alvierahman90/gohookr
1
1
Fork 0
mirror of https://github.com/alvierahman90/gohookr.git synced 2024-09-16 20:04:07 +00:00
Code Issues 1 Projects Releases Wiki Activity

Add config option SignaturePrefix

Browse Source
This commit is contained in:
Akbar Rahman 2021-08-04 21:43:37 +01:00
parent 8677f5bfdd
commit 6cacc65013
4 changed files with 9 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
config.json
View File

@ -7,7 +7,8 @@
"AppendPayload": true
},
"Secret": "THISISVERYSECRET",
"SignatureHeader": "X-Gitea-Signature",
"SignatureHeader": "X-Hub-Signature",
"SignaturePrefix": "sha256=",
"Tests": [
{
"Program": "echo",

1
config/config.go
View File

@ -10,6 +10,7 @@ type Config struct {
Services map[string]struct {
Script Command
Secret string
SignaturePrefix string
SignatureHeader string
Tests []Command
}

2
main.go
View File

@ -63,7 +63,7 @@ func webhookHandler(w http.ResponseWriter, r *http.Request) {
// Verify that signature provided matches signature calculated using secretsss
signature := r.Header.Get(service.SignatureHeader)
calculatedSignature := getSha256HMACSignature([]byte(service.Secret), payload)
calculatedSignature := fmt.Sprintf("%v%v", service.SignaturePrefix, getSha256HMACSignature([]byte(service.Secret), payload))
fmt.Printf("signature = %v\n", signature)
fmt.Printf("calcuatedSignature = %v\n", signature)
if signature != calculatedSignature && checkSignature {

6
readme.md
View File

@ -22,6 +22,9 @@ You **must** set which HTTP header gohookr will receive a signature from using t
key for each service.
You should also specify a shared secret in the `Secret` key.
You may also need to specify a `SignaturePrefix`.
For GitHub it would be `sha256=`.
### Disable Signature Verification
You can disable signature verification altogether by setting environment variable
@ -61,7 +64,8 @@ An example config file can be found [here](./config.json) but also below:
"AppendPayload": true
},
"Secret": "THISISVERYSECRET",
"SignatureHeader": "X-Gitea-Signature",
"SignatureHeader": "X-Hub-Signature",
"SignaturePrefix": "sha256=",
"Tests": [
{
"Program": "echo",