-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathghevent.ts
38 lines (32 loc) · 971 Bytes
/
ghevent.ts
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
// Copyright (c) Fensak, LLC.
// SPDX-License-Identifier: AGPL-3.0-or-later OR BUSL-1.1
import { Context, Status } from "../deps.ts";
import type { Middleware, Next } from "../deps.ts";
import { githubWebhooks } from "../ghauth/mod.ts";
const assertGitHubWebhook: Middleware = async (
ctx: Context,
next: Next,
): Promise<void> => {
const ghSig = ctx.request.headers.get("X-Hub-Signature-256");
if (ghSig == null) {
returnInvalidGHHook(ctx);
return;
}
const body = ctx.request.body({ type: "text" });
const bodyText = await body.value;
const isValid = await githubWebhooks.verify(bodyText, ghSig);
if (!isValid) {
returnInvalidGHHook(ctx);
return;
}
await next();
};
function returnInvalidGHHook(ctx: Context): void {
const respStatus = Status.Forbidden;
ctx.response.status = respStatus;
ctx.response.body = {
status: respStatus,
msg: "Could not verify github signature.",
};
}
export { assertGitHubWebhook };