894ba77d94
## Summary Fixes #5590 Fixes #5713 This PR fixes an issue where webhook handling fails with "failure to parse hook" error when the user's OAuth access token has expired. The root cause is that the Bitbucket and GitHub forge implementations make API calls during webhook processing without first refreshing the OAuth token. ## Problem When a webhook arrives from Bitbucket or GitHub, the `Hook()` function (and its helper functions) make API calls to fetch additional data (changed files, repo info, etc.). These API calls use the stored OAuth access token, which may have expired. **Before this fix:** 1. Webhook arrives 2. `Hook()` makes API calls with potentially expired token 3. API call fails with "OAuth2 access token expired" 4. Error bubbles up as HTTP 400 "failure to parse hook" 5. `forge.Refresh()` is called later in `PostHook()` - but it's too late **Example error from logs:** `failure to parse hook error="OAuth2 access token expired. Use your refresh token to obtain a new access token."` ## Solution Add `forge.Refresh()` calls before making API calls in the webhook handling code paths. This follows the same pattern already used by: - Bitbucket Data Center forge (`server/forge/bitbucketdatacenter/bitbucketdatacenter.go`) - Other code paths like `pipeline.Create()`, `cron.go`, etc. ### Changes **Bitbucket** (`server/forge/bitbucket/bitbucket.go`): - Added `forge.Refresh()` in `Hook()` before API calls **GitHub** (`server/forge/github/github.go`): - Added `forge.Refresh()` in `loadChangedFilesFromPullRequest()` - Added `forge.Refresh()` in `getTagCommitSHA()` - Added `forge.Refresh()` in `loadChangedFilesFromCommits()` ## Testing - All existing Bitbucket and GitHub forge tests pass - Tested in production environment with Bitbucket (waited for token expiry, webhook succeeded after fix)
Woodpecker
Woodpecker is a simple, yet powerful CI/CD engine with great extensibility.
Installation & Resources
Woodpecker can be installed in various ways (see the Installation Instructions) and runs with SQLite as database by default. It requires around 100 MB of RAM (Server) and 30 MB (Agent) at runtime in idle mode.
Support
You can support the project by becoming a backer on Open Collective or via GitHub Sponsors.
Documentation
Our documentation can be found at https://woodpecker-ci.org/docs/intro.
Translation
We have a self-hosted Weblate instance at translate.woodpecker-ci.org.
An overview of the current translation state is available at https://translate.woodpecker-ci.org/projects/woodpecker-ci/#languages.
Public Woodpecker Instances
Woodpecker is used as the main CI/CD engine at Codeberg, an alternative Git hosting platform with a focus on privacy and free software development.
Plugins
Woodpecker can be extended via plugins. The plugin overview website helps browsing available plugins. It combines both plugins by the Woodpecker core team and community-maintained ones.
Star History
License
Woodpecker is Apache 2.0 licensed. The source files have a header indicating which license they are under and what copyrights apply.
Everything in docs/ is licensed under the Creative Commons Attribution-ShareAlike 4.0 International Public License.