github_webhook 0.1.0

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: 0fbad7d92b15339ae2705eb8fa70f8473ead19de
+  data.tar.gz: 7651d1752b27aeecb0be2fcbbe1b40c5844ebe23
+SHA512:
+  metadata.gz: ff8ad0cc5bca27dea1c2b8422b451d7b569dac12a78994fd0942c074d2f6107935497ea9eed0dfe0aa2552d10a0317820955d1aa73787186a11f9ac755feff6e
+  data.tar.gz: 3edff72e3d0f132112b3358965c1385d58aada7ce51b4352a85708c892e94197f7cca925b50cebb7cef272f6b5cbf5198a9c6cd37519083408a307ef6aaaa51a

data/.gitignore

@@ -0,0 +1,2 @@
+.DS_Store
+*.gem

data/Gemfile

@@ -0,0 +1,4 @@
+source 'https://rubygems.org'
+
+# Specify your gem's dependencies in github_webhook.gemspec
+gemspec

data/Gemfile.lock

@@ -0,0 +1,40 @@
+PATH
+  remote: .
+  specs:
+    github_webhook (0.1.0)
+      activesupport (~> 4)
+
+GEM
+  remote: https://rubygems.org/
+  specs:
+    activesupport (4.1.0)
+      i18n (~> 0.6, >= 0.6.9)
+      json (~> 1.7, >= 1.7.7)
+      minitest (~> 5.1)
+      thread_safe (~> 0.1)
+      tzinfo (~> 1.1)
+    diff-lcs (1.2.5)
+    i18n (0.6.9)
+    json (1.8.1)
+    minitest (5.3.3)
+    rake (10.3.1)
+    rspec (2.14.1)
+      rspec-core (~> 2.14.0)
+      rspec-expectations (~> 2.14.0)
+      rspec-mocks (~> 2.14.0)
+    rspec-core (2.14.8)
+    rspec-expectations (2.14.5)
+      diff-lcs (>= 1.1.3, < 2.0)
+    rspec-mocks (2.14.6)
+    thread_safe (0.3.3)
+    tzinfo (1.1.0)
+      thread_safe (~> 0.1)
+
+PLATFORMS
+  ruby
+
+DEPENDENCIES
+  bundler (~> 1.5)
+  github_webhook!
+  rake (~> 10.1)
+  rspec (~> 2.14)

data/LICENSE.txt

@@ -0,0 +1,22 @@
+Copyright (c) 2014 Sebastien Saunier
+
+MIT License
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/README.md

@@ -0,0 +1,75 @@
+# GithubWebhook
+
+This gem will help you to quickly setup a route in your Rails application which listens
+to a [GitHub webhook](https://developer.github.com/webhooks/)
+
+## Installation
+
+Add this line to your application's Gemfile:
+
+```ruby
+gem 'github_webhook'
+```
+
+And then execute:
+
+    $ bundle install
+
+## Configuration
+
+First, configure a route to receive the github webhook POST requests.
+
+```ruby
+# config/routes.rb
+resource :github_webhooks, only: :create, defaults: { formats: :json }
+```
+
+Then create a new controller:
+
+```ruby
+# app/controllers/github_webhooks_controller.rb
+class GithubWebhooksController < ActionController::Base
+  include GithubWebhook::Processor
+  WEBHOOK_SECRET = ENV['GITHUB_WEBHOOK_SECRET']
+
+  def push(payload)
+    # TODO: handle push webhook
+  end
+end
+```
+
+Add as many instance methods as events you want to handle in
+your controller. You can read the [full list of events](https://developer.github.com/v3/activity/events/types/) GitHub can notify you about.
+
+## Adding the Webhook to your git repository:
+
+First, install [octokit](https://github.com/octokit/octokit.rb), then run a rails console.
+
+```bash
+$ gem install octokit
+$ rails console
+```
+
+In the rails console, add the WebHook to GitHub:
+
+```ruby
+require "octokit"
+client = Octokit::Client.new(:login => 'ssaunier', :password => 's3cr3t!!!')
+
+repo = "ssaunier/github_webhook"
+callback_url = "yourdomain.com/github_webhooks"
+webhook_secret = "a_gr34t_s3cr3t"  # Must be set after that in ENV['GITHUB_WEBHOOK_SECRET']
+
+# Create the WebHook
+client.subscribe "https://github.com/#{repo}/events/push.json", callback_url, secret
+```
+
+The secret is set at the webhook creation. Store it in an environment variable,
+`GITHUB_WEBHOOK_SECRET` as per the example. It is important to have such a secret,
+as it will guarantee that your process legit webhooks requests, thus only from GitHub.
+
+You can have an overview of your webhooks at the following URL:
+
+```
+https://github.com/:username/:repo/settings/hooks
+```

data/Rakefile

@@ -0,0 +1,13 @@
+#!/usr/bin/env rake
+require "bundler/gem_tasks"
+
+require 'rspec'
+require 'rspec/core/rake_task'
+
+desc "Run all RSpec test examples"
+RSpec::Core::RakeTask.new do |spec|
+  spec.rspec_opts = ["-c", "-f progress"]
+  spec.pattern = 'spec/**/*_spec.rb'
+end
+
+task :default => :spec

data/github_webhook.gemspec

@@ -0,0 +1,26 @@
+# coding: utf-8
+lib = File.expand_path('../lib', __FILE__)
+$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
+require 'github_webhook/version'
+
+Gem::Specification.new do |spec|
+  spec.name          = "github_webhook"
+  spec.version       = GithubWebhook::VERSION
+  spec.authors       = ["Sebastien Saunier"]
+  spec.email         = ["seb@saunier.me"]
+  spec.summary       = %q{Rails engine handling Github Webhook}
+  spec.description   = spec.summary
+  spec.homepage      = "https://github.com/ssaunier/github_webhook"
+  spec.license       = "MIT"
+
+  spec.files         = `git ls-files -z`.split("\x0")
+  spec.executables   = spec.files.grep(%r{^bin/}) { |f| File.basename(f) }
+  spec.test_files    = spec.files.grep(%r{^(test|spec|features)/})
+  spec.require_paths = ["lib"]
+
+  spec.add_dependency "activesupport", "~> 4"
+
+  spec.add_development_dependency "bundler", "~> 1.5"
+  spec.add_development_dependency "rake", "~> 10.1"
+  spec.add_development_dependency "rspec", "~> 2.14"
+end

data/lib/github_webhook.rb

@@ -0,0 +1,7 @@
+require 'json'
+require 'openssl'
+require 'active_support/concern'
+require 'active_support/core_ext/hash/indifferent_access'
+
+require 'github_webhook/version'
+require 'github_webhook/processor'

data/lib/github_webhook/processor.rb

@@ -0,0 +1,43 @@
+module GithubWebhook::Processor
+  extend ActiveSupport::Concern
+
+  included do
+    before_filter :authenticate_github_request!, :only => :create
+  end
+
+  class SignatureError < StandardError; end
+  class UnspecifiedWebhookSecretError < StandardError; end
+
+  def create
+    self.send json_body[:action], json_body
+    head(:ok)
+  end
+
+  private
+
+  HMAC_DIGEST = OpenSSL::Digest.new('sha1')
+
+  def authenticate_github_request!
+    raise UnspecifiedWebhookSecretError.new unless defined?(self.class::WEBHOOK_SECRET)
+
+    expected_signature = "sha1=#{OpenSSL::HMAC.hexdigest(HMAC_DIGEST, self.class::WEBHOOK_SECRET, request_body)}"
+    if signature_header != expected_signature
+      raise SignatureError.new "Actual: #{signature_header}, Expected: #{expected_signature}"
+    end
+  end
+
+  def request_body
+    @request_body ||= (
+      request.body.rewind
+      request.body.read
+    )
+  end
+
+  def json_body
+    @json_body ||= ActiveSupport::HashWithIndifferentAccess.new(JSON.load(request_body))
+  end
+
+  def signature_header
+    @signature_header ||= request.headers['X-Hub-Signature']
+  end
+end

data/lib/github_webhook/version.rb

@@ -0,0 +1,3 @@
+module GithubWebhook
+  VERSION = "0.1.0"
+end

data/spec/github_webhook/processor_spec.rb

@@ -0,0 +1,65 @@
+require 'spec_helper'
+
+module GithubWebhook
+  describe Processor do
+
+    class Request
+      attr_accessor :headers, :body
+
+      def initialize
+        @headers = {}
+        @body = StringIO.new
+      end
+    end
+
+    class ControllerWithoutSecret
+      ### Helpers to mock ActionController::Base behavior
+      attr_accessor :request, :pushed
+
+      def self.skip_before_filter(*args); end
+      def self.before_filter(*args); end
+      def head(*args); end
+      ###
+
+      include GithubWebhook::Processor
+
+      def push(payload)
+        @pushed = payload[:foo]
+      end
+    end
+
+    class Controller < ControllerWithoutSecret
+      WEBHOOK_SECRET = "secret"
+    end
+
+    let(:controller) do
+      controller = Controller.new
+      controller.request = Request.new
+      controller
+    end
+
+    let(:controller_without_secret) do
+      ControllerWithoutSecret.new
+    end
+
+    describe "#create" do
+      it "raises an error when secret is not defined" do
+        expect { controller_without_secret.send :authenticate_github_request! }.to raise_error
+      end
+
+      it "calls the #push method in controller" do
+        controller.request.body = StringIO.new({ :action => "push", :foo => "bar" }.to_json.to_s)
+        controller.request.headers['X-Hub-Signature'] = "sha1=2bceed8940ebc87562f68ee5028db18685ce5607"
+        controller.send :authenticate_github_request!  # Manually as we don't have the before_filter logic in our Mock object
+        controller.create
+        controller.pushed.should eq "bar"
+      end
+
+      it "raises an error when signature does not match" do
+        controller.request.body = StringIO.new({ :action => "push", :foo => "bar" }.to_json.to_s)
+        controller.request.headers['X-Hub-Signature'] = "sha1=FOOBAR"
+        expect { controller_without_secret.send :authenticate_github_request! }.to raise_error
+      end
+    end
+  end
+end

data/spec/spec_helper.rb

@@ -0,0 +1,10 @@
+ENV['RAILS_ENV'] ||= 'test'
+
+require "github_webhook"
+
+# Load support files
+Dir["#{File.dirname(__FILE__)}/support/**/*.rb"].each { |f| require f }
+
+RSpec.configure do |config|
+  config.order = "random"
+end

metadata

@@ -0,0 +1,114 @@
+--- !ruby/object:Gem::Specification
+name: github_webhook
+version: !ruby/object:Gem::Version
+  version: 0.1.0
+platform: ruby
+authors:
+- Sebastien Saunier
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2014-04-25 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: activesupport
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '4'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '4'
+- !ruby/object:Gem::Dependency
+  name: bundler
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.5'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.5'
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '10.1'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '10.1'
+- !ruby/object:Gem::Dependency
+  name: rspec
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '2.14'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '2.14'
+description: Rails engine handling Github Webhook
+email:
+- seb@saunier.me
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- ".gitignore"
+- Gemfile
+- Gemfile.lock
+- LICENSE.txt
+- README.md
+- Rakefile
+- github_webhook.gemspec
+- lib/github_webhook.rb
+- lib/github_webhook/processor.rb
+- lib/github_webhook/version.rb
+- spec/github_webhook/processor_spec.rb
+- spec/spec_helper.rb
+homepage: https://github.com/ssaunier/github_webhook
+licenses:
+- MIT
+metadata: {}
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: 
+rubygems_version: 2.2.2
+signing_key: 
+specification_version: 4
+summary: Rails engine handling Github Webhook
+test_files:
+- spec/github_webhook/processor_spec.rb
+- spec/spec_helper.rb