mirror of
https://github.com/alvierahman90/gohookr.git
synced 2024-12-22 08:11:58 +00:00
Add config option SignaturePrefix
This commit is contained in:
parent
8677f5bfdd
commit
6cacc65013
@ -7,7 +7,8 @@
|
||||
"AppendPayload": true
|
||||
},
|
||||
"Secret": "THISISVERYSECRET",
|
||||
"SignatureHeader": "X-Gitea-Signature",
|
||||
"SignatureHeader": "X-Hub-Signature",
|
||||
"SignaturePrefix": "sha256=",
|
||||
"Tests": [
|
||||
{
|
||||
"Program": "echo",
|
||||
|
@ -10,6 +10,7 @@ type Config struct {
|
||||
Services map[string]struct {
|
||||
Script Command
|
||||
Secret string
|
||||
SignaturePrefix string
|
||||
SignatureHeader string
|
||||
Tests []Command
|
||||
}
|
||||
|
2
main.go
2
main.go
@ -63,7 +63,7 @@ func webhookHandler(w http.ResponseWriter, r *http.Request) {
|
||||
|
||||
// Verify that signature provided matches signature calculated using secretsss
|
||||
signature := r.Header.Get(service.SignatureHeader)
|
||||
calculatedSignature := getSha256HMACSignature([]byte(service.Secret), payload)
|
||||
calculatedSignature := fmt.Sprintf("%v%v", service.SignaturePrefix, getSha256HMACSignature([]byte(service.Secret), payload))
|
||||
fmt.Printf("signature = %v\n", signature)
|
||||
fmt.Printf("calcuatedSignature = %v\n", signature)
|
||||
if signature != calculatedSignature && checkSignature {
|
||||
|
@ -22,6 +22,9 @@ You **must** set which HTTP header gohookr will receive a signature from using t
|
||||
key for each service.
|
||||
You should also specify a shared secret in the `Secret` key.
|
||||
|
||||
You may also need to specify a `SignaturePrefix`.
|
||||
For GitHub it would be `sha256=`.
|
||||
|
||||
### Disable Signature Verification
|
||||
|
||||
You can disable signature verification altogether by setting environment variable
|
||||
@ -61,7 +64,8 @@ An example config file can be found [here](./config.json) but also below:
|
||||
"AppendPayload": true
|
||||
},
|
||||
"Secret": "THISISVERYSECRET",
|
||||
"SignatureHeader": "X-Gitea-Signature",
|
||||
"SignatureHeader": "X-Hub-Signature",
|
||||
"SignaturePrefix": "sha256=",
|
||||
"Tests": [
|
||||
{
|
||||
"Program": "echo",
|
||||
|
Loading…
Reference in New Issue
Block a user