Package com.lpvs.controller

Class GitHubController

java.lang.Object
com.lpvs.controller.GitHubController
@RestController public class GitHubController extends Object
Controller class for handling GitHub webhook events and single scan requests. This class is responsible for processing GitHub webhook payloads and triggering relevant actions.

  • Constructor Details

    • GitHubController

      public GitHubController(LPVSQueueService queueService, LPVSGitHubService gitHubService, LPVSGitHubConnectionService gitHubConnectionService, LPVSQueueRepository queueRepository, @Value("${github.secret:}") String GITHUB_SECRET, LPVSExitHandler exitHandler)
      Constructor for GitHubController. Initializes LPVSQueueService, LPVSGitHubService, LPVSQueueRepository, GitHub secret, and LPVSExitHandler.
      Parameters:
      queueService - LPVSQueueService for handling user-related business logic.
      gitHubService - LPVSGitHubService for handling GitHub-related actions.
      gitHubConnectionService - Service for establishing and managing connections to the GitHub API.
      queueRepository - LPVSQueueRepository for accessing and managing LPVSQueue entities.
      GITHUB_SECRET - The GitHub secret used for validating webhook payloads.
      exitHandler - LPVSExitHandler for handling application exit scenarios.

  • Method Details

    • initializeGitHubController

      @PostConstruct public void initializeGitHubController()
      Initializes the GitHub secret from the LPVS_GITHUB_SECRET environment variable or the application property. Exits the application if the secret is not set.

    • gitHubWebhooks

      @RequestMapping(value="/webhooks", method=POST) public org.springframework.http.ResponseEntity<LPVSResponseWrapper> gitHubWebhooks(@RequestHeader("X-Hub-Signature-256") String signature, @RequestBody String payload) throws Exception
      Endpoint for handling GitHub webhook events and processing the payload.
      Parameters:
      signature - The signature of the webhook event.
      payload - The payload of the webhook event.
      Returns:
      The response entity indicating the status of the processing.
      Throws:
      Exception - if an error occurs during processing.

    • gitHubSingleScan

      @RequestMapping(value="/scan/{gitHubOrg}/{gitHubRepo}/{prNumber}", method=POST) public org.springframework.http.ResponseEntity<LPVSResponseWrapper> gitHubSingleScan(@PathVariable("gitHubOrg") @NotEmpty @Valid @NotEmpty @Valid String gitHubOrg, @PathVariable("gitHubRepo") @NotEmpty @Valid @NotEmpty @Valid String gitHubRepo, @PathVariable("prNumber") @Min(1L) @Valid @Min(1L) @Valid Integer prNumber) throws InterruptedException, IOException
      Handles a GitHub single scan request. This endpoint performs a single scan operation based on the GitHub organization, repository, and pull request number provided in the path variables. The method validates the input parameters and performs necessary security checks.
      Parameters:
      gitHubOrg - The GitHub organization name. Must not be empty and should be a valid string.
      gitHubRepo - The GitHub repository name. Must not be empty and should be a valid string.
      prNumber - The pull request number. Must be a positive integer greater than or equal to 1.
      Returns:
      ResponseEntity with LPVSResponseWrapper containing the result of the scan. If successful, returns HTTP 200 OK with the success message. If there are validation errors or security issues, returns HTTP 403 FORBIDDEN.
      Throws:
      InterruptedException
      IOException

    • wrongSecret

      public boolean wrongSecret(String signature, String payload) throws Exception
      Verifies if the signature matches the calculated signature using the GitHub secret.
      Parameters:
      signature - The signature to verify.
      payload - The payload to calculate the signature.
      Returns:
      true if the signature is valid, false otherwise.
      Throws:
      Exception - if an error occurs during signature verification.