Add support for individually disabling signature verification

2024-11-21 22:49:53 +00:00 · 2021-08-14 01:02:36 +01:00 · 2021-08-14 01:02:36 +01:00 · 39fe4748e1
commit 39fe4748e1
parent f2b2ac9368
4 changed files with 15 additions and 13 deletions
--- a/config.json
+++ b/config.json
@ -6,8 +6,7 @@
          "Program": "./example.sh",
          "AppendPayload": true
      },
-      "Secret": "THISISVERYSECRET",
-      "SignatureHeader": "X-Gitea-Signature",
+      "DisableSignatureVerification": true,
      "Tests": [
        {
          "Program": "echo",
--- a/config/config.go
+++ b/config/config.go
@ -4,11 +4,12 @@ package config
 type Config struct {
 	ListenAddress string
 	Services      map[string]struct {
-		Script          Command
-		Secret          string
-		SignaturePrefix string
-		SignatureHeader string
-		Tests           []Command
+		Script                       Command
+		Secret                       string
+		SignaturePrefix              string
+		SignatureHeader              string
+		DisableSignatureVerification bool
+		Tests                        []Command
 	}
 }

@ -22,10 +23,10 @@ func (c Config) Validate() error {
 		if service.Script.Program == "" {
 			return requiredFieldError{"Script.Program", serviceName}
 		}
-		if service.SignatureHeader == "" {
+		if !service.DisableSignatureVerification && service.SignatureHeader == "" {
 			return requiredFieldError{"SignatureHeader", serviceName}
 		}
-		if service.Secret == "" {
+		if !service.DisableSignatureVerification && service.Secret == "" {
 			return requiredFieldError{"Secret", serviceName}
 		}
 	}
--- a/main.go
+++ b/main.go
@ -75,7 +75,8 @@ func webhookHandler(w http.ResponseWriter, r *http.Request) {
 	)
 	fmt.Printf("signature          = %v\n", signature)
 	fmt.Printf("calcuatedSignature = %v\n", calculatedSignature)
-	if signature != calculatedSignature && checkSignature {
+	if service.DisableSignatureVerification ||
+		(signature != calculatedSignature && checkSignature) {
 		writeResponse(w, 400, "Bad Request: Signatures do not match")
 		fmt.Println("Signatures do not match!")
 		return
--- a/readme.md
+++ b/readme.md
@ -27,7 +27,9 @@ For GitHub it would be `sha256=`.

 ### Disable Signature Verification

-You can disable signature verification altogether by setting environment variable
+You can disable signature verification by setting `DisableSignatureVerification` for a service to `true`.
+
+You can disable signature verification for all services by setting environment variable
 `NO_SIGNATURE_VERIFICATION` to `true`.

 ## Writing Commands
@ -63,8 +65,7 @@ An example config file can be found [here](./config.json) but also below:
          "Program": "./example.sh",
          "AppendPayload": true
      },
-      "Secret": "THISISVERYSECRET",
-      "SignatureHeader": "X-Gitea-Signature",
+      "DisableSignatureVerification": true,
      "Tests": [
        {
          "Program": "echo",