Skip to content

Commit

Permalink
Merge pull request #475 from gitautoai/wes
Browse files Browse the repository at this point in the history 
Fix a request header validation error
  • Loading branch information
@hiroshinishio
hiroshinishio authored Jan 16, 2025
2 parents 9684e0f + 412e97d commit df8891c
Showing 1 changed file with 8 additions and 3 deletions.
11 changes: 8 additions & 3 deletions services/jira/jira_manager.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -23,9 +23,14 @@ async def verify_jira_webhook(request: Request):
print("Request Headers:", dumps(dict(request.headers), indent=2))

# Verify that the request came from Atlassian Forge
if request.headers.get("atl-edge-tenant") != "forge-outbound-proxy":
print("Not a Forge request")
raise HTTPException(status_code=401, detail="Request not from Forge")
user_agent = request.headers.get("user-agent", "")
has_b3_headers = all(
[request.headers.get("x-b3-traceid"), request.headers.get("x-b3-spanid")]
)

if "node-fetch" not in user_agent or not has_b3_headers:
print("Not a valid Forge request")
raise HTTPException(status_code=401, detail="Invalid request source")

payload = await request.json()
# print("Payload:", json.dumps(payload, indent=2))
Expand Down

0 comments on commit df8891c

Please sign in to comment.