Package com.lpvs.controller
Class GitHubController
java.lang.Object
com.lpvs.controller.GitHubController
Controller class for handling GitHub webhook events and single scan requests.
This class is responsible for processing GitHub webhook payloads and triggering relevant actions.
-
Constructor Summary
ConstructorsConstructorDescriptionGitHubController
(LPVSQueueService queueService, LPVSGitHubService gitHubService, LPVSGitHubConnectionService gitHubConnectionService, LPVSQueueRepository queueRepository, String GITHUB_SECRET, LPVSExitHandler exitHandler) Constructor for GitHubController. -
Method Summary
Modifier and TypeMethodDescriptionorg.springframework.http.ResponseEntity<LPVSResponseWrapper>
gitHubSingleScan
(@NotEmpty @Valid String gitHubOrg, @NotEmpty @Valid String gitHubRepo, @Min(1L) @Valid Integer prNumber) Handles a GitHub single scan request.org.springframework.http.ResponseEntity<LPVSResponseWrapper>
gitHubWebhooks
(String signature, String payload) Endpoint for handling GitHub webhook events and processing the payload.void
Initializes the GitHub secret from the LPVS_GITHUB_SECRET environment variable or the application property.boolean
wrongSecret
(String signature, String payload) Verifies if the signature matches the calculated signature using the GitHub secret.
-
Constructor Details
-
GitHubController
public GitHubController(LPVSQueueService queueService, LPVSGitHubService gitHubService, LPVSGitHubConnectionService gitHubConnectionService, LPVSQueueRepository queueRepository, @Value("${github.secret:}") String GITHUB_SECRET, LPVSExitHandler exitHandler) Constructor for GitHubController. Initializes LPVSQueueService, LPVSGitHubService, LPVSQueueRepository, GitHub secret, and LPVSExitHandler.- Parameters:
queueService
- LPVSQueueService for handling user-related business logic.gitHubService
- LPVSGitHubService for handling GitHub-related actions.gitHubConnectionService
- Service for establishing and managing connections to the GitHub API.queueRepository
- LPVSQueueRepository for accessing and managing LPVSQueue entities.GITHUB_SECRET
- The GitHub secret used for validating webhook payloads.exitHandler
- LPVSExitHandler for handling application exit scenarios.
-
-
Method Details
-
initializeGitHubController
@PostConstruct public void initializeGitHubController()Initializes the GitHub secret from the LPVS_GITHUB_SECRET environment variable or the application property. Exits the application if the secret is not set. -
gitHubWebhooks
@RequestMapping(value="/webhooks", method=POST) public org.springframework.http.ResponseEntity<LPVSResponseWrapper> gitHubWebhooks(@RequestHeader("X-Hub-Signature-256") String signature, @RequestBody String payload) throws Exception Endpoint for handling GitHub webhook events and processing the payload.- Parameters:
signature
- The signature of the webhook event.payload
- The payload of the webhook event.- Returns:
- The response entity indicating the status of the processing.
- Throws:
Exception
- if an error occurs during processing.
-
gitHubSingleScan
@RequestMapping(value="/scan/{gitHubOrg}/{gitHubRepo}/{prNumber}", method=POST) public org.springframework.http.ResponseEntity<LPVSResponseWrapper> gitHubSingleScan(@PathVariable("gitHubOrg") @NotEmpty @Valid @NotEmpty @Valid String gitHubOrg, @PathVariable("gitHubRepo") @NotEmpty @Valid @NotEmpty @Valid String gitHubRepo, @PathVariable("prNumber") @Min(1L) @Valid @Min(1L) @Valid Integer prNumber) throws InterruptedException, IOException Handles a GitHub single scan request. This endpoint performs a single scan operation based on the GitHub organization, repository, and pull request number provided in the path variables. The method validates the input parameters and performs necessary security checks.- Parameters:
gitHubOrg
- The GitHub organization name. Must not be empty and should be a valid string.gitHubRepo
- The GitHub repository name. Must not be empty and should be a valid string.prNumber
- The pull request number. Must be a positive integer greater than or equal to 1.- Returns:
- ResponseEntity with LPVSResponseWrapper containing the result of the scan. If successful, returns HTTP 200 OK with the success message. If there are validation errors or security issues, returns HTTP 403 FORBIDDEN.
- Throws:
InterruptedException
IOException
-
wrongSecret
Verifies if the signature matches the calculated signature using the GitHub secret.- Parameters:
signature
- The signature to verify.payload
- The payload to calculate the signature.- Returns:
- true if the signature is valid, false otherwise.
- Throws:
Exception
- if an error occurs during signature verification.
-