mirror of
https://github.com/alvierahman90/gohookr.git
synced 2024-09-19 16:24:07 +00:00
Add support for individually disabling signature verification
This commit is contained in:
parent
f2b2ac9368
commit
39fe4748e1
@ -6,8 +6,7 @@
|
|||||||
"Program": "./example.sh",
|
"Program": "./example.sh",
|
||||||
"AppendPayload": true
|
"AppendPayload": true
|
||||||
},
|
},
|
||||||
"Secret": "THISISVERYSECRET",
|
"DisableSignatureVerification": true,
|
||||||
"SignatureHeader": "X-Gitea-Signature",
|
|
||||||
"Tests": [
|
"Tests": [
|
||||||
{
|
{
|
||||||
"Program": "echo",
|
"Program": "echo",
|
||||||
|
|||||||
@ -4,11 +4,12 @@ package config
|
|||||||
type Config struct {
|
type Config struct {
|
||||||
ListenAddress string
|
ListenAddress string
|
||||||
Services map[string]struct {
|
Services map[string]struct {
|
||||||
Script Command
|
Script Command
|
||||||
Secret string
|
Secret string
|
||||||
SignaturePrefix string
|
SignaturePrefix string
|
||||||
SignatureHeader string
|
SignatureHeader string
|
||||||
Tests []Command
|
DisableSignatureVerification bool
|
||||||
|
Tests []Command
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -22,10 +23,10 @@ func (c Config) Validate() error {
|
|||||||
if service.Script.Program == "" {
|
if service.Script.Program == "" {
|
||||||
return requiredFieldError{"Script.Program", serviceName}
|
return requiredFieldError{"Script.Program", serviceName}
|
||||||
}
|
}
|
||||||
if service.SignatureHeader == "" {
|
if !service.DisableSignatureVerification && service.SignatureHeader == "" {
|
||||||
return requiredFieldError{"SignatureHeader", serviceName}
|
return requiredFieldError{"SignatureHeader", serviceName}
|
||||||
}
|
}
|
||||||
if service.Secret == "" {
|
if !service.DisableSignatureVerification && service.Secret == "" {
|
||||||
return requiredFieldError{"Secret", serviceName}
|
return requiredFieldError{"Secret", serviceName}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
3
main.go
3
main.go
@ -75,7 +75,8 @@ func webhookHandler(w http.ResponseWriter, r *http.Request) {
|
|||||||
)
|
)
|
||||||
fmt.Printf("signature = %v\n", signature)
|
fmt.Printf("signature = %v\n", signature)
|
||||||
fmt.Printf("calcuatedSignature = %v\n", calculatedSignature)
|
fmt.Printf("calcuatedSignature = %v\n", calculatedSignature)
|
||||||
if signature != calculatedSignature && checkSignature {
|
if service.DisableSignatureVerification ||
|
||||||
|
(signature != calculatedSignature && checkSignature) {
|
||||||
writeResponse(w, 400, "Bad Request: Signatures do not match")
|
writeResponse(w, 400, "Bad Request: Signatures do not match")
|
||||||
fmt.Println("Signatures do not match!")
|
fmt.Println("Signatures do not match!")
|
||||||
return
|
return
|
||||||
|
|||||||
@ -27,7 +27,9 @@ For GitHub it would be `sha256=`.
|
|||||||
|
|
||||||
### Disable Signature Verification
|
### Disable Signature Verification
|
||||||
|
|
||||||
You can disable signature verification altogether by setting environment variable
|
You can disable signature verification by setting `DisableSignatureVerification` for a service to `true`.
|
||||||
|
|
||||||
|
You can disable signature verification for all services by setting environment variable
|
||||||
`NO_SIGNATURE_VERIFICATION` to `true`.
|
`NO_SIGNATURE_VERIFICATION` to `true`.
|
||||||
|
|
||||||
## Writing Commands
|
## Writing Commands
|
||||||
@ -63,8 +65,7 @@ An example config file can be found [here](./config.json) but also below:
|
|||||||
"Program": "./example.sh",
|
"Program": "./example.sh",
|
||||||
"AppendPayload": true
|
"AppendPayload": true
|
||||||
},
|
},
|
||||||
"Secret": "THISISVERYSECRET",
|
"DisableSignatureVerification": true,
|
||||||
"SignatureHeader": "X-Gitea-Signature",
|
|
||||||
"Tests": [
|
"Tests": [
|
||||||
{
|
{
|
||||||
"Program": "echo",
|
"Program": "echo",
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user