github_webhook 1.3.0 → 1.4.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/README.md +1 -1
- data/lib/github_webhook/processor.rb +6 -10
- data/lib/github_webhook/version.rb +1 -1
- data/spec/github_webhook/processor_spec.rb +16 -7
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: ec22b9a09fcb0d2833a46cffacf39ac9703b33fd0b909bfee2258f4191fdfc21
|
|
4
|
+
data.tar.gz: 0f0fc361b3f1ccccb93dc66baf1b75d3ebc1f34fa3ef6022a0598dd6abc20c1b
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 4292322d0e533e85de5fdedf0c67efe57847114beda60ba710a3fe191d9a59ad3c61fe8ead9c68272ba8067b53f709a10980059c6cb4a37f3898a6bc6b0b1f3a
|
|
7
|
+
data.tar.gz: 767ce312e69c381ac91cc6bd4c9cf913b1297ca9d4ee990f38cf8e55f306c8607421dcaf1b0ab9941da41003f20674346512c53595d5d61c6a9866cdb6f5a559
|
data/README.md
CHANGED
|
@@ -1,16 +1,12 @@
|
|
|
1
1
|
module GithubWebhook::Processor
|
|
2
2
|
extend ActiveSupport::Concern
|
|
3
|
+
require 'abstract_controller'
|
|
3
4
|
|
|
4
5
|
included do
|
|
5
6
|
before_action :authenticate_github_request!, only: :create
|
|
6
7
|
before_action :check_github_event!, only: :create
|
|
7
8
|
end
|
|
8
9
|
|
|
9
|
-
class SignatureError < StandardError; end
|
|
10
|
-
class UnspecifiedWebhookSecretError < StandardError; end
|
|
11
|
-
class UnsupportedGithubEventError < StandardError; end
|
|
12
|
-
class UnsupportedContentTypeError < StandardError; end
|
|
13
|
-
|
|
14
10
|
# To fetch list from https://developer.github.com/v3/activity/events/types
|
|
15
11
|
# run this little JS code in the console:
|
|
16
12
|
# document.querySelectorAll('.list-style-none li.lh-condensed a').forEach(e => console.log(e.text))
|
|
@@ -75,7 +71,7 @@ module GithubWebhook::Processor
|
|
|
75
71
|
self.send event_method, json_body
|
|
76
72
|
head(:ok)
|
|
77
73
|
else
|
|
78
|
-
raise
|
|
74
|
+
raise AbstractController::ActionNotFound.new("GithubWebhooksController##{event_method} not implemented")
|
|
79
75
|
end
|
|
80
76
|
end
|
|
81
77
|
|
|
@@ -89,20 +85,20 @@ module GithubWebhook::Processor
|
|
|
89
85
|
HMAC_DIGEST = OpenSSL::Digest.new('sha256')
|
|
90
86
|
|
|
91
87
|
def authenticate_github_request!
|
|
92
|
-
raise
|
|
88
|
+
raise AbstractController::ActionNotFound.new unless respond_to?(:webhook_secret, true)
|
|
93
89
|
secret = webhook_secret(json_body)
|
|
94
90
|
|
|
95
91
|
expected_signature = "sha256=#{OpenSSL::HMAC.hexdigest(HMAC_DIGEST, secret, request_body)}"
|
|
96
92
|
unless ActiveSupport::SecurityUtils.secure_compare(signature_header, expected_signature)
|
|
97
93
|
GithubWebhook.logger && GithubWebhook.logger.warn("[GithubWebhook::Processor] signature "\
|
|
98
94
|
"invalid, actual: #{signature_header}, expected: #{expected_signature}")
|
|
99
|
-
raise
|
|
95
|
+
raise AbstractController::ActionNotFound
|
|
100
96
|
end
|
|
101
97
|
end
|
|
102
98
|
|
|
103
99
|
def check_github_event!
|
|
104
100
|
unless GITHUB_EVENTS.include?(request.headers['X-GitHub-Event'])
|
|
105
|
-
raise
|
|
101
|
+
raise AbstractController::ActionNotFound.new("#{request.headers['X-GitHub-Event']} is not a whitelisted GitHub event. See https://developer.github.com/v3/activity/events/types/")
|
|
106
102
|
end
|
|
107
103
|
end
|
|
108
104
|
|
|
@@ -123,7 +119,7 @@ module GithubWebhook::Processor
|
|
|
123
119
|
when 'application/json'
|
|
124
120
|
payload = request_body
|
|
125
121
|
else
|
|
126
|
-
raise
|
|
122
|
+
raise AbstractController::ActionNotFound.new(
|
|
127
123
|
"Content-Type #{content_type} is not supported. Use 'application/x-www-form-urlencoded' or 'application/json")
|
|
128
124
|
end
|
|
129
125
|
ActiveSupport::HashWithIndifferentAccess.new(JSON.load(payload))
|
|
@@ -53,9 +53,9 @@ module GithubWebhook
|
|
|
53
53
|
context 'when #webhook_secret is not defined' do
|
|
54
54
|
let(:controller_class) { ControllerWithoutSecret }
|
|
55
55
|
|
|
56
|
-
it "raises a
|
|
56
|
+
it "raises a AbstractController::ActionNotFound" do
|
|
57
57
|
expect { controller.send :authenticate_github_request! }
|
|
58
|
-
.to raise_error(
|
|
58
|
+
.to raise_error(AbstractController::ActionNotFound)
|
|
59
59
|
end
|
|
60
60
|
end
|
|
61
61
|
|
|
@@ -99,19 +99,25 @@ module GithubWebhook
|
|
|
99
99
|
controller.request.headers['X-Hub-Signature-256'] = "sha256=FOOBAR"
|
|
100
100
|
controller.request.headers['X-GitHub-Event'] = 'push'
|
|
101
101
|
controller.request.headers['Content-Type'] = 'application/json'
|
|
102
|
-
expect { controller.send :authenticate_github_request! }.to raise_error(
|
|
102
|
+
expect { controller.send :authenticate_github_request! }.to raise_error(AbstractController::ActionNotFound)
|
|
103
103
|
end
|
|
104
104
|
|
|
105
105
|
it "raises an error when the github event method is not implemented" do
|
|
106
106
|
controller.request.headers['X-GitHub-Event'] = 'deployment'
|
|
107
107
|
controller.request.headers['Content-Type'] = 'application/json'
|
|
108
|
-
expect { controller.create }.to raise_error(
|
|
108
|
+
expect { controller.create }.to raise_error(
|
|
109
|
+
AbstractController::ActionNotFound,
|
|
110
|
+
"GithubWebhooksController#github_deployment not implemented",
|
|
111
|
+
)
|
|
109
112
|
end
|
|
110
113
|
|
|
111
114
|
it "raises an error when the github event is not in the whitelist" do
|
|
112
115
|
controller.request.headers['X-GitHub-Event'] = 'fake_event'
|
|
113
116
|
controller.request.headers['Content-Type'] = 'application/json'
|
|
114
|
-
expect { controller.send :check_github_event! }.to raise_error(
|
|
117
|
+
expect { controller.send :check_github_event! }.to raise_error(
|
|
118
|
+
AbstractController::ActionNotFound,
|
|
119
|
+
"fake_event is not a whitelisted GitHub event. See https://developer.github.com/v3/activity/events/types/",
|
|
120
|
+
)
|
|
115
121
|
end
|
|
116
122
|
|
|
117
123
|
it "raises an error when the content type is not correct" do
|
|
@@ -119,14 +125,17 @@ module GithubWebhook
|
|
|
119
125
|
controller.request.headers['X-Hub-Signature-256'] = "sha256=3f3ab3986b656abb17af3eb1443ed6c08ef8fff9fea83915909d1b421aec89be"
|
|
120
126
|
controller.request.headers['X-GitHub-Event'] = 'ping'
|
|
121
127
|
controller.request.headers['Content-Type'] = 'application/xml'
|
|
122
|
-
expect { controller.send :authenticate_github_request! }.to raise_error(
|
|
128
|
+
expect { controller.send :authenticate_github_request! }.to raise_error(
|
|
129
|
+
AbstractController::ActionNotFound,
|
|
130
|
+
"Content-Type application/xml is not supported. Use 'application/x-www-form-urlencoded' or 'application/json",
|
|
131
|
+
)
|
|
123
132
|
end
|
|
124
133
|
|
|
125
134
|
it 'raises SignatureError when the X-Hub-Signature header is missing' do
|
|
126
135
|
controller.request.body = StringIO.new('{}')
|
|
127
136
|
controller.request.headers['Content-Type'] = 'application/json'
|
|
128
137
|
controller.request.headers['X-GitHub-Event'] = 'ping'
|
|
129
|
-
expect { controller.send :authenticate_github_request! }.to raise_error(
|
|
138
|
+
expect { controller.send :authenticate_github_request! }.to raise_error(AbstractController::ActionNotFound)
|
|
130
139
|
end
|
|
131
140
|
end
|
|
132
141
|
end
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: github_webhook
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 1.
|
|
4
|
+
version: 1.4.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Sebastien Saunier
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2021-12-
|
|
11
|
+
date: 2021-12-16 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: rack
|