-
Notifications
You must be signed in to change notification settings - Fork 2
Expand file tree
/
Copy pathindex.js
More file actions
120 lines (93 loc) · 2.98 KB
/
index.js
File metadata and controls
120 lines (93 loc) · 2.98 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
/**
* Github Webhooks handler
*/
var EventEmitter = require('events').EventEmitter
var inherits = require('util').inherits
var crypto = require('crypto')
var bl = require('bl')
var bufferEq = require('buffer-equal-constant-time')
function signBlob(key, blob) {
return 'sha1=' + crypto.createHmac('sha1', key).update(blob).digest('hex')
}
function isObject(obj) {
return Object.prototype.toString.apply(obj) === '[object Object]'
}
function findHandler(url, arr) {
var ret = arr[0]
for (var i = 0; i < arr.length; i++) {
if (url.split('?').shift() === arr[i].path)
ret = arr[i]
}
return ret
}
function create(options) {
// make it an EventEmitter, sort of
handler.__proto__ = EventEmitter.prototype
EventEmitter.call(handler)
return handler
function handler(req, res, callback) {
function hasError(msg) {
res.writeHead(400, { 'content-type': 'application/json' })
res.end(JSON.stringify({ error: msg }))
var err = new Error(msg)
handler.emit('error', err, req)
callback(err)
}
function checkType(options) {
if (!isObject(options))
throw new TypeError('must provide an options object')
if (typeof options.path !== 'string')
throw new TypeError('must provide a \'path\' option')
if (typeof options.secret !== 'string')
throw new TypeError('must provide a \'secret\' option')
}
var currentOptions
if (Array.isArray(options)) {
currentOptions = findHandler(req.url, options)
} else {
currentOptions = options
}
checkType(currentOptions)
if (req.url.split('?').shift() !== currentOptions.path)
return callback()
var sig = req.headers['x-hub-signature']
var event = req.headers['x-github-event']
var id = req.headers['x-github-delivery']
var events = currentOptions.events
if (!sig)
return hasError('No X-Hub-Signature found on request')
if (!event)
return hasError('No X-Github-Event found on request')
if (!id)
return hasError('No X-Github-Delivery found on request')
if (events && events.indexOf(event) === -1)
return hasError('X-Github-Event is not acceptable')
req.pipe(bl(function(err, data) {
if (err)
return hasError(err.message)
var obj
var computedSig = new Buffer(signBlob(currentOptions.secret, data))
if (!bufferEq(new Buffer(sig), computedSig))
return hasError('X-Hub-Signature does not match blob signature')
try {
obj = JSON.parse(data.toString())
} catch (e) {
return hasError(e)
}
res.writeHead(200, { 'content-type': 'application/json' })
res.end('{"ok":true}')
var emitData = {
event: event,
id: id,
payload: obj,
protocol: req.protocol,
host: req.headers['host'],
url: req.url,
path: currentOptions.path
}
handler.emit(event, emitData)
handler.emit('*', emitData)
}))
}
}
module.exports = create