Skip to content

Commit

Permalink
Browse files Browse the repository at this point in the history
Merge pull request #22 from mcgin/master
[FIXED JENKINS-26234]  Adding crumb exclusion
  • Loading branch information
fbelzunc committed Dec 13, 2015
2 parents 924bdd2 + d8778dc commit 67fb8b7
Show file tree
Hide file tree
Showing 3 changed files with 56 additions and 2 deletions.
@@ -0,0 +1,26 @@
package com.cloudbees.jenkins.plugins;

import hudson.Extension;
import hudson.security.csrf.CrumbExclusion;

import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;

@Extension
public class BitbucketCrumbExclusion extends CrumbExclusion {
private static final String EXCLUSION_PATH = "/" + BitbucketHookReceiver.BITBUCKET_HOOK_URL;

@Override
public boolean process(HttpServletRequest req, HttpServletResponse resp, FilterChain chain)
throws IOException, ServletException {
String pathInfo = req.getPathInfo();
if (pathInfo != null && (pathInfo.equals(EXCLUSION_PATH) || pathInfo.equals(EXCLUSION_PATH + "/"))) {
chain.doFilter(req, resp);
return true;
}
return false;
}
}
Expand Up @@ -20,7 +20,7 @@
public class BitbucketHookReceiver implements UnprotectedRootAction {

private final BitbucketPayloadProcessor payloadProcessor = new BitbucketPayloadProcessor();
private final String BITBUCKET_HOOK_URL = "bitbucket-hook";
public static final String BITBUCKET_HOOK_URL = "bitbucket-hook";

public String getIconFileName() {
return null;
Expand Down Expand Up @@ -59,5 +59,4 @@ public void doIndex(StaplerRequest req) throws IOException {
}

private static final Logger LOGGER = Logger.getLogger(BitbucketHookReceiver.class.getName());

}
@@ -0,0 +1,29 @@
package com.cloudbees.jenkins.plugins;

import com.gargoylesoftware.htmlunit.HttpMethod;
import com.gargoylesoftware.htmlunit.WebRequestSettings;
import com.gargoylesoftware.htmlunit.WebResponse;
import org.junit.Rule;
import org.junit.Test;
import org.jvnet.hudson.test.JenkinsRule;
import org.xml.sax.SAXException;

import java.io.IOException;
import java.net.URL;

import static org.junit.Assert.assertEquals;

public class CrumbExclusionTest {
@Rule
public JenkinsRule jenkins = new JenkinsRule();

@Test
public void shouldNotRequireACrumbForTheBitbucketHookUrl() throws IOException, SAXException {
JenkinsRule.WebClient webClient = jenkins.createWebClient();
WebRequestSettings wrs = new WebRequestSettings(new URL(webClient.getContextPath() + "bitbucket-hook"),
HttpMethod.POST);
WebResponse resp = webClient.getPage(wrs).getWebResponse();

assertEquals(resp.getStatusCode(), 200);
}
}

0 comments on commit 67fb8b7

Please sign in to comment.