Skip to content

Commit

Permalink
Update
Browse files Browse the repository at this point in the history
  • Loading branch information
@rohitvinnakota-codecov
rohitvinnakota-codecov committed Jan 17, 2025
1 parent 33366b7 commit 00841b8
Show file tree
Hide file tree
Showing 2 changed files with 5 additions and 2 deletions.
2 changes: 1 addition & 1 deletion src/integrations/codecov/codecov_auth.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -43,7 +43,7 @@ def authenticate_incoming_request(
@inject
def authenticate_codecov_app_install(
external_owner_id: str, repo_service_id: str, config: AppConfig = injected
):
) -> bool:
data = {"external_owner_id": external_owner_id, "repo_service_id": repo_service_id}
request_data = json.dumps(data).encode("utf-8")
key = config.CODECOV_OUTGOING_SIGNATURE_SECRET
Expand Down
5 changes: 4 additions & 1 deletion src/seer/app.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,7 @@
from openai import APITimeoutError
from sentry_sdk.integrations.flask import FlaskIntegration
from sentry_sdk.integrations.logging import LoggingIntegration
from werkzeug.exceptions import GatewayTimeout, InternalServerError
from werkzeug.exceptions import GatewayTimeout, InternalServerError, Unauthorized

from integrations.codecov.codecov_auth import (
INCOMING_REQUEST_SIGNATURE_HEADER,
Expand Down Expand Up @@ -275,6 +275,9 @@ def codecov_request_endpoint(
data: CodecovTaskRequest,
) -> CodegenBaseResponse:
signature = request.headers.get(INCOMING_REQUEST_SIGNATURE_HEADER)
if not signature:
raise Unauthorized("Missing signature")

CodecovAuthentication.authenticate_incoming_request(signature, data)

is_valid = CodecovAuthentication.authenticate_codecov_app_install(
Expand Down

0 comments on commit 00841b8

Please sign in to comment.