Merge branch 'dev'

Author: sanderv32

.gitignore

@@ -26,4 +26,3 @@ release.properties
 dependency-reduced-pom.xml
 buildNumber.properties
 .mvn/timing.properties
-

README.md

@@ -9,6 +9,3 @@ http(s)://<< jenkins-server >>/gogs-webhook/?job=<< jobname >>
 
 Example how your the webhook in Gogs should look like:
 ![Example webhook](https://raw.githubusercontent.com/sanderv32/gogs-webhook-plugin/master/bin/gogs-webhook-screenshot.png)
-
-#### TODO:
-- Implement Gogs secret

pom.xml

@@ -6,9 +6,23 @@
     <version>1.580</version><!-- which version of Jenkins is this plugin built against? -->
   </parent>
 
+  <developers>
+    <developer>
+      <id>sanderv32</id>
+      <name>Alexander Verhaar</name>
+    </developer>
+  </developers>
+
+  <licenses>
+    <license>
+      <name>MIT</name>
+      <url>http://www.opensource.org/licenses/mit-license.php</url>
+    </license>
+  </licenses>
+
   <groupId>org.jenkins-ci.plugins</groupId>
   <artifactId>gogs-webhook</artifactId>
-  <version>0.8.13</version>
+  <version>0.8.45</version>
   <packaging>hpi</packaging>
   <name>Jenkins Gogs plugin</name>
   <description>Adds Gogs integration to Jenkins</description>

src/main/java/org/jenkinsci/plugins/gogs/GogsPayloadProcessor.java

@@ -49,18 +49,18 @@ public GogsResults triggerJobs(String jobName, String deliveryID) {
 
     SecurityContext old = Jenkins.getInstance().getACL().impersonate(ACL.SYSTEM);
     for (AbstractProject<?,?> project : Jenkins.getInstance().getAllItems(AbstractProject.class)) {
-      if ( project.getName().equals(jobName)) {
+      if ( project.getName().equals(jobName) ) {
 
         Cause cause = new GogsCause(deliveryID);
         project.scheduleBuild(0, cause);
         didJob = true;
-        result.Message = String.format("Job '%s' is executed",jobName);
+        result.setMessage(String.format("Job '%s' is executed",jobName));
       }
     }
     if (!didJob) {
-      result.Status = 404;
-      result.Message = String.format("Job '%s' is not defined in Jenkins",jobName);
-      LOGGER.warning(result.Message);
+      String msg = String.format("Job '%s' is not defined in Jenkins",jobName);
+      result.setStatus(404, msg);
+      LOGGER.warning(msg);
     }
     SecurityContextHolder.setContext(old);
 

src/main/java/org/jenkinsci/plugins/gogs/GogsProjectProperty.java

@@ -0,0 +1,81 @@
+/*
+
+The MIT License (MIT)
+Copyright (c) 2016 Alexander Verhaar
+
+Permission is hereby granted, free of charge, to any person obtaining a copy of this software and
+associated documentation files (the "Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be included in all copies or substantial
+portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED,
+INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A
+PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR
+COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
+WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF
+OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+
+*/
+
+package org.jenkinsci.plugins.gogs;
+
+import org.jenkinsci.plugins.gogs.GogsWebHook;
+import hudson.Extension;
+import hudson.model.Job;
+import hudson.model.JobProperty;
+import hudson.model.JobPropertyDescriptor;
+
+import net.sf.json.JSONObject;
+
+import org.kohsuke.stapler.StaplerRequest;
+import org.kohsuke.stapler.DataBoundConstructor;
+
+import java.util.logging.Logger;
+
+public class GogsProjectProperty extends JobProperty<Job<?, ?>> {
+  private final String gogsSecret;
+
+  @DataBoundConstructor
+  public GogsProjectProperty(String gogsSecret) {
+    this.gogsSecret = gogsSecret;
+  }
+
+  public String getGogsSecret() {
+    return this.gogsSecret;
+  }
+
+  private static final Logger LOGGER = Logger.getLogger(GogsWebHook.class.getName());
+
+  @Extension
+  public static final class DescriptorImpl extends JobPropertyDescriptor {
+      public static final String GOGS_PROJECT_BLOCK_NAME = "gogsProject";
+      private String gogsSecret;
+
+      public String getGogsSecret() {
+        return gogsSecret;
+      }
+
+      public JobProperty<?> newInstance(StaplerRequest req, JSONObject formData) throws FormException {
+        GogsProjectProperty tpp = req.bindJSON(
+                GogsProjectProperty.class,
+                formData.getJSONObject(GOGS_PROJECT_BLOCK_NAME)
+        );
+        if ( tpp != null ) {
+          LOGGER.info(formData.toString());
+          LOGGER.info(tpp.gogsSecret);
+
+          gogsSecret = tpp.gogsSecret;
+        }
+        return tpp;
+      }
+
+      @Override
+      public String getDisplayName() {
+          return "Gogs Secret";
+      }
+  }
+}

src/main/java/org/jenkinsci/plugins/gogs/GogsResults.java

@@ -24,16 +24,28 @@ associated documentation files (the "Software"), to deal in the Software without
 package org.jenkinsci.plugins.gogs;
 
 public class GogsResults {
-    int Status;
-    String Message;
+    private int Status;
+    private String Message;
 
     public GogsResults() {
       this.Status = 200;
       this.Message = "OK";
     }
 
+    public void setMessage(String msg) {
+      this.Message = msg;
+    }
+
     public void setStatus(int status, String msg) {
       this.Status = status;
       this.Message = msg;
     }
+
+    public int getStatus() {
+      return this.Status;
+    }
+
+    public String getMessage() {
+      return this.Message;
+    }
 }

src/main/java/org/jenkinsci/plugins/gogs/GogsWebHook.java

@@ -24,6 +24,8 @@ associated documentation files (the "Software"), to deal in the Software without
 package org.jenkinsci.plugins.gogs;
 
 import hudson.Extension;
+import hudson.tasks.Builder;
+import hudson.model.Descriptor;
 import hudson.model.UnprotectedRootAction;
 
 import java.util.Map;
@@ -41,6 +43,8 @@ associated documentation files (the "Software"), to deal in the Software without
 
 import net.sf.json.JSONObject;
 
+import jenkins.model.Jenkins;
+
 import org.apache.commons.io.IOUtils;
 import org.kohsuke.stapler.HttpResponse;
 import org.kohsuke.stapler.QueryParameter;
@@ -54,6 +58,7 @@ associated documentation files (the "Software"), to deal in the Software without
 public class GogsWebHook implements UnprotectedRootAction {
     private final static Logger LOGGER = Logger.getLogger(GogsWebHook.class.getName());
     public static final String URLNAME = "gogs-webhook";
+    private Jenkins jenkins = Jenkins.getInstance();
     private StaplerResponse resp;
 
     public String getDisplayName() {
@@ -77,6 +82,7 @@ public String getUrlName() {
     public void doIndex(StaplerRequest req, StaplerResponse rsp)  throws IOException {
       GogsResults result = new GogsResults();
       GogsPayloadProcessor payloadProcessor = new GogsPayloadProcessor();
+      GogsProjectProperty.DescriptorImpl projectProperty = jenkins.getDescriptorByType(GogsProjectProperty.DescriptorImpl.class);
       this.resp = rsp;
 
       // Get X-Gogs-Event
@@ -88,7 +94,7 @@ public void doIndex(StaplerRequest req, StaplerResponse rsp)  throws IOException
 
       // Get X-Gogs-Delivery header with deliveryID
       String gogsDelivery = req.getHeader("X-Gogs-Delivery");
-      if (gogsDelivery.isEmpty()) {
+      if ( gogsDelivery==null && gogsDelivery.isEmpty() ) {
         gogsDelivery = "Triggered by Jenkins-Gogs-Plugin. Delivery ID unknown.";
       } else {
         gogsDelivery = "Gogs-ID: " + gogsDelivery;
@@ -97,7 +103,7 @@ public void doIndex(StaplerRequest req, StaplerResponse rsp)  throws IOException
       // Get querystring from the URI
       Map querystring = splitQuery(req.getQueryString());
       String jobName = querystring.get("job").toString();
-      if ( jobName!=null && jobName.isEmpty()) {
+      if ( jobName!=null && jobName.isEmpty() ) {
         result.setStatus(404, "Parameter 'job' is missing or no value assigned.");
         exitWebHook(result);
       }
@@ -114,9 +120,28 @@ public void doIndex(StaplerRequest req, StaplerResponse rsp)  throws IOException
         }
 
         JSONObject jsonObject = JSONObject.fromObject(body);
+        String gSecret = jsonObject.getString("secret");  /* Secret provided by Gogs    */
+        String jSecret = projectProperty.getGogsSecret(); /* Secret provided by Jenkins */
         String url = jsonObject.getJSONObject("repository").getString("url");
 
-        result = payloadProcessor.triggerJobs(jobName, gogsDelivery);
+        if ( gSecret!=null && !gSecret.isEmpty() ) {
+          /* Gogs secret is set */
+          if ( jSecret!=null && !jSecret.isEmpty()) {
+            /* Jenkins secret is set */
+            if  ( !jSecret.equals(gSecret) ) {
+              /* Gogs and Jenkins secrets differs */
+              result.setStatus(403, "Incorrect secret");
+            } else {
+              /* Password is set in Jenkins and Gogs, and is correct */
+              result = payloadProcessor.triggerJobs(jobName, gogsDelivery);
+            }
+          } else {
+            result.setStatus(403, "Incorrect secret");
+          }
+        } else {
+          /* No password is set in Jenkins or Gogs, run without secrets */
+          result = payloadProcessor.triggerJobs(jobName, gogsDelivery);
+        }
       } else {
         result.setStatus(404, "No payload or URI contains invalid entries.");
       }
@@ -130,13 +155,13 @@ public void doIndex(StaplerRequest req, StaplerResponse rsp)  throws IOException
      * @param results GogsResults
      */
     private void exitWebHook(GogsResults result)  throws IOException {
-      if ( result.Status != 200 ) {
-        LOGGER.warning(result.Message);
+      if ( result.getStatus() != 200 ) {
+        LOGGER.warning(result.getMessage());
       }
       JSONObject json = new JSONObject();
-      json.put("result", result.Status==200 ? "OK" : "ERROR");
-      json.put("message", result.Message);
-      resp.setStatus(result.Status);
+      json.put("result", result.getStatus()==200 ? "OK" : "ERROR");
+      json.put("message", result.getMessage());
+      resp.setStatus(result.getStatus());
       resp.addHeader("Content-Type","application/json");
       resp.getWriter().print(json.toString());
     }

src/main/resources/org/jenkinsci/plugins/gogs/GogsProjectProperty/config.jelly

@@ -0,0 +1,10 @@
+<?jelly escape-by-default='true'?>
+<j:jelly xmlns:j="jelly:core" xmlns:f="/lib/form">
+  <f:block>
+    <f:optionalBlock name="${descriptor.GOGS_PROJECT_BLOCK_NAME}" title="Use Gogs secret" checked="${instance.gogsSecret != null}">
+      <f:entry title="${%Secret}">
+        <f:password field="gogsSecret" />
+      </f:entry>
+    </f:optionalBlock>
+  </f:block>
+</j:jelly>