rack-github_webhooks 0.2.0 → 0.3.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG.md +10 -2
- data/lib/rack/github_webhooks.rb +23 -27
- data/lib/rack/github_webhooks/version.rb +1 -1
- metadata +1 -1
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: e0ad149d1ccf3096eb22b95c057dea5cca062e2d
|
|
4
|
+
data.tar.gz: 5257261e19046d920788756cf143c72d2c8cab0f
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 208989b2d0f31db4b1c5ce7fc91d1f31324fd5a176c31c1f8c041e963d7ec20d6a915186c223d5074c3487aae9b5b5d3e621a1a5f3c21df313164002308fe009
|
|
7
|
+
data.tar.gz: 062f9dfd96e31a08452eaf54598f0a75daf71fc3e921cbcecc8dd145541db1d179a298a0053171b5567c982efbc7166a1b4741417f943da294ca5c80fc9fa1ec
|
data/CHANGELOG.md
CHANGED
|
@@ -3,9 +3,11 @@
|
|
|
3
3
|
All notable changes to this project will be documented in this file.
|
|
4
4
|
This project adheres to [Semantic Versioning](http://semver.org/).
|
|
5
5
|
|
|
6
|
-
## 0.
|
|
6
|
+
## [0.3.0] - 2015-11-29
|
|
7
7
|
|
|
8
|
-
|
|
8
|
+
### Changed
|
|
9
|
+
|
|
10
|
+
- Internal refactor to separate out `Signature` class.
|
|
9
11
|
|
|
10
12
|
## [0.2.0] - 2015-11-29
|
|
11
13
|
|
|
@@ -13,4 +15,10 @@ This project adheres to [Semantic Versioning](http://semver.org/).
|
|
|
13
15
|
|
|
14
16
|
- Don't error when there's no 'X-Hub-Signature' header.
|
|
15
17
|
|
|
18
|
+
|
|
19
|
+
## 0.1.0 - 2015-11-29
|
|
20
|
+
|
|
21
|
+
- Initial release
|
|
22
|
+
|
|
16
23
|
[0.2.0]: https://github.com/chrismytton/rack-github_webhooks/compare/v0.1.0...v0.2.0
|
|
24
|
+
[0.3.0]: https://github.com/chrismytton/rack-github_webhooks/compare/v0.2.0...v0.3.0
|
data/lib/rack/github_webhooks.rb
CHANGED
|
@@ -4,11 +4,22 @@ require 'json'
|
|
|
4
4
|
|
|
5
5
|
module Rack
|
|
6
6
|
class GithubWebhooks
|
|
7
|
-
|
|
7
|
+
class Signature
|
|
8
|
+
HMAC_DIGEST = OpenSSL::Digest.new('sha1')
|
|
9
|
+
|
|
10
|
+
def initialize(secret, hub_signature, payload_body)
|
|
11
|
+
@secret = secret
|
|
12
|
+
@hub_signature = hub_signature
|
|
13
|
+
@signature = 'sha1=' +
|
|
14
|
+
OpenSSL::HMAC.hexdigest(HMAC_DIGEST, secret, payload_body)
|
|
15
|
+
end
|
|
8
16
|
|
|
9
|
-
|
|
10
|
-
|
|
11
|
-
|
|
17
|
+
def valid?
|
|
18
|
+
return true unless @secret
|
|
19
|
+
return false unless @hub_signature
|
|
20
|
+
Rack::Utils.secure_compare(@signature, @hub_signature)
|
|
21
|
+
end
|
|
22
|
+
end
|
|
12
23
|
|
|
13
24
|
def initialize(app, opts = {})
|
|
14
25
|
@app = app
|
|
@@ -16,29 +27,14 @@ module Rack
|
|
|
16
27
|
end
|
|
17
28
|
|
|
18
29
|
def call(env)
|
|
19
|
-
|
|
20
|
-
|
|
21
|
-
|
|
22
|
-
|
|
23
|
-
|
|
24
|
-
|
|
25
|
-
|
|
26
|
-
|
|
27
|
-
def signature_valid?
|
|
28
|
-
return true unless secret
|
|
29
|
-
return false unless request.env['HTTP_X_HUB_SIGNATURE']
|
|
30
|
-
Rack::Utils.secure_compare(signature, request.env['HTTP_X_HUB_SIGNATURE'])
|
|
31
|
-
end
|
|
32
|
-
|
|
33
|
-
def signature
|
|
34
|
-
"sha1=#{OpenSSL::HMAC.hexdigest(HMAC_DIGEST, secret, payload_body)}"
|
|
35
|
-
end
|
|
36
|
-
|
|
37
|
-
def payload_body
|
|
38
|
-
@payload_body ||= begin
|
|
39
|
-
request.body.rewind
|
|
40
|
-
request.body.read
|
|
41
|
-
end
|
|
30
|
+
env['rack.input'].rewind
|
|
31
|
+
signature = Signature.new(
|
|
32
|
+
@secret,
|
|
33
|
+
env['HTTP_X_HUB_SIGNATURE'],
|
|
34
|
+
env['rack.input'].read
|
|
35
|
+
)
|
|
36
|
+
return [400, {}, ["Signatures didn't match!"]] unless signature.valid?
|
|
37
|
+
@app.call(env)
|
|
42
38
|
end
|
|
43
39
|
end
|
|
44
40
|
end
|