comparison mod_pubsub_github/mod_pubsub_github.lua @ 3515:f756e051fa02

mod_pubsub_github: Require a secret to be set (BC)
author Kim Alvefur <zash@zash.se>
date Sun, 31 Mar 2019 18:04:11 +0200
parents 8811b7dbe6e2
children d94875c3ddda
comparison
equal deleted inserted replaced
3514:8811b7dbe6e2 3515:f756e051fa02
7 local pubsub_service = module:depends("pubsub").service; 7 local pubsub_service = module:depends("pubsub").service;
8 local node = module:get_option("github_node", "github"); 8 local node = module:get_option("github_node", "github");
9 local github_actor = module:get_option_string("github_actor") or true; 9 local github_actor = module:get_option_string("github_actor") or true;
10 local secret = module:get_option("github_secret"); 10 local secret = module:get_option("github_secret");
11 11
12 assert(secret, "Please set 'github_secret'");
13
12 local error_mapping = { 14 local error_mapping = {
13 ["forbidden"] = 403; 15 ["forbidden"] = 403;
14 ["item-not-found"] = 404; 16 ["item-not-found"] = 404;
15 ["internal-server-error"] = 500; 17 ["internal-server-error"] = 500;
16 ["conflict"] = 409; 18 ["conflict"] = 409;
17 }; 19 };
18 20
19 function handle_POST(event) 21 function handle_POST(event)
20 local request, response = event.request, event.response; 22 local request, response = event.request, event.response;
21 if secret and ("sha1=" .. hmac_sha1(secret, request.body, true)) ~= request.headers.x_hub_signature then 23 if ("sha1=" .. hmac_sha1(secret, request.body, true)) ~= request.headers.x_hub_signature then
22 return 401; 24 return 401;
23 end 25 end
24 local data = json.decode(request.body); 26 local data = json.decode(request.body);
25 if not data then 27 if not data then
26 response.status_code = 400; 28 response.status_code = 400;