right_hook 0.3.2 → 0.4.0
Sign up to get free protection for your applications and to get access to all the features.
- data/lib/right_hook/app.rb +7 -5
- data/lib/right_hook/version.rb +1 -1
- data/spec/app/issue_spec.rb +4 -2
- data/spec/app/pull_request_spec.rb +4 -2
- data/spec/support/spec_helpers.rb +2 -1
- metadata +2 -2
data/lib/right_hook/app.rb
CHANGED
@@ -11,19 +11,19 @@ module RightHook
|
|
11
11
|
event_type = params[:event_type]
|
12
12
|
content = request.body.read
|
13
13
|
|
14
|
-
halt 404 unless Event::KNOWN_TYPES.include?(event_type)
|
15
|
-
halt 501 unless respond_to?("on_#{event_type}")
|
14
|
+
halt 404, "Unknown event type" unless Event::KNOWN_TYPES.include?(event_type)
|
15
|
+
halt 501, "Event type not implemented" unless respond_to?("on_#{event_type}")
|
16
16
|
|
17
17
|
require_valid_signature(content, owner, repo_name, event_type)
|
18
18
|
|
19
|
-
json = JSON.parse(
|
19
|
+
json = JSON.parse(params['payload'])
|
20
20
|
case event_type
|
21
21
|
when Event::PULL_REQUEST
|
22
22
|
on_pull_request(owner, repo_name, json['number'], json['action'], json['pull_request'])
|
23
23
|
when Event::ISSUE
|
24
24
|
on_issue(owner, repo_name, json['action'], json['issue'])
|
25
25
|
else
|
26
|
-
halt 500
|
26
|
+
halt 500, "Server bug"
|
27
27
|
end
|
28
28
|
end
|
29
29
|
|
@@ -34,7 +34,9 @@ module RightHook
|
|
34
34
|
|
35
35
|
# http://pubsubhubbub.googlecode.com/git/pubsubhubbub-core-0.4.html#authednotify
|
36
36
|
# "If the signature does not match, subscribers MUST still return a 2xx success response to acknowledge receipt, but locally ignore the message as invalid."
|
37
|
-
|
37
|
+
received_signature = request.env['HTTP_X_HUB_SIGNATURE']
|
38
|
+
calculated_signature = "sha1=#{expected_signature}"
|
39
|
+
halt 202, "Signature mismatch" unless received_signature == calculated_signature
|
38
40
|
end
|
39
41
|
end
|
40
42
|
end
|
data/lib/right_hook/version.rb
CHANGED
data/spec/app/issue_spec.rb
CHANGED
@@ -31,7 +31,9 @@ describe RightHook::App do
|
|
31
31
|
end
|
32
32
|
|
33
33
|
it 'captures the interesting data' do
|
34
|
-
post '/
|
34
|
+
post '/ignore', {payload: ISSUE_JSON}
|
35
|
+
body = last_request.body.read
|
36
|
+
post '/hook/mark-rushakoff/right_hook/issue', {payload: ISSUE_JSON}, generate_secret_header('issue', body)
|
35
37
|
expect(last_response.status).to eq(200)
|
36
38
|
expect(app.owner).to eq('mark-rushakoff')
|
37
39
|
expect(app.repo_name).to eq('right_hook')
|
@@ -42,7 +44,7 @@ describe RightHook::App do
|
|
42
44
|
end
|
43
45
|
|
44
46
|
it 'fails when the secret is wrong' do
|
45
|
-
post '/hook/mark-rushakoff/right_hook/issue', ISSUE_JSON, generate_secret_header('wrong',
|
47
|
+
post '/hook/mark-rushakoff/right_hook/issue', {payload: ISSUE_JSON}, generate_secret_header('wrong', 'stuff')
|
46
48
|
expect(last_response.status).to eq(202)
|
47
49
|
expect(app.owner).to be_nil
|
48
50
|
end
|
@@ -32,7 +32,9 @@ describe RightHook::App do
|
|
32
32
|
end
|
33
33
|
|
34
34
|
it 'captures the interesting data' do
|
35
|
-
post '/
|
35
|
+
post '/ignore', {payload: PULL_REQUEST_JSON}
|
36
|
+
body = last_request.body.read
|
37
|
+
post '/hook/mark-rushakoff/right_hook/pull_request', {payload: PULL_REQUEST_JSON}, generate_secret_header('pull_request', body)
|
36
38
|
expect(last_response.status).to eq(200)
|
37
39
|
expect(app.owner).to eq('mark-rushakoff')
|
38
40
|
expect(app.repo_name).to eq('right_hook')
|
@@ -44,7 +46,7 @@ describe RightHook::App do
|
|
44
46
|
end
|
45
47
|
|
46
48
|
it 'fails when the secret is wrong' do
|
47
|
-
post '/hook/mark-rushakoff/right_hook/pull_request', PULL_REQUEST_JSON, generate_secret_header('wrong',
|
49
|
+
post '/hook/mark-rushakoff/right_hook/pull_request', {payload: PULL_REQUEST_JSON}, generate_secret_header('wrong', 'stuff')
|
48
50
|
expect(last_response.status).to eq(202)
|
49
51
|
expect(app.owner).to be_nil
|
50
52
|
end
|
@@ -4,7 +4,8 @@ module RightHook
|
|
4
4
|
module SpecHelpers
|
5
5
|
def generate_secret_header(secret, body)
|
6
6
|
sha = OpenSSL::HMAC.hexdigest(OpenSSL::Digest::Digest.new('sha1'), secret, body)
|
7
|
-
|
7
|
+
# GitHub sends it as 'X-Hub-Signature', but Rack provides it as HTTP_X_HUB_SIGNATURE... :/
|
8
|
+
{'HTTP_X_HUB_SIGNATURE' => "sha1=#{sha}"}
|
8
9
|
end
|
9
10
|
end
|
10
11
|
end
|
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: right_hook
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.
|
4
|
+
version: 0.4.0
|
5
5
|
prerelease:
|
6
6
|
platform: ruby
|
7
7
|
authors:
|
@@ -9,7 +9,7 @@ authors:
|
|
9
9
|
autorequire:
|
10
10
|
bindir: bin
|
11
11
|
cert_chain: []
|
12
|
-
date: 2013-
|
12
|
+
date: 2013-10-01 00:00:00.000000000 Z
|
13
13
|
dependencies:
|
14
14
|
- !ruby/object:Gem::Dependency
|
15
15
|
name: bundler
|