Successful trigger!

2024-11-21 11:06:32 +00:00 · 2022-10-10 17:59:12 +02:00 · 2022-10-10 17:59:12 +02:00 · 1220f6635e
commit 1220f6635e
parent 1c4b5c877c
3 changed files with 16 additions and 12 deletions
--- a/Cargo.lock
+++ b/Cargo.lock
@ -477,6 +477,7 @@ name = "git-webhook-client"
 version = "0.1.0"
 dependencies = [
 "cached",
+ "hex",
 "hmac",
 "rocket",
 "serde",
@ -524,6 +525,12 @@ dependencies = [
 "libc",
 ]

+[[package]]
+name = "hex"
+version = "0.4.3"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "7f24254aa9a54b5c858eaee2f5bccdb46aaf0e486a595ed5fd8f86ba55232a70"
+
 [[package]]
 name = "hkdf"
 version = "0.12.3"
--- a/Cargo.toml
+++ b/Cargo.toml
@ -8,6 +8,7 @@ license-file = "LICENSE"

 [dependencies]
 cached = "0.39.0"
+hex = "0.4.3"
 hmac = "0.12.1"
 rocket = "0.5.0-rc.2"
 serde = { version = "1.0", features = ["derive"] }
--- a/src/main.rs
+++ b/src/main.rs
@ -65,10 +65,9 @@ fn get_hook_commands(clone_url: &str) -> Option<Vec<String>> {
    None
 }

-fn is_valid_signature(received_signature: &[u8], payload: &Vec<u8>) -> bool {
-    type HmacSha256 = Hmac<Sha256>;
-    let mut mac = HmacSha256::new_from_slice(&get_secret()).unwrap();
-    mac.update(payload);
+fn is_valid_signature(received_signature: &Vec<u8>, payload: &Vec<u8>) -> bool {
+    let mut mac = Hmac::<Sha256>::new_from_slice(&get_secret()).unwrap();
+    mac.update(&payload);
    let expected_signature = mac.finalize().into_bytes();

    received_signature[..] == expected_signature[..]
@ -98,7 +97,7 @@ impl<'r> FromData<'r> for Repo<'r> {

        let mut received_signatures = req.headers().get("X-GITEA-SIGNATURE");
        let received_signature = match received_signatures.next() {
-            Some(signature) => signature.as_bytes(),
+            Some(signature) => hex::decode(signature).unwrap(),
            None => return Outcome::Failure((Status::BadRequest, Self::Error::MissingSignature)),
        };

@ -106,22 +105,19 @@ impl<'r> FromData<'r> for Repo<'r> {
            return Outcome::Failure((Status::BadRequest, Self::Error::MoreThatOneSignature));
        }

-        if !is_valid_signature(received_signature, &payload) {
+        if !is_valid_signature(&received_signature, &payload) {
            return Outcome::Failure((Status::BadRequest, Self::Error::InvalidSignature));
        }

        let json: Value = serde_json::from_slice(&payload).unwrap();
        let repo = json.get("repository").unwrap();
-        let repo_name = repo.get("repo_name").unwrap().as_str().unwrap().to_string();
+        let name = repo.get("name").unwrap().as_str().unwrap().to_string();
        let clone_url = repo.get("clone_url").unwrap().as_str().unwrap().to_string();

-        let repo_name = request::local_cache!(req, repo_name);
+        let name = request::local_cache!(req, name);
        let clone_url = request::local_cache!(req, clone_url);

-        Outcome::Success(Repo {
-            name: repo_name,
-            clone_url,
-        })
+        Outcome::Success(Repo { name, clone_url })
    }
 }