diff options
| author | George Claghorn <george@basecamp.com> | 2018-10-29 13:45:24 -0400 |
|---|---|---|
| committer | George Claghorn <george@basecamp.com> | 2018-10-29 13:45:24 -0400 |
| commit | be0a8bec8701c7df2667dbf1569429218ea30370 (patch) | |
| tree | 9dbf39394a938caa14411febca02db043d379b92 /app | |
| parent | 02fcfec0c682cb3ff175927155a37e934ee1d0fe (diff) | |
| download | rails-be0a8bec8701c7df2667dbf1569429218ea30370.tar.gz rails-be0a8bec8701c7df2667dbf1569429218ea30370.tar.bz2 rails-be0a8bec8701c7df2667dbf1569429218ea30370.zip | |
Raise when required config is missing
Diffstat (limited to 'app')
3 files changed, 25 insertions, 3 deletions
diff --git a/app/controllers/action_mailbox/base_controller.rb b/app/controllers/action_mailbox/base_controller.rb index 6f0e7e42d1..a64a817b51 100644 --- a/app/controllers/action_mailbox/base_controller.rb +++ b/app/controllers/action_mailbox/base_controller.rb @@ -3,9 +3,13 @@ class ActionMailbox::BaseController < ActionController::Base private def authenticate - authenticate_or_request_with_http_basic("Action Mailbox") do |given_username, given_password| - ActiveSupport::SecurityUtils.secure_compare(given_username, username) & - ActiveSupport::SecurityUtils.secure_compare(given_password, password) + if username.present? && password.present? + authenticate_or_request_with_http_basic("Action Mailbox") do |given_username, given_password| + ActiveSupport::SecurityUtils.secure_compare(given_username, username) & + ActiveSupport::SecurityUtils.secure_compare(given_password, password) + end + else + raise ArgumentError, "Missing required ingress credentials" end end end diff --git a/app/controllers/action_mailbox/ingresses/mailgun/inbound_emails_controller.rb b/app/controllers/action_mailbox/ingresses/mailgun/inbound_emails_controller.rb index 46b0977592..c7e53b07f4 100644 --- a/app/controllers/action_mailbox/ingresses/mailgun/inbound_emails_controller.rb +++ b/app/controllers/action_mailbox/ingresses/mailgun/inbound_emails_controller.rb @@ -24,6 +24,8 @@ class ActionMailbox::Ingresses::Mailgun::InboundEmailsController < ActionMailbox def initialize(timestamp:, token:, signature:) @timestamp, @token, @signature = Integer(timestamp), token, signature + + ensure_presence_of_key end def authenticated? @@ -31,6 +33,13 @@ class ActionMailbox::Ingresses::Mailgun::InboundEmailsController < ActionMailbox end private + def ensure_presence_of_key + unless key.present? + raise ArgumentError, "Missing required Mailgun API key" + end + end + + def signed? ActiveSupport::SecurityUtils.secure_compare signature, expected_signature end diff --git a/app/controllers/action_mailbox/ingresses/mandrill/inbound_emails_controller.rb b/app/controllers/action_mailbox/ingresses/mandrill/inbound_emails_controller.rb index 31e1315ccd..bcaa5faf23 100644 --- a/app/controllers/action_mailbox/ingresses/mandrill/inbound_emails_controller.rb +++ b/app/controllers/action_mailbox/ingresses/mandrill/inbound_emails_controller.rb @@ -33,6 +33,8 @@ class ActionMailbox::Ingresses::Mandrill::InboundEmailsController < ActionMailbo def initialize(request) @request = request + + ensure_presence_of_key end def authenticated? @@ -40,6 +42,13 @@ class ActionMailbox::Ingresses::Mandrill::InboundEmailsController < ActionMailbo end private + def ensure_presence_of_key + unless key.present? + raise ArgumentError, "Missing required Mandrill API key" + end + end + + def given_signature request.headers["X-Mandrill-Signature"] end |