Add ability to disable signature verification

This commit is contained in:
Akbar Rahman 2021-07-29 07:23:43 +01:00
parent 9fca2cefa3
commit cd2c0ff0fe

View File

@ -17,6 +17,7 @@ import (
) )
var config_filename = "/etc/ghookr.json" var config_filename = "/etc/ghookr.json"
var noSignatureCheck = false
func main() { func main() {
// Used for testing purposes... generates hmac string // Used for testing purposes... generates hmac string
@ -41,6 +42,10 @@ func main() {
config_filename = p config_filename = p
} }
if p, ok := os.LookupEnv("NO_SIGNATURE_CHECK"); ok {
noSignatureCheck = p == "true"
}
log.Fatal(http.ListenAndServe(port, r)) log.Fatal(http.ListenAndServe(port, r))
} }
@ -73,8 +78,10 @@ func webhook(w http.ResponseWriter, r *http.Request) {
service = val service = val
} }
// Verify that signature provided matches signature calculated using secretsss
signature := r.Header.Get(service.SignatureHeader) signature := r.Header.Get(service.SignatureHeader)
if signature == getSha256HMACSignature([]byte(service.Secret), payload) { calculatedSignature := getSha256HMACSignature([]byte(service.Secret), payload)
if noSignatureCheck || signature == calculatedSignature {
writeResponse(w, 400, "Bad Request: Signatures do not match") writeResponse(w, 400, "Bad Request: Signatures do not match")
return return
} }