__|_ \
  310. // \/ \/ \/ \/ \/
  311. type HookTaskType int
  312. const (
  313. GOGS HookTaskType = iota + 1
  314. SLACK
  315. DISCORD
  316. DINGTALK
  317. )
  318. var hookTaskTypes = map[string]HookTaskType{
  319. "gogs": GOGS,
  320. "slack": SLACK,
  321. "discord": DISCORD,
  322. "dingtalk": DINGTALK,
  323. }
  324. // ToHookTaskType returns HookTaskType by given name.
  325. func ToHookTaskType(name string) HookTaskType {
  326. return hookTaskTypes[name]
  327. }
  328. func (t HookTaskType) Name() string {
  329. switch t {
  330. case GOGS:
  331. return "gogs"
  332. case SLACK:
  333. return "slack"
  334. case DISCORD:
  335. return "discord"
  336. case DINGTALK:
  337. return "dingtalk"
  338. }
  339. return ""
  340. }
  341. // IsValidHookTaskType returns true if given name is a valid hook task type.
  342. func IsValidHookTaskType(name string) bool {
  343. _, ok := hookTaskTypes[name]
  344. return ok
  345. }
  346. type HookEventType string
  347. const (
  348. HOOK_EVENT_CREATE HookEventType = "create"
  349. HOOK_EVENT_DELETE HookEventType = "delete"
  350. HOOK_EVENT_FORK HookEventType = "fork"
  351. HOOK_EVENT_PUSH HookEventType = "push"
  352. HOOK_EVENT_ISSUES HookEventType = "issues"
  353. HOOK_EVENT_PULL_REQUEST HookEventType = "pull_request"
  354. HOOK_EVENT_ISSUE_COMMENT HookEventType = "issue_comment"
  355. HOOK_EVENT_RELEASE HookEventType = "release"
  356. )
  357. // HookRequest represents hook task request information.
  358. type HookRequest struct {
  359. Headers map[string]string `json:"headers"`
  360. }
  361. // HookResponse represents hook task response information.
  362. type HookResponse struct {
  363. Status int `json:"status"`
  364. Headers map[string]string `json:"headers"`
  365. Body string `json:"body"`
  366. }
  367. // HookTask represents a hook task.
  368. type HookTask struct {
  369. ID int64
  370. RepoID int64 `xorm:"INDEX"`
  371. HookID int64
  372. UUID string
  373. Type HookTaskType
  374. URL string `xorm:"TEXT"`
  375. Signature string `xorm:"TEXT"`
  376. api.Payloader `xorm:"-" json:"-" gorm:"-"`
  377. PayloadContent string `xorm:"TEXT"`
  378. ContentType HookContentType
  379. EventType HookEventType
  380. IsSSL bool
  381. IsDelivered bool
  382. Delivered int64
  383. DeliveredString string `xorm:"-" json:"-" gorm:"-"`
  384. // History info.
  385. IsSucceed bool
  386. RequestContent string `xorm:"TEXT"`
  387. RequestInfo *HookRequest `xorm:"-" json:"-" gorm:"-"`
  388. ResponseContent string `xorm:"TEXT"`
  389. ResponseInfo *HookResponse `xorm:"-" json:"-" gorm:"-"`
  390. }
  391. func (t *HookTask) BeforeUpdate() {
  392. if t.RequestInfo != nil {
  393. t.RequestContent = t.ToJSON(t.RequestInfo)
  394. }
  395. if t.ResponseInfo != nil {
  396. t.ResponseContent = t.ToJSON(t.ResponseInfo)
  397. }
  398. }
  399. func (t *HookTask) AfterSet(colName string, _ xorm.Cell) {
  400. var err error
  401. switch colName {
  402. case "delivered":
  403. t.DeliveredString = time.Unix(0, t.Delivered).Format("2006-01-02 15:04:05 MST")
  404. case "request_content":
  405. if t.RequestContent == "" {
  406. return
  407. }
  408. t.RequestInfo = &HookRequest{}
  409. if err = jsoniter.Unmarshal([]byte(t.RequestContent), t.RequestInfo); err != nil {
  410. log.Error("Unmarshal[%d]: %v", t.ID, err)
  411. }
  412. case "response_content":
  413. if t.ResponseContent == "" {
  414. return
  415. }
  416. t.ResponseInfo = &HookResponse{}
  417. if err = jsoniter.Unmarshal([]byte(t.ResponseContent), t.ResponseInfo); err != nil {
  418. log.Error("Unmarshal [%d]: %v", t.ID, err)
  419. }
  420. }
  421. }
  422. func (t *HookTask) ToJSON(v any) string {
  423. p, err := jsoniter.Marshal(v)
  424. if err != nil {
  425. log.Error("Marshal [%d]: %v", t.ID, err)
  426. }
  427. return string(p)
  428. }
  429. // HookTasks returns a list of hook tasks by given conditions.
  430. func HookTasks(hookID int64, page int) ([]*HookTask, error) {
  431. tasks := make([]*HookTask, 0, conf.Webhook.PagingNum)
  432. return tasks, x.Limit(conf.Webhook.PagingNum, (page-1)*conf.Webhook.PagingNum).Where("hook_id=?", hookID).Desc("id").Find(&tasks)
  433. }
  434. // createHookTask creates a new hook task,
  435. // it handles conversion from Payload to PayloadContent.
  436. func createHookTask(e Engine, t *HookTask) error {
  437. data, err := t.Payloader.JSONPayload()
  438. if err != nil {
  439. return err
  440. }
  441. t.UUID = gouuid.NewV4().String()
  442. t.PayloadContent = string(data)
  443. _, err = e.Insert(t)
  444. return err
  445. }
  446. var _ errutil.NotFound = (*ErrHookTaskNotExist)(nil)
  447. type ErrHookTaskNotExist struct {
  448. args map[string]any
  449. }
  450. func IsHookTaskNotExist(err error) bool {
  451. _, ok := err.(ErrHookTaskNotExist)
  452. return ok
  453. }
  454. func (err ErrHookTaskNotExist) Error() string {
  455. return fmt.Sprintf("hook task does not exist: %v", err.args)
  456. }
  457. func (ErrHookTaskNotExist) NotFound() bool {
  458. return true
  459. }
  460. // GetHookTaskOfWebhookByUUID returns hook task of given webhook by UUID.
  461. func GetHookTaskOfWebhookByUUID(webhookID int64, uuid string) (*HookTask, error) {
  462. hookTask := &HookTask{
  463. HookID: webhookID,
  464. UUID: uuid,
  465. }
  466. has, err := x.Get(hookTask)
  467. if err != nil {
  468. return nil, err
  469. } else if !has {
  470. return nil, ErrHookTaskNotExist{args: map[string]any{"webhookID": webhookID, "uuid": uuid}}
  471. }
  472. return hookTask, nil
  473. }
  474. // UpdateHookTask updates information of hook task.
  475. func UpdateHookTask(t *HookTask) error {
  476. _, err := x.Id(t.ID).AllCols().Update(t)
  477. return err
  478. }
  479. // prepareHookTasks adds list of webhooks to task queue.
  480. func prepareHookTasks(e Engine, repo *Repository, event HookEventType, p api.Payloader, webhooks []*Webhook) (err error) {
  481. if len(webhooks) == 0 {
  482. return nil
  483. }
  484. var payloader api.Payloader
  485. for _, w := range webhooks {
  486. switch event {
  487. case HOOK_EVENT_CREATE:
  488. if !w.HasCreateEvent() {
  489. continue
  490. }
  491. case HOOK_EVENT_DELETE:
  492. if !w.HasDeleteEvent() {
  493. continue
  494. }
  495. case HOOK_EVENT_FORK:
  496. if !w.HasForkEvent() {
  497. continue
  498. }
  499. case HOOK_EVENT_PUSH:
  500. if !w.HasPushEvent() {
  501. continue
  502. }
  503. case HOOK_EVENT_ISSUES:
  504. if !w.HasIssuesEvent() {
  505. continue
  506. }
  507. case HOOK_EVENT_PULL_REQUEST:
  508. if !w.HasPullRequestEvent() {
  509. continue
  510. }
  511. case HOOK_EVENT_ISSUE_COMMENT:
  512. if !w.HasIssueCommentEvent() {
  513. continue
  514. }
  515. case HOOK_EVENT_RELEASE:
  516. if !w.HasReleaseEvent() {
  517. continue
  518. }
  519. }
  520. // Use separate objects so modifications won't be made on payload on non-Gogs type hooks.
  521. switch w.HookTaskType {
  522. case SLACK:
  523. payloader, err = GetSlackPayload(p, event, w.Meta)
  524. if err != nil {
  525. return fmt.Errorf("GetSlackPayload: %v", err)
  526. }
  527. case DISCORD:
  528. payloader, err = GetDiscordPayload(p, event, w.Meta)
  529. if err != nil {
  530. return fmt.Errorf("GetDiscordPayload: %v", err)
  531. }
  532. case DINGTALK:
  533. payloader, err = GetDingtalkPayload(p, event)
  534. if err != nil {
  535. return fmt.Errorf("GetDingtalkPayload: %v", err)
  536. }
  537. default:
  538. payloader = p
  539. }
  540. var signature string
  541. if len(w.Secret) > 0 {
  542. data, err := payloader.JSONPayload()
  543. if err != nil {
  544. log.Error("prepareWebhooks.JSONPayload: %v", err)
  545. }
  546. sig := hmac.New(sha256.New, []byte(w.Secret))
  547. _, _ = sig.Write(data)
  548. signature = hex.EncodeToString(sig.Sum(nil))
  549. }
  550. if err = createHookTask(e, &HookTask{
  551. RepoID: repo.ID,
  552. HookID: w.ID,
  553. Type: w.HookTaskType,
  554. URL: w.URL,
  555. Signature: signature,
  556. Payloader: payloader,
  557. ContentType: w.ContentType,
  558. EventType: event,
  559. IsSSL: w.IsSSL,
  560. }); err != nil {
  561. return fmt.Errorf("createHookTask: %v", err)
  562. }
  563. }
  564. // It's safe to fail when the whole function is called during hook execution
  565. // because resource released after exit. Also, there is no process started to
  566. // consume this input during hook execution.
  567. go HookQueue.Add(repo.ID)
  568. return nil
  569. }
  570. func prepareWebhooks(e Engine, repo *Repository, event HookEventType, p api.Payloader) error {
  571. webhooks, err := getActiveWebhooksByRepoID(e, repo.ID)
  572. if err != nil {
  573. return fmt.Errorf("getActiveWebhooksByRepoID [%d]: %v", repo.ID, err)
  574. }
  575. // check if repo belongs to org and append additional webhooks
  576. if repo.mustOwner(e).IsOrganization() {
  577. // get hooks for org
  578. orgws, err := getActiveWebhooksByOrgID(e, repo.OwnerID)
  579. if err != nil {
  580. return fmt.Errorf("getActiveWebhooksByOrgID [%d]: %v", repo.OwnerID, err)
  581. }
  582. webhooks = append(webhooks, orgws...)
  583. }
  584. return prepareHookTasks(e, repo, event, p, webhooks)
  585. }
  586. // PrepareWebhooks adds all active webhooks to task queue.
  587. func PrepareWebhooks(repo *Repository, event HookEventType, p api.Payloader) error {
  588. // NOTE: To prevent too many cascading changes in a single refactoring PR, we
  589. // choose to ignore this function in tests.
  590. if x == nil && testutil.InTest {
  591. return nil
  592. }
  593. return prepareWebhooks(x, repo, event, p)
  594. }
  595. // TestWebhook adds the test webhook matches the ID to task queue.
  596. func TestWebhook(repo *Repository, event HookEventType, p api.Payloader, webhookID int64) error {
  597. webhook, err := GetWebhookOfRepoByID(repo.ID, webhookID)
  598. if err != nil {
  599. return fmt.Errorf("GetWebhookOfRepoByID [repo_id: %d, id: %d]: %v", repo.ID, webhookID, err)
  600. }
  601. return prepareHookTasks(x, repo, event, p, []*Webhook{webhook})
  602. }
  603. func (t *HookTask) deliver() {
  604. payloadURL, err := url.Parse(t.URL)
  605. if err != nil {
  606. t.ResponseContent = fmt.Sprintf(`{"body": "Cannot parse payload URL: %v"}`, err)
  607. return
  608. }
  609. if netutil.IsBlockedLocalHostname(payloadURL.Hostname(), conf.Security.LocalNetworkAllowlist) {
  610. t.ResponseContent = `{"body": "Payload URL resolved to a local network address that is implicitly blocked."}`
  611. return
  612. }
  613. t.IsDelivered = true
  614. timeout := time.Duration(conf.Webhook.DeliverTimeout) * time.Second
  615. req := httplib.Post(t.URL).SetTimeout(timeout, timeout).
  616. Header("X-Github-Delivery", t.UUID).
  617. Header("X-Github-Event", string(t.EventType)).
  618. Header("X-Gogs-Delivery", t.UUID).
  619. Header("X-Gogs-Signature", t.Signature).
  620. Header("X-Gogs-Event", string(t.EventType)).
  621. SetTLSClientConfig(&tls.Config{InsecureSkipVerify: conf.Webhook.SkipTLSVerify})
  622. switch t.ContentType {
  623. case JSON:
  624. req = req.Header("Content-Type", "application/json").Body(t.PayloadContent)
  625. case FORM:
  626. req.Param("payload", t.PayloadContent)
  627. }
  628. // Record delivery information.
  629. t.RequestInfo = &HookRequest{
  630. Headers: map[string]string{},
  631. }
  632. for k, vals := range req.Headers() {
  633. t.RequestInfo.Headers[k] = strings.Join(vals, ",")
  634. }
  635. t.ResponseInfo = &HookResponse{
  636. Headers: map[string]string{},
  637. }
  638. defer func() {
  639. t.Delivered = time.Now().UnixNano()
  640. if t.IsSucceed {
  641. log.Trace("Hook delivered: %s", t.UUID)
  642. } else {
  643. log.Trace("Hook delivery failed: %s", t.UUID)
  644. }
  645. // Update webhook last delivery status.
  646. w, err := GetWebhookByID(t.HookID)
  647. if err != nil {
  648. log.Error("GetWebhookByID: %v", err)
  649. return
  650. }
  651. if t.IsSucceed {
  652. w.LastStatus = HOOK_STATUS_SUCCEED
  653. } else {
  654. w.LastStatus = HOOK_STATUS_FAILED
  655. }
  656. if err = UpdateWebhook(w); err != nil {
  657. log.Error("UpdateWebhook: %v", err)
  658. return
  659. }
  660. }()
  661. resp, err := req.Response()
  662. if err != nil {
  663. t.ResponseInfo.Body = fmt.Sprintf("Delivery: %v", err)
  664. return
  665. }
  666. defer resp.Body.Close()
  667. // Status code is 20x can be seen as succeed.
  668. t.IsSucceed = resp.StatusCode/100 == 2
  669. t.ResponseInfo.Status = resp.StatusCode
  670. for k, vals := range resp.Header {
  671. t.ResponseInfo.Headers[k] = strings.Join(vals, ",")
  672. }
  673. p, err := io.ReadAll(resp.Body)
  674. if err != nil {
  675. t.ResponseInfo.Body = fmt.Sprintf("read body: %s", err)
  676. return
  677. }
  678. t.ResponseInfo.Body = string(p)
  679. }
  680. // DeliverHooks checks and delivers undelivered hooks.
  681. // TODO: shoot more hooks at same time.
  682. func DeliverHooks() {
  683. tasks := make([]*HookTask, 0, 10)
  684. _ = x.Where("is_delivered = ?", false).Iterate(new(HookTask),
  685. func(idx int, bean any) error {
  686. t := bean.(*HookTask)
  687. t.deliver()
  688. tasks = append(tasks, t)
  689. return nil
  690. })
  691. // Update hook task status.
  692. for _, t := range tasks {
  693. if err := UpdateHookTask(t); err != nil {
  694. log.Error("UpdateHookTask [%d]: %v", t.ID, err)
  695. }
  696. }
  697. // Start listening on new hook requests.
  698. for repoID := range HookQueue.Queue() {
  699. log.Trace("DeliverHooks [repo_id: %v]", repoID)
  700. HookQueue.Remove(repoID)
  701. tasks = make([]*HookTask, 0, 5)
  702. if err := x.Where("repo_id = ?", repoID).And("is_delivered = ?", false).Find(&tasks); err != nil {
  703. log.Error("Get repository [%s] hook tasks: %v", repoID, err)
  704. continue
  705. }
  706. for _, t := range tasks {
  707. t.deliver()
  708. if err := UpdateHookTask(t); err != nil {
  709. log.Error("UpdateHookTask [%d]: %v", t.ID, err)
  710. continue
  711. }
  712. }
  713. }
  714. }
  715. func InitDeliverHooks() {
  716. go DeliverHooks()
  717. }