9 Commits

Author SHA1 Message Date
siujamo 0aeaac17a4 feat: custom 401/403 error handling for unauthenticated requests
Replace default Spring Security 403 responses with custom 401 (not logged in)
and 403 (insufficient permissions) JSON error responses via exception handling
and global exception handler. Also bump API version to 1.4.0 and add Swagger
annotations for the GitHub webhook controller.
2026-06-29 09:38:12 +08:00
siujamo 17cd87c702 feat: inject build-time variables via Gradle processResources
Replace hardcoded AppProperties values with Gradle ${} placeholders,
allowing version/channel/vendor to be configured via gradle.properties
or -P flags at build time.

Also refactor webhook configuration to flatten the properties hierarchy
by removing the intermediate WebhookProperties wrapper.
2026-06-04 17:12:48 +08:00
siujamo 8c8ca58b74 feat: implement GitHub webhook HMAC-SHA256 signature verification
Verify X-Hub-Signature-256 header using CryptoUtil.hmacSha256 from
onixbyte crypto-toolbox. Signature check is skipped when no secret is
configured. Uses MessageDigest.isEqual for constant-time comparison.
2026-06-01 15:29:32 +08:00
zihluwang 0a6813ceea chore: add Spring Security to library 2026-04-12 05:37:24 +08:00
zihluwang 3f6d40fba7 feat: migrate database from MySQL to PostgreSQL and update schema 2026-04-06 21:02:56 +08:00
zihluwang 20c2da10ab feat: enhance Firearm entity and add query services with controllers 2026-04-03 15:38:24 +08:00
zihluwang 2616e70062 feat: add configurations and utility classes 2026-04-03 14:53:59 +08:00
zihluwang 8053bbb6b6 feat: add Firearm and Modification entities with database schema 2026-04-03 14:29:04 +08:00
zihluwang 06210f22dc feat: initialize project structure with Gradle and Spring Boot setup 2026-04-03 10:45:20 +08:00