Mercurial > prosody-modules
comparison mod_pubsub_github/mod_pubsub_github.lua @ 3264:f48bedd1d433
mod_pubsub_github: Add support for signed requests
| author | Kim Alvefur <zash@zash.se> |
|---|---|
| date | Fri, 24 Aug 2018 17:49:53 +0200 |
| parents | a65f4297264b |
| children | d4207ab8ccc1 |
comparison
equal
deleted
inserted
replaced
| 3263:a65f4297264b | 3264:f48bedd1d433 |
|---|---|
| 1 module:depends("http"); | 1 module:depends("http"); |
| 2 | 2 |
| 3 local st = require "util.stanza"; | 3 local st = require "util.stanza"; |
| 4 local json = require "util.json"; | 4 local json = require "util.json"; |
| 5 local formdecode = require "net.http".formdecode; | 5 local formdecode = require "net.http".formdecode; |
| 6 local hmac_sha1 = require "util.hashes".hmac_sha1; | |
| 6 | 7 |
| 7 local pubsub_service = module:depends("pubsub").service; | 8 local pubsub_service = module:depends("pubsub").service; |
| 8 local node = module:get_option("github_node", "github"); | 9 local node = module:get_option("github_node", "github"); |
| 10 local secret = module:get_option("github_secret"); | |
| 9 | 11 |
| 10 function handle_POST(event) | 12 function handle_POST(event) |
| 11 local request = event.request; | 13 local request = event.request; |
| 14 if secret and ("sha1=" .. hmac_sha1(secret, request.body, true)) ~= request.headers.x_hub_signature then | |
| 15 return 401; | |
| 16 end | |
| 12 local data = json.decode(request.body); | 17 local data = json.decode(request.body); |
| 13 if not data then | 18 if not data then |
| 14 return "Invalid JSON. From you of all people..."; | 19 return "Invalid JSON. From you of all people..."; |
| 15 end | 20 end |
| 16 | 21 |