From 52294a5de285dfe587240633d9b4bcfd4caa2d09 Mon Sep 17 00:00:00 2001
From: Aurelien Poscia <aurelien.poscia@sonarsource.com>
Date: Wed, 23 Aug 2023 11:57:44 +0200
Subject: [PATCH] SONAR-19977 add AppId to force auth via webhook

---
 .../almintegrations/AlmIntegrationsService.java      |  1 +
 ...GithubCodeScanningAlertWebhookPayloadRequest.java | 12 ++++++++++++
 2 files changed, 13 insertions(+)

diff --git a/sonar-ws/src/main/java/org/sonarqube/ws/client/almintegrations/AlmIntegrationsService.java b/sonar-ws/src/main/java/org/sonarqube/ws/client/almintegrations/AlmIntegrationsService.java
index 35075f7ae72..43120ad451b 100644
--- a/sonar-ws/src/main/java/org/sonarqube/ws/client/almintegrations/AlmIntegrationsService.java
+++ b/sonar-ws/src/main/java/org/sonarqube/ws/client/almintegrations/AlmIntegrationsService.java
@@ -239,6 +239,7 @@ public class AlmIntegrationsService extends BaseService {
         .setHeader("X-GitHub-Event", request.getGithubEventHeader())
         .setHeader("X-Hub-Signature", request.getGithubSignatureHeader())
         .setHeader("X-Hub-Signature-256", request.getGithubSignature256Header())
+        .setHeader("x-github-hook-installation-target-id", request.getGithubAppId())
         .setBody(request.getPayload())
         .setMediaType(MediaTypes.JSON)
     ).content();
diff --git a/sonar-ws/src/main/java/org/sonarqube/ws/client/almintegrations/SendGithubCodeScanningAlertWebhookPayloadRequest.java b/sonar-ws/src/main/java/org/sonarqube/ws/client/almintegrations/SendGithubCodeScanningAlertWebhookPayloadRequest.java
index 770d1fd99a1..46863363a22 100644
--- a/sonar-ws/src/main/java/org/sonarqube/ws/client/almintegrations/SendGithubCodeScanningAlertWebhookPayloadRequest.java
+++ b/sonar-ws/src/main/java/org/sonarqube/ws/client/almintegrations/SendGithubCodeScanningAlertWebhookPayloadRequest.java
@@ -24,6 +24,7 @@ import javax.annotation.Generated;
 /**
  * This is part of the internal API.
  * This is a POST request.
+ *
  * @see <a href="https://next.sonarqube.com/sonarqube/web_api/api/alm_integrations/webhook_github">Further information about this action online (including a response example)</a>
  * @since 9.7
  */
@@ -34,6 +35,8 @@ public class SendGithubCodeScanningAlertWebhookPayloadRequest {
   private String githubSignatureHeader;
   private String githubSignature256Header;
 
+  private String githubAppId;
+
   /**
    * This is a mandatory parameter.
    */
@@ -81,4 +84,13 @@ public class SendGithubCodeScanningAlertWebhookPayloadRequest {
   public String getGithubSignature256Header() {
     return githubSignature256Header;
   }
+
+  public String getGithubAppId() {
+    return githubAppId;
+  }
+
+  public SendGithubCodeScanningAlertWebhookPayloadRequest setGithubAppId(String githubAppId) {
+    this.githubAppId = githubAppId;
+    return this;
+  }
 }
-- 
2.39.5