From 9435feba8d4b6d0ef90a4a0521ff7badf1c75d22 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Thorben=20G=C3=BCnther?= <admin@xenrox.net>
Date: Mon, 10 Oct 2022 22:59:05 +0200
Subject: [PATCH] Set HTTP status codes when declining payload

---
 main.go | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/main.go b/main.go
index 2fad806..36a2b33 100644
--- a/main.go
+++ b/main.go
@@ -37,12 +37,14 @@ func (rcv *receiver) handleWebhooks(w http.ResponseWriter, r *http.Request) {
 	defer r.Body.Close()
 
 	if r.Method != http.MethodPost {
+		http.Error(w, "Only POST allowed", http.StatusMethodNotAllowed)
 		rcv.logger.Debugf("illegal HTTP method: expected %q, got %q", "POST", r.Method)
 		return
 	}
 
 	contentType := r.Header.Get("Content-Type")
 	if contentType != "application/json" {
+		http.Error(w, "Only application/json allowed", http.StatusUnsupportedMediaType)
 		rcv.logger.Debugf("illegal content type: %s", contentType)
 		return
 	}
@@ -117,6 +119,7 @@ func (rcv *receiver) basicAuthMiddleware(handler http.HandlerFunc) http.HandlerF
 		}
 
 		if user != rcv.cfg.User || pass != rcv.cfg.Password {
+			http.Error(w, "Unauthorized", http.StatusUnauthorized)
 			rcv.logger.Debug("basic auth: wrong user or password")
 			return
 		}