Add 400 error for invalid source field

Author: brian-lou

src/webhooks/generic-notifier/generic-notifier.test.ts

@@ -1,3 +1,4 @@
+import testInvalidPayload from '@test/payloads/generic-notifier/testInvalidPayload.json';
 import testPayload from '@test/payloads/generic-notifier/testPayload.json';
 import { createNotifierRequest } from '@test/utils/createGenericMessageRequest';
 
@@ -28,6 +29,14 @@ describe('generic messages webhook', function () {
     expect(response.statusCode).toBe(200);
   });
 
+  it('returns 400 for an invalid source', async function () {
+    const response = await fastify.inject({
+      method: 'POST',
+      url: '/event-notifier/v1',
+      payload: testInvalidPayload,
+    });
+    expect(response.statusCode).toBe(400);
+  });
   it('returns 400 for invalid signature', async function () {
     const response = await fastify.inject({
       method: 'POST',

src/webhooks/generic-notifier/generic-notifier.ts

@@ -21,6 +21,7 @@ export async function genericEventNotifier(
       body.source === undefined ||
       EVENT_NOTIFIER_SECRETS[body.source] === undefined
     ) {
+      reply.code(400).send('Invalid source or missing secret');
       throw new Error('Invalid source or missing secret');
     }
 

test/payloads/generic-notifier/testInvalidPayload.json

@@ -0,0 +1,18 @@
+{
+	"source": "bad-source",
+	"timestamp": 0,
+	"service_name": "official_service_name",
+	"data": {
+		"title": "This is an Example Notification",
+		"message": "Random text here",
+		"tags": [
+			"source:example-service", "sentry-region:all", "sentry-user:bob"
+		],
+		"misc": {},
+		"channels": {
+			"slack": ["#aaaaaa"],
+			"datadog": ["example-proj-id"],
+			"jira": ["TEST"]
+		}
+	}
+}