From b264f42e3d5be04ab0360f6f66566a2a70753e8d Mon Sep 17 00:00:00 2001
From: Pinyoo Thotaboot <pinyoo_too@hotmail.com>
Date: Mon, 26 May 2025 11:31:40 +0700
Subject: [PATCH] Fixed handle verify signature when has failed

---
 pr_agent/servers/gitea_app.py | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/pr_agent/servers/gitea_app.py b/pr_agent/servers/gitea_app.py
index 85399f2c..018a746d 100644
--- a/pr_agent/servers/gitea_app.py
+++ b/pr_agent/servers/gitea_app.py
@@ -51,7 +51,11 @@ async def get_body(request: Request):
             get_logger().error("Missing signature header")
             raise HTTPException(status_code=400, detail="Missing signature header")
         
-        verify_signature(body_bytes, webhook_secret, f"sha256={signature_header}")
+        try:
+            verify_signature(body_bytes, webhook_secret, f"sha256={signature_header}")
+        except Exception as ex:
+            get_logger().error(f"Invalid signature: {ex}")
+            raise HTTPException(status_code=401, detail="Invalid signature")
 
     return body