mirror of
https://github.com/optim-enterprises-bv/vault.git
synced 2025-11-05 04:57:54 +00:00
Bump deps
This commit is contained in:
Jeff Mitchell
41
vendor/github.com/google/go-github/github/messages.go
generated
vendored
41
vendor/github.com/google/go-github/github/messages.go
generated
vendored
@@ -20,6 +20,7 @@ import (
|
||||
"hash"
|
||||
"io/ioutil"
|
||||
"net/http"
|
||||
"net/url"
|
||||
"strings"
|
||||
)
|
||||
|
||||
@@ -122,6 +123,8 @@ func messageMAC(signature string) ([]byte, func() hash.Hash, error) {
|
||||
|
||||
// ValidatePayload validates an incoming GitHub Webhook event request
|
||||
// and returns the (JSON) payload.
|
||||
// The Content-Type header of the payload can be "application/json" or "application/x-www-form-urlencoded".
|
||||
// If the Content-Type is neither then an error is returned.
|
||||
// secretKey is the GitHub Webhook secret message.
|
||||
//
|
||||
// Example usage:
|
||||
@@ -133,13 +136,43 @@ func messageMAC(signature string) ([]byte, func() hash.Hash, error) {
|
||||
// }
|
||||
//
|
||||
func ValidatePayload(r *http.Request, secretKey []byte) (payload []byte, err error) {
|
||||
payload, err = ioutil.ReadAll(r.Body)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
var body []byte // Raw body that GitHub uses to calculate the signature.
|
||||
|
||||
switch ct := r.Header.Get("Content-Type"); ct {
|
||||
case "application/json":
|
||||
var err error
|
||||
if body, err = ioutil.ReadAll(r.Body); err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
// If the content type is application/json,
|
||||
// the JSON payload is just the original body.
|
||||
payload = body
|
||||
|
||||
case "application/x-www-form-urlencoded":
|
||||
// payloadFormParam is the name of the form parameter that the JSON payload
|
||||
// will be in if a webhook has its content type set to application/x-www-form-urlencoded.
|
||||
const payloadFormParam = "payload"
|
||||
|
||||
var err error
|
||||
if body, err = ioutil.ReadAll(r.Body); err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
// If the content type is application/x-www-form-urlencoded,
|
||||
// the JSON payload will be under the "payload" form param.
|
||||
form, err := url.ParseQuery(string(body))
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
payload = []byte(form.Get(payloadFormParam))
|
||||
|
||||
default:
|
||||
return nil, fmt.Errorf("Webhook request has unsupported Content-Type %q", ct)
|
||||
}
|
||||
|
||||
sig := r.Header.Get(signatureHeader)
|
||||
if err := validateSignature(sig, payload, secretKey); err != nil {
|
||||
if err := validateSignature(sig, body, secretKey); err != nil {
|
||||
return nil, err
|
||||
}
|
||||
return payload, nil
|
||||
|
||||
Reference in New Issue
Block a user