mirror of
https://codeberg.org/Mo8it/git-webhook-client
synced 2024-11-21 11:06:32 +00:00
Successful trigger!
This commit is contained in:
parent
1c4b5c877c
commit
1220f6635e
3 changed files with 16 additions and 12 deletions
7
Cargo.lock
generated
7
Cargo.lock
generated
|
@ -477,6 +477,7 @@ name = "git-webhook-client"
|
||||||
version = "0.1.0"
|
version = "0.1.0"
|
||||||
dependencies = [
|
dependencies = [
|
||||||
"cached",
|
"cached",
|
||||||
|
"hex",
|
||||||
"hmac",
|
"hmac",
|
||||||
"rocket",
|
"rocket",
|
||||||
"serde",
|
"serde",
|
||||||
|
@ -524,6 +525,12 @@ dependencies = [
|
||||||
"libc",
|
"libc",
|
||||||
]
|
]
|
||||||
|
|
||||||
|
[[package]]
|
||||||
|
name = "hex"
|
||||||
|
version = "0.4.3"
|
||||||
|
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||||
|
checksum = "7f24254aa9a54b5c858eaee2f5bccdb46aaf0e486a595ed5fd8f86ba55232a70"
|
||||||
|
|
||||||
[[package]]
|
[[package]]
|
||||||
name = "hkdf"
|
name = "hkdf"
|
||||||
version = "0.12.3"
|
version = "0.12.3"
|
||||||
|
|
|
@ -8,6 +8,7 @@ license-file = "LICENSE"
|
||||||
|
|
||||||
[dependencies]
|
[dependencies]
|
||||||
cached = "0.39.0"
|
cached = "0.39.0"
|
||||||
|
hex = "0.4.3"
|
||||||
hmac = "0.12.1"
|
hmac = "0.12.1"
|
||||||
rocket = "0.5.0-rc.2"
|
rocket = "0.5.0-rc.2"
|
||||||
serde = { version = "1.0", features = ["derive"] }
|
serde = { version = "1.0", features = ["derive"] }
|
||||||
|
|
20
src/main.rs
20
src/main.rs
|
@ -65,10 +65,9 @@ fn get_hook_commands(clone_url: &str) -> Option<Vec<String>> {
|
||||||
None
|
None
|
||||||
}
|
}
|
||||||
|
|
||||||
fn is_valid_signature(received_signature: &[u8], payload: &Vec<u8>) -> bool {
|
fn is_valid_signature(received_signature: &Vec<u8>, payload: &Vec<u8>) -> bool {
|
||||||
type HmacSha256 = Hmac<Sha256>;
|
let mut mac = Hmac::<Sha256>::new_from_slice(&get_secret()).unwrap();
|
||||||
let mut mac = HmacSha256::new_from_slice(&get_secret()).unwrap();
|
mac.update(&payload);
|
||||||
mac.update(payload);
|
|
||||||
let expected_signature = mac.finalize().into_bytes();
|
let expected_signature = mac.finalize().into_bytes();
|
||||||
|
|
||||||
received_signature[..] == expected_signature[..]
|
received_signature[..] == expected_signature[..]
|
||||||
|
@ -98,7 +97,7 @@ impl<'r> FromData<'r> for Repo<'r> {
|
||||||
|
|
||||||
let mut received_signatures = req.headers().get("X-GITEA-SIGNATURE");
|
let mut received_signatures = req.headers().get("X-GITEA-SIGNATURE");
|
||||||
let received_signature = match received_signatures.next() {
|
let received_signature = match received_signatures.next() {
|
||||||
Some(signature) => signature.as_bytes(),
|
Some(signature) => hex::decode(signature).unwrap(),
|
||||||
None => return Outcome::Failure((Status::BadRequest, Self::Error::MissingSignature)),
|
None => return Outcome::Failure((Status::BadRequest, Self::Error::MissingSignature)),
|
||||||
};
|
};
|
||||||
|
|
||||||
|
@ -106,22 +105,19 @@ impl<'r> FromData<'r> for Repo<'r> {
|
||||||
return Outcome::Failure((Status::BadRequest, Self::Error::MoreThatOneSignature));
|
return Outcome::Failure((Status::BadRequest, Self::Error::MoreThatOneSignature));
|
||||||
}
|
}
|
||||||
|
|
||||||
if !is_valid_signature(received_signature, &payload) {
|
if !is_valid_signature(&received_signature, &payload) {
|
||||||
return Outcome::Failure((Status::BadRequest, Self::Error::InvalidSignature));
|
return Outcome::Failure((Status::BadRequest, Self::Error::InvalidSignature));
|
||||||
}
|
}
|
||||||
|
|
||||||
let json: Value = serde_json::from_slice(&payload).unwrap();
|
let json: Value = serde_json::from_slice(&payload).unwrap();
|
||||||
let repo = json.get("repository").unwrap();
|
let repo = json.get("repository").unwrap();
|
||||||
let repo_name = repo.get("repo_name").unwrap().as_str().unwrap().to_string();
|
let name = repo.get("name").unwrap().as_str().unwrap().to_string();
|
||||||
let clone_url = repo.get("clone_url").unwrap().as_str().unwrap().to_string();
|
let clone_url = repo.get("clone_url").unwrap().as_str().unwrap().to_string();
|
||||||
|
|
||||||
let repo_name = request::local_cache!(req, repo_name);
|
let name = request::local_cache!(req, name);
|
||||||
let clone_url = request::local_cache!(req, clone_url);
|
let clone_url = request::local_cache!(req, clone_url);
|
||||||
|
|
||||||
Outcome::Success(Repo {
|
Outcome::Success(Repo { name, clone_url })
|
||||||
name: repo_name,
|
|
||||||
clone_url,
|
|
||||||
})
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue