[REFACTOR] webhook shared code to prevent import cycles

(cherry picked from commit 04a398a)

Author: oliverpool

routers/web/repo/setting/webhook.go

@@ -148,7 +148,7 @@ func WebhookNew(ctx *context.Context) {
 }
 
 // ParseHookEvent convert web form content to webhook.HookEvent
-func ParseHookEvent(form forms.WebhookForm) *webhook_module.HookEvent {
+func ParseHookEvent(form forms.WebhookCoreForm) *webhook_module.HookEvent {
 	return &webhook_module.HookEvent{
 		PushOnly:       form.PushOnly(),
 		SendEverything: form.SendEverything(),
@@ -188,7 +188,7 @@ func WebhookCreate(ctx *context.Context) {
 		return
 	}
 
-	fields := handler.FormFields(func(form any) {
+	fields := handler.UnmarshalForm(func(form any) {
 		errs := binding.Bind(ctx.Req, form)
 		middleware.Validate(errs, ctx.Data, form, ctx.Locale) // error checked below in ctx.HasError
 	})
@@ -215,10 +215,10 @@ func WebhookCreate(ctx *context.Context) {
 		w.URL = fields.URL
 		w.ContentType = fields.ContentType
 		w.Secret = fields.Secret
-		w.HookEvent = ParseHookEvent(fields.WebhookForm)
-		w.IsActive = fields.WebhookForm.Active
+		w.HookEvent = ParseHookEvent(fields.WebhookCoreForm)
+		w.IsActive = fields.Active
 		w.HTTPMethod = fields.HTTPMethod
-		err := w.SetHeaderAuthorization(fields.WebhookForm.AuthorizationHeader)
+		err := w.SetHeaderAuthorization(fields.AuthorizationHeader)
 		if err != nil {
 			ctx.ServerError("SetHeaderAuthorization", err)
 			return
@@ -245,14 +245,14 @@ func WebhookCreate(ctx *context.Context) {
 		HTTPMethod:      fields.HTTPMethod,
 		ContentType:     fields.ContentType,
 		Secret:          fields.Secret,
-		HookEvent:       ParseHookEvent(fields.WebhookForm),
-		IsActive:        fields.WebhookForm.Active,
+		HookEvent:       ParseHookEvent(fields.WebhookCoreForm),
+		IsActive:        fields.Active,
 		Type:            hookType,
 		Meta:            string(meta),
 		OwnerID:         orCtx.OwnerID,
 		IsSystemWebhook: orCtx.IsSystemWebhook,
 	}
-	err = w.SetHeaderAuthorization(fields.WebhookForm.AuthorizationHeader)
+	err = w.SetHeaderAuthorization(fields.AuthorizationHeader)
 	if err != nil {
 		ctx.ServerError("SetHeaderAuthorization", err)
 		return
@@ -286,7 +286,7 @@ func WebhookUpdate(ctx *context.Context) {
 		return
 	}
 
-	fields := handler.FormFields(func(form any) {
+	fields := handler.UnmarshalForm(func(form any) {
 		errs := binding.Bind(ctx.Req, form)
 		middleware.Validate(errs, ctx.Data, form, ctx.Locale) // error checked below in ctx.HasError
 	})
@@ -295,11 +295,11 @@ func WebhookUpdate(ctx *context.Context) {
 	w.URL = fields.URL
 	w.ContentType = fields.ContentType
 	w.Secret = fields.Secret
-	w.HookEvent = ParseHookEvent(fields.WebhookForm)
-	w.IsActive = fields.WebhookForm.Active
+	w.HookEvent = ParseHookEvent(fields.WebhookCoreForm)
+	w.IsActive = fields.Active
 	w.HTTPMethod = fields.HTTPMethod
 
-	err := w.SetHeaderAuthorization(fields.WebhookForm.AuthorizationHeader)
+	err := w.SetHeaderAuthorization(fields.AuthorizationHeader)
 	if err != nil {
 		ctx.ServerError("SetHeaderAuthorization", err)
 		return

services/forms/repo_form.go

@@ -12,6 +12,7 @@ import (
 	"code.gitea.io/gitea/models"
 	issues_model "code.gitea.io/gitea/models/issues"
 	project_model "code.gitea.io/gitea/models/project"
+	webhook_model "code.gitea.io/gitea/models/webhook"
 	"code.gitea.io/gitea/modules/setting"
 	"code.gitea.io/gitea/modules/structs"
 	"code.gitea.io/gitea/modules/web/middleware"
@@ -235,8 +236,8 @@ func (f *ProtectBranchForm) Validate(req *http.Request, errs binding.Errors) bin
 //   \__/\  /  \___  >___  /___|  /\____/ \____/|__|_ \
 //        \/       \/    \/     \/                   \/
 
-// WebhookForm form for changing web hook
-type WebhookForm struct {
+// WebhookCoreForm form for changing web hook (common to all webhook types)
+type WebhookCoreForm struct {
 	Events                   string
 	Create                   bool
 	Delete                   bool
@@ -265,20 +266,30 @@ type WebhookForm struct {
 }
 
 // PushOnly if the hook will be triggered when push
-func (f WebhookForm) PushOnly() bool {
+func (f WebhookCoreForm) PushOnly() bool {
 	return f.Events == "push_only"
 }
 
 // SendEverything if the hook will be triggered any event
-func (f WebhookForm) SendEverything() bool {
+func (f WebhookCoreForm) SendEverything() bool {
 	return f.Events == "send_everything"
 }
 
 // ChooseEvents if the hook will be triggered choose events
-func (f WebhookForm) ChooseEvents() bool {
+func (f WebhookCoreForm) ChooseEvents() bool {
 	return f.Events == "choose_events"
 }
 
+// WebhookForm form for changing web hook (specific handling depending on the webhook type)
+type WebhookForm struct {
+	WebhookCoreForm
+	URL         string
+	ContentType webhook_model.HookContentType
+	Secret      string
+	HTTPMethod  string
+	Metadata    any
+}
+
 // .___
 // |   | ______ ________ __   ____
 // |   |/  ___//  ___/  |  \_/ __ \

services/webhook/default.go

@@ -5,13 +5,8 @@ package webhook
 
 import (
 	"context"
-	"crypto/hmac"
-	"crypto/sha1"
-	"crypto/sha256"
-	"encoding/hex"
 	"fmt"
 	"html/template"
-	"io"
 	"net/http"
 	"net/url"
 	"strings"
@@ -21,6 +16,7 @@ import (
 	"code.gitea.io/gitea/modules/svg"
 	webhook_module "code.gitea.io/gitea/modules/webhook"
 	"code.gitea.io/gitea/services/forms"
+	"code.gitea.io/gitea/services/webhook/shared"
 )
 
 var _ Handler = defaultHandler{}
@@ -39,16 +35,16 @@ func (dh defaultHandler) Type() webhook_module.HookType {
 func (dh defaultHandler) Icon(size int) template.HTML {
 	if dh.forgejo {
 		// forgejo.svg is not in web_src/svg/, so svg.RenderHTML does not work
-		return imgIcon("forgejo.svg", size)
+		return shared.ImgIcon("forgejo.svg", size)
 	}
 	return svg.RenderHTML("gitea-gitea", size, "img")
 }
 
 func (defaultHandler) Metadata(*webhook_model.Webhook) any { return nil }
 
-func (defaultHandler) FormFields(bind func(any)) FormFields {
+func (defaultHandler) UnmarshalForm(bind func(any)) forms.WebhookForm {
 	var form struct {
-		forms.WebhookForm
+		forms.WebhookCoreForm
 		PayloadURL  string `binding:"Required;ValidUrl"`
 		HTTPMethod  string `binding:"Required;In(POST,GET)"`
 		ContentType int    `binding:"Required"`
@@ -60,13 +56,13 @@ func (defaultHandler) FormFields(bind func(any)) FormFields {
 	if webhook_model.HookContentType(form.ContentType) == webhook_model.ContentTypeForm {
 		contentType = webhook_model.ContentTypeForm
 	}
-	return FormFields{
-		WebhookForm: form.WebhookForm,
-		URL:         form.PayloadURL,
-		ContentType: contentType,
-		Secret:      form.Secret,
-		HTTPMethod:  form.HTTPMethod,
-		Metadata:    nil,
+	return forms.WebhookForm{
+		WebhookCoreForm: form.WebhookCoreForm,
+		URL:             form.PayloadURL,
+		ContentType:     contentType,
+		Secret:          form.Secret,
+		HTTPMethod:      form.HTTPMethod,
+		Metadata:        nil,
 	}
 }
 
@@ -130,42 +126,5 @@ func (defaultHandler) NewRequest(ctx context.Context, w *webhook_model.Webhook,
 	}
 
 	body = []byte(t.PayloadContent)
-	return req, body, addDefaultHeaders(req, []byte(w.Secret), t, body)
-}
-
-func addDefaultHeaders(req *http.Request, secret []byte, t *webhook_model.HookTask, payloadContent []byte) error {
-	var signatureSHA1 string
-	var signatureSHA256 string
-	if len(secret) > 0 {
-		sig1 := hmac.New(sha1.New, secret)
-		sig256 := hmac.New(sha256.New, secret)
-		_, err := io.MultiWriter(sig1, sig256).Write(payloadContent)
-		if err != nil {
-			// this error should never happen, since the hashes are writing to []byte and always return a nil error.
-			return fmt.Errorf("prepareWebhooks.sigWrite: %w", err)
-		}
-		signatureSHA1 = hex.EncodeToString(sig1.Sum(nil))
-		signatureSHA256 = hex.EncodeToString(sig256.Sum(nil))
-	}
-
-	event := t.EventType.Event()
-	eventType := string(t.EventType)
-	req.Header.Add("X-Forgejo-Delivery", t.UUID)
-	req.Header.Add("X-Forgejo-Event", event)
-	req.Header.Add("X-Forgejo-Event-Type", eventType)
-	req.Header.Add("X-Forgejo-Signature", signatureSHA256)
-	req.Header.Add("X-Gitea-Delivery", t.UUID)
-	req.Header.Add("X-Gitea-Event", event)
-	req.Header.Add("X-Gitea-Event-Type", eventType)
-	req.Header.Add("X-Gitea-Signature", signatureSHA256)
-	req.Header.Add("X-Gogs-Delivery", t.UUID)
-	req.Header.Add("X-Gogs-Event", event)
-	req.Header.Add("X-Gogs-Event-Type", eventType)
-	req.Header.Add("X-Gogs-Signature", signatureSHA256)
-	req.Header.Add("X-Hub-Signature", "sha1="+signatureSHA1)
-	req.Header.Add("X-Hub-Signature-256", "sha256="+signatureSHA256)
-	req.Header["X-GitHub-Delivery"] = []string{t.UUID}
-	req.Header["X-GitHub-Event"] = []string{event}
-	req.Header["X-GitHub-Event-Type"] = []string{eventType}
-	return nil
+	return req, body, shared.AddDefaultHeaders(req, []byte(w.Secret), t, body)
 }

services/webhook/dingtalk.go

@@ -17,28 +17,29 @@ import (
 	"code.gitea.io/gitea/modules/util"
 	webhook_module "code.gitea.io/gitea/modules/webhook"
 	"code.gitea.io/gitea/services/forms"
+	"code.gitea.io/gitea/services/webhook/shared"
 )
 
 type dingtalkHandler struct{}
 
 func (dingtalkHandler) Type() webhook_module.HookType       { return webhook_module.DINGTALK }
 func (dingtalkHandler) Metadata(*webhook_model.Webhook) any { return nil }
-func (dingtalkHandler) Icon(size int) template.HTML         { return imgIcon("dingtalk.ico", size) }
+func (dingtalkHandler) Icon(size int) template.HTML         { return shared.ImgIcon("dingtalk.ico", size) }
 
-func (dingtalkHandler) FormFields(bind func(any)) FormFields {
+func (dingtalkHandler) UnmarshalForm(bind func(any)) forms.WebhookForm {
 	var form struct {
-		forms.WebhookForm
+		forms.WebhookCoreForm
 		PayloadURL string `binding:"Required;ValidUrl"`
 	}
 	bind(&form)
 
-	return FormFields{
-		WebhookForm: form.WebhookForm,
-		URL:         form.PayloadURL,
-		ContentType: webhook_model.ContentTypeJSON,
-		Secret:      "",
-		HTTPMethod:  http.MethodPost,
-		Metadata:    nil,
+	return forms.WebhookForm{
+		WebhookCoreForm: form.WebhookCoreForm,
+		URL:             form.PayloadURL,
+		ContentType:     webhook_model.ContentTypeJSON,
+		Secret:          "",
+		HTTPMethod:      http.MethodPost,
+		Metadata:        nil,
 	}
 }
 
@@ -225,8 +226,8 @@ func createDingtalkPayload(title, text, singleTitle, singleURL string) DingtalkP
 
 type dingtalkConvertor struct{}
 
-var _ payloadConvertor[DingtalkPayload] = dingtalkConvertor{}
+var _ shared.PayloadConvertor[DingtalkPayload] = dingtalkConvertor{}
 
 func (dingtalkHandler) NewRequest(ctx context.Context, w *webhook_model.Webhook, t *webhook_model.HookTask) (*http.Request, []byte, error) {
-	return newJSONRequest(dingtalkConvertor{}, w, t, true)
+	return shared.NewJSONRequest(dingtalkConvertor{}, w, t, true)
 }

services/webhook/discord.go

@@ -22,28 +22,29 @@ import (
 	"code.gitea.io/gitea/modules/util"
 	webhook_module "code.gitea.io/gitea/modules/webhook"
 	"code.gitea.io/gitea/services/forms"
+	"code.gitea.io/gitea/services/webhook/shared"
 )
 
 type discordHandler struct{}
 
 func (discordHandler) Type() webhook_module.HookType { return webhook_module.DISCORD }
-func (discordHandler) Icon(size int) template.HTML   { return imgIcon("discord.png", size) }
+func (discordHandler) Icon(size int) template.HTML   { return shared.ImgIcon("discord.png", size) }
 
-func (discordHandler) FormFields(bind func(any)) FormFields {
+func (discordHandler) UnmarshalForm(bind func(any)) forms.WebhookForm {
 	var form struct {
-		forms.WebhookForm
+		forms.WebhookCoreForm
 		PayloadURL string `binding:"Required;ValidUrl"`
 		Username   string
 		IconURL    string
 	}
 	bind(&form)
 
-	return FormFields{
-		WebhookForm: form.WebhookForm,
-		URL:         form.PayloadURL,
-		ContentType: webhook_model.ContentTypeJSON,
-		Secret:      "",
-		HTTPMethod:  http.MethodPost,
+	return forms.WebhookForm{
+		WebhookCoreForm: form.WebhookCoreForm,
+		URL:             form.PayloadURL,
+		ContentType:     webhook_model.ContentTypeJSON,
+		Secret:          "",
+		HTTPMethod:      http.MethodPost,
 		Metadata: &DiscordMeta{
 			Username: form.Username,
 			IconURL:  form.IconURL,
@@ -287,7 +288,7 @@ type discordConvertor struct {
 	AvatarURL string
 }
 
-var _ payloadConvertor[DiscordPayload] = discordConvertor{}
+var _ shared.PayloadConvertor[DiscordPayload] = discordConvertor{}
 
 func (discordHandler) NewRequest(ctx context.Context, w *webhook_model.Webhook, t *webhook_model.HookTask) (*http.Request, []byte, error) {
 	meta := &DiscordMeta{}
@@ -298,7 +299,7 @@ func (discordHandler) NewRequest(ctx context.Context, w *webhook_model.Webhook,
 		Username:  meta.Username,
 		AvatarURL: meta.IconURL,
 	}
-	return newJSONRequest(sc, w, t, true)
+	return shared.NewJSONRequest(sc, w, t, true)
 }
 
 func parseHookPullRequestEventType(event webhook_module.HookEventType) (string, error) {

services/webhook/feishu.go

@@ -15,27 +15,28 @@ import (
 	api "code.gitea.io/gitea/modules/structs"
 	webhook_module "code.gitea.io/gitea/modules/webhook"
 	"code.gitea.io/gitea/services/forms"
+	"code.gitea.io/gitea/services/webhook/shared"
 )
 
 type feishuHandler struct{}
 
 func (feishuHandler) Type() webhook_module.HookType { return webhook_module.FEISHU }
-func (feishuHandler) Icon(size int) template.HTML   { return imgIcon("feishu.png", size) }
+func (feishuHandler) Icon(size int) template.HTML   { return shared.ImgIcon("feishu.png", size) }
 
-func (feishuHandler) FormFields(bind func(any)) FormFields {
+func (feishuHandler) UnmarshalForm(bind func(any)) forms.WebhookForm {
 	var form struct {
-		forms.WebhookForm
+		forms.WebhookCoreForm
 		PayloadURL string `binding:"Required;ValidUrl"`
 	}
 	bind(&form)
 
-	return FormFields{
-		WebhookForm: form.WebhookForm,
-		URL:         form.PayloadURL,
-		ContentType: webhook_model.ContentTypeJSON,
-		Secret:      "",
-		HTTPMethod:  http.MethodPost,
-		Metadata:    nil,
+	return forms.WebhookForm{
+		WebhookCoreForm: form.WebhookCoreForm,
+		URL:             form.PayloadURL,
+		ContentType:     webhook_model.ContentTypeJSON,
+		Secret:          "",
+		HTTPMethod:      http.MethodPost,
+		Metadata:        nil,
 	}
 }
 
@@ -192,8 +193,8 @@ func (fc feishuConvertor) Package(p *api.PackagePayload) (FeishuPayload, error)
 
 type feishuConvertor struct{}
 
-var _ payloadConvertor[FeishuPayload] = feishuConvertor{}
+var _ shared.PayloadConvertor[FeishuPayload] = feishuConvertor{}
 
 func (feishuHandler) NewRequest(ctx context.Context, w *webhook_model.Webhook, t *webhook_model.HookTask) (*http.Request, []byte, error) {
-	return newJSONRequest(feishuConvertor{}, w, t, true)
+	return shared.NewJSONRequest(feishuConvertor{}, w, t, true)
 }