octoks 0.0.2 → 0.0.3
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/octoks/receiver.rb +20 -2
- data/lib/octoks/version.rb +1 -1
- data/octoks.gemspec +3 -0
- data/test/octoks/test_receiver_secret.rb +30 -0
- metadata +19 -3
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: f01a72b6d4686929f27246110d1321cde9803a0c
|
|
4
|
+
data.tar.gz: 50d1096709d5d3b16b86d24dc68d634e9deefdb9
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 837a171ab1decbfd3072b9e18ce8aa605204a456f977a193b4712677f7db56f63fb416c08b1ded8f26b8690a8a52586b35fb95e859aeb67fb027567fdd782718
|
|
7
|
+
data.tar.gz: f583546331816c6ccdbdb095b1c004b423fc69f61cc8590fcd6026f07e2a3dbed5b687e0a7cf21004ed215d840b14a246322d8ccb3f1b05fbe50accdc3525bd1
|
data/lib/octoks/receiver.rb
CHANGED
|
@@ -1,12 +1,16 @@
|
|
|
1
1
|
require 'rack'
|
|
2
2
|
require 'json'
|
|
3
|
+
require 'openssl'
|
|
4
|
+
require 'secure_compare'
|
|
3
5
|
|
|
4
6
|
module Octoks
|
|
5
7
|
class Receiver
|
|
6
8
|
attr_accessor :hooks
|
|
9
|
+
attr_reader :secret
|
|
7
10
|
|
|
8
|
-
def initialize
|
|
9
|
-
@hooks
|
|
11
|
+
def initialize(secret = nil)
|
|
12
|
+
@hooks = {}
|
|
13
|
+
@secret = secret
|
|
10
14
|
end
|
|
11
15
|
|
|
12
16
|
def on(name, &cb)
|
|
@@ -29,6 +33,10 @@ module Octoks
|
|
|
29
33
|
return failed
|
|
30
34
|
end
|
|
31
35
|
|
|
36
|
+
unless verify_signature(req)
|
|
37
|
+
return failed
|
|
38
|
+
end
|
|
39
|
+
|
|
32
40
|
begin
|
|
33
41
|
payload = JSON.parse(req.params['payload'])
|
|
34
42
|
rescue
|
|
@@ -42,5 +50,15 @@ module Octoks
|
|
|
42
50
|
|
|
43
51
|
[200, [], ["OK"]]
|
|
44
52
|
end
|
|
53
|
+
|
|
54
|
+
HMAC_DIGEST = OpenSSL::Digest.new('sha1')
|
|
55
|
+
def verify_signature(req)
|
|
56
|
+
return true unless @secret
|
|
57
|
+
return false unless req.body
|
|
58
|
+
sig = 'sha1='+OpenSSL::HMAC.hexdigest(HMAC_DIGEST, @secret, req.body.read)
|
|
59
|
+
req.body.rewind
|
|
60
|
+
SecureCompare.compare(sig, req.env["HTTP_HUB_SIGNATURE"])
|
|
61
|
+
end
|
|
62
|
+
|
|
45
63
|
end
|
|
46
64
|
end
|
data/lib/octoks/version.rb
CHANGED
data/octoks.gemspec
CHANGED
|
@@ -18,8 +18,11 @@ Gem::Specification.new do |spec|
|
|
|
18
18
|
spec.test_files = spec.files.grep(%r{^(test|spec|features)/})
|
|
19
19
|
spec.require_paths = ["lib"]
|
|
20
20
|
|
|
21
|
+
spec.add_runtime_dependency "secure_compare", "~> 0"
|
|
22
|
+
|
|
21
23
|
spec.add_development_dependency "bundler", "~> 1.5"
|
|
22
24
|
spec.add_development_dependency "rake"
|
|
23
25
|
spec.add_development_dependency "rack"
|
|
24
26
|
spec.add_development_dependency "json"
|
|
27
|
+
|
|
25
28
|
end
|
|
@@ -0,0 +1,30 @@
|
|
|
1
|
+
require 'minitest/autorun'
|
|
2
|
+
require 'octoks'
|
|
3
|
+
|
|
4
|
+
class TestReceiver < MiniTest::Unit::TestCase
|
|
5
|
+
def test_call
|
|
6
|
+
receiver = Octoks::Receiver.new("secret1234")
|
|
7
|
+
env = {
|
|
8
|
+
'rack.version' => [1, 2],
|
|
9
|
+
'REQUEST_METHOD' => 'POST',
|
|
10
|
+
'SERVER_NAME' => 'example.com',
|
|
11
|
+
'SERVER_PORT' => 80,
|
|
12
|
+
'QUERY_STRING' => '',
|
|
13
|
+
'PATH_INFO' => '/',
|
|
14
|
+
'rack.url_scheme' => 'http',
|
|
15
|
+
'HTTPS' => 'off',
|
|
16
|
+
'CONTENT_LENGTH' => 15,
|
|
17
|
+
'rack.input' => StringIO.new('payload={"hoge":"fuga"}'),
|
|
18
|
+
'HTTP_X_GITHUB_EVENT' => 'issue',
|
|
19
|
+
'HTTP_HUB_SIGNATURE' => 'sha1=b2d620dd0b514b814685364d637058fe5ce29479',
|
|
20
|
+
'HTTP_X_GITHUB_DELIVERY' => 'gggg',
|
|
21
|
+
}
|
|
22
|
+
res = receiver.call(env)
|
|
23
|
+
assert_equal 200, res[0]
|
|
24
|
+
|
|
25
|
+
env['HTTP_HUB_SIGNATURE'] += "fail!"
|
|
26
|
+
res = receiver.call(env)
|
|
27
|
+
assert_equal 400, res[0]
|
|
28
|
+
end
|
|
29
|
+
|
|
30
|
+
end
|
metadata
CHANGED
|
@@ -1,15 +1,29 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: octoks
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.0.
|
|
4
|
+
version: 0.0.3
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- hisaichi5518
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date:
|
|
11
|
+
date: 2015-02-24 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
|
+
- !ruby/object:Gem::Dependency
|
|
14
|
+
name: secure_compare
|
|
15
|
+
requirement: !ruby/object:Gem::Requirement
|
|
16
|
+
requirements:
|
|
17
|
+
- - "~>"
|
|
18
|
+
- !ruby/object:Gem::Version
|
|
19
|
+
version: '0'
|
|
20
|
+
type: :runtime
|
|
21
|
+
prerelease: false
|
|
22
|
+
version_requirements: !ruby/object:Gem::Requirement
|
|
23
|
+
requirements:
|
|
24
|
+
- - "~>"
|
|
25
|
+
- !ruby/object:Gem::Version
|
|
26
|
+
version: '0'
|
|
13
27
|
- !ruby/object:Gem::Dependency
|
|
14
28
|
name: bundler
|
|
15
29
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -87,6 +101,7 @@ files:
|
|
|
87
101
|
- octoks.gemspec
|
|
88
102
|
- test/octoks/test_event.rb
|
|
89
103
|
- test/octoks/test_receiver.rb
|
|
104
|
+
- test/octoks/test_receiver_secret.rb
|
|
90
105
|
homepage: https://github.com/hisaichi5518/octoks
|
|
91
106
|
licenses:
|
|
92
107
|
- MIT
|
|
@@ -107,10 +122,11 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
107
122
|
version: '0'
|
|
108
123
|
requirements: []
|
|
109
124
|
rubyforge_project:
|
|
110
|
-
rubygems_version: 2.2.
|
|
125
|
+
rubygems_version: 2.2.2
|
|
111
126
|
signing_key:
|
|
112
127
|
specification_version: 4
|
|
113
128
|
summary: github hooks receiver.
|
|
114
129
|
test_files:
|
|
115
130
|
- test/octoks/test_event.rb
|
|
116
131
|
- test/octoks/test_receiver.rb
|
|
132
|
+
- test/octoks/test_receiver_secret.rb
|