From 8cc1a77a3b68788e7066bd30eadb8b86eda1a070 Mon Sep 17 00:00:00 2001
From: Niko <zero@imaskeleton.me>
Date: Thu, 21 Dec 2023 14:36:10 -0700
Subject: [PATCH] webhook error logging

---
 .../endpoints/webhooks/discordservices_net.rs | 38 +++++++++++++------
 .../src/endpoints/webhooks/top_gg.rs          | 32 ++++++++++------
 .../src/endpoints/webhooks/wumpus_store.rs    | 35 +++++++++++------
 3 files changed, 69 insertions(+), 36 deletions(-)

diff --git a/scripty_webserver/src/endpoints/webhooks/discordservices_net.rs b/scripty_webserver/src/endpoints/webhooks/discordservices_net.rs
index 75d85de..2c42d9f 100644
--- a/scripty_webserver/src/endpoints/webhooks/discordservices_net.rs
+++ b/scripty_webserver/src/endpoints/webhooks/discordservices_net.rs
@@ -18,24 +18,38 @@ impl<S> FromRequestParts<S> for DiscordServicesNetAuthorization {
 		let authorization = parts
 			.headers
 			.get("Authorization")
-			.ok_or((StatusCode::UNAUTHORIZED, "No Authorization header provided"))?;
-		let authorization = authorization.to_str().map_err(|_| {
-			(
-				StatusCode::BAD_REQUEST,
-				"Authorization header was not valid UTF-8",
-			)
-		})?;
+			.ok_or((StatusCode::UNAUTHORIZED, "No Authorization header provided"))?
+			.to_str()
+			.map_err(|_| {
+				(
+					StatusCode::BAD_REQUEST,
+					"Authorization header was not valid UTF-8",
+				)
+			})?
+			.trim();
 
-		let scripty_config::BotListsConfig::FullConfig { token: _, webhook } =
-			scripty_config::get_config()
-				.bot_lists
-				.get("discordservices_net")
-				.ok_or((StatusCode::UNAUTHORIZED, "Invalid token"))?
+		let Some(webhook_config) = scripty_config::get_config()
+			.bot_lists
+			.get("discordservices_net")
 		else {
+			warn!("couldn't find valid configuration for discordservices.net (got none)");
+			return Err((StatusCode::UNAUTHORIZED, "Invalid token"));
+		};
+
+		let scripty_config::BotListsConfig::FullConfig { token: _, webhook } = webhook_config
+		else {
+			warn!(
+				"couldn't find valid configuration for discordservices.net (got single key, need \
+				 double)"
+			);
 			return Err((StatusCode::UNAUTHORIZED, "Invalid token"));
 		};
 
 		if authorization != webhook {
+			debug!(
+				"webhook request had invalid authorization header: got <{}>",
+				authorization
+			);
 			Err((StatusCode::UNAUTHORIZED, "Invalid token"))
 		} else {
 			Ok(Self)
diff --git a/scripty_webserver/src/endpoints/webhooks/top_gg.rs b/scripty_webserver/src/endpoints/webhooks/top_gg.rs
index 4a0d1e3..417d410 100644
--- a/scripty_webserver/src/endpoints/webhooks/top_gg.rs
+++ b/scripty_webserver/src/endpoints/webhooks/top_gg.rs
@@ -18,24 +18,32 @@ impl<S> FromRequestParts<S> for TopGgAuthorization {
 		let authorization = parts
 			.headers
 			.get("Authorization")
-			.ok_or((StatusCode::UNAUTHORIZED, "No Authorization header provided"))?;
-		let authorization = authorization.to_str().map_err(|_| {
-			(
-				StatusCode::BAD_REQUEST,
-				"Authorization header was not valid UTF-8",
-			)
-		})?;
+			.ok_or((StatusCode::UNAUTHORIZED, "No Authorization header provided"))?
+			.to_str()
+			.map_err(|_| {
+				(
+					StatusCode::BAD_REQUEST,
+					"Authorization header was not valid UTF-8",
+				)
+			})?
+			.trim();
 
-		let scripty_config::BotListsConfig::FullConfig { token: _, webhook } =
-			scripty_config::get_config()
-				.bot_lists
-				.get("top_gg")
-				.ok_or((StatusCode::UNAUTHORIZED, "Invalid token"))?
+		let Some(webhook_config) = scripty_config::get_config().bot_lists.get("top_gg") else {
+			warn!("couldn't find valid configuration for top.gg (got none)");
+			return Err((StatusCode::UNAUTHORIZED, "Invalid token"));
+		};
+
+		let scripty_config::BotListsConfig::FullConfig { token: _, webhook } = webhook_config
 		else {
+			warn!("couldn't find valid configuration for top.gg (got single key, need double)");
 			return Err((StatusCode::UNAUTHORIZED, "Invalid token"));
 		};
 
 		if authorization != webhook {
+			debug!(
+				"webhook request had invalid authorization header: got <{}>",
+				authorization
+			);
 			Err((StatusCode::UNAUTHORIZED, "Invalid token"))
 		} else {
 			Ok(Self)
diff --git a/scripty_webserver/src/endpoints/webhooks/wumpus_store.rs b/scripty_webserver/src/endpoints/webhooks/wumpus_store.rs
index 95ab0a8..038396d 100644
--- a/scripty_webserver/src/endpoints/webhooks/wumpus_store.rs
+++ b/scripty_webserver/src/endpoints/webhooks/wumpus_store.rs
@@ -18,24 +18,35 @@ impl<S> FromRequestParts<S> for WumpusStoreAuthorization {
 		let authorization = parts
 			.headers
 			.get("Authorization")
-			.ok_or((StatusCode::UNAUTHORIZED, "No Authorization header provided"))?;
-		let authorization = authorization.to_str().map_err(|_| {
-			(
-				StatusCode::BAD_REQUEST,
-				"Authorization header was not valid UTF-8",
-			)
-		})?;
+			.ok_or((StatusCode::UNAUTHORIZED, "No Authorization header provided"))?
+			.to_str()
+			.map_err(|_| {
+				(
+					StatusCode::BAD_REQUEST,
+					"Authorization header was not valid UTF-8",
+				)
+			})?
+			.trim();
 
-		let scripty_config::BotListsConfig::FullConfig { token: _, webhook } =
-			scripty_config::get_config()
-				.bot_lists
-				.get("wumpus_store")
-				.ok_or((StatusCode::UNAUTHORIZED, "Invalid token"))?
+		let Some(webhook_config) = scripty_config::get_config().bot_lists.get("wumpus_store")
 		else {
+			warn!("couldn't find valid configuration for wumpus.store (got none)");
+			return Err((StatusCode::UNAUTHORIZED, "Invalid token"));
+		};
+
+		let scripty_config::BotListsConfig::FullConfig { token: _, webhook } = webhook_config
+		else {
+			warn!(
+				"couldn't find valid configuration for wumpus.store (got single key, need double)"
+			);
 			return Err((StatusCode::UNAUTHORIZED, "Invalid token"));
 		};
 
 		if authorization != webhook {
+			debug!(
+				"webhook request had invalid authorization header: got <{}>",
+				authorization
+			);
 			Err((StatusCode::UNAUTHORIZED, "Invalid token"))
 		} else {
 			Ok(Self)