diff options
Diffstat (limited to 'models')
| -rw-r--r-- | models/webhook.go | 18 | ||||
| -rw-r--r-- | models/webhook_discord.go | 2 | ||||
| -rw-r--r-- | models/webhook_slack.go | 2 |
3 files changed, 17 insertions, 5 deletions
diff --git a/models/webhook.go b/models/webhook.go index 1dcfb8b8..feabf03b 100644 --- a/models/webhook.go +++ b/models/webhook.go @@ -5,7 +5,10 @@ package models import ( + "crypto/hmac" + "crypto/sha256" "crypto/tls" + "encoding/hex" "encoding/json" "fmt" "io/ioutil" @@ -358,6 +361,7 @@ type HookTask struct { UUID string Type HookTaskType URL string `xorm:"TEXT"` + Signature string `xorm:"TEXT"` api.Payloader `xorm:"-"` PayloadContent string `xorm:"TEXT"` ContentType HookContentType @@ -481,15 +485,26 @@ func prepareWebhooks(repo *Repository, event HookEventType, p api.Payloader, web return fmt.Errorf("GetDiscordPayload: %v", err) } default: - p.SetSecret(w.Secret) payloader = p } + var signature string + if len(w.Secret) > 0 { + data, err := payloader.JSONPayload() + if err != nil { + log.Error(2, "prepareWebhooks.JSONPayload: %v", err) + } + sig := hmac.New(sha256.New, []byte(w.Secret)) + sig.Write(data) + signature = hex.EncodeToString(sig.Sum(nil)) + } + if err = CreateHookTask(&HookTask{ RepoID: repo.ID, HookID: w.ID, Type: w.HookTaskType, URL: w.URL, + Signature: signature, Payloader: payloader, ContentType: w.ContentType, EventType: event, @@ -535,6 +550,7 @@ func (t *HookTask) deliver() { timeout := time.Duration(setting.Webhook.DeliverTimeout) * time.Second req := httplib.Post(t.URL).SetTimeout(timeout, timeout). Header("X-Gogs-Delivery", t.UUID). + Header("X-Gogs-Signature", t.Signature). Header("X-Gogs-Event", string(t.EventType)). SetTLSClientConfig(&tls.Config{InsecureSkipVerify: setting.Webhook.SkipTLSVerify}) diff --git a/models/webhook_discord.go b/models/webhook_discord.go index 8830e85b..27b01bc3 100644 --- a/models/webhook_discord.go +++ b/models/webhook_discord.go @@ -48,8 +48,6 @@ type DiscordPayload struct { Embeds []*DiscordEmbedObject `json:"embeds"` } -func (p *DiscordPayload) SetSecret(_ string) {} - func (p *DiscordPayload) JSONPayload() ([]byte, error) { data, err := json.MarshalIndent(p, "", " ") if err != nil { diff --git a/models/webhook_slack.go b/models/webhook_slack.go index 213421a5..5943a9e5 100644 --- a/models/webhook_slack.go +++ b/models/webhook_slack.go @@ -39,8 +39,6 @@ type SlackPayload struct { Attachments []*SlackAttachment `json:"attachments"` } -func (p *SlackPayload) SetSecret(_ string) {} - func (p *SlackPayload) JSONPayload() ([]byte, error) { data, err := json.MarshalIndent(p, "", " ") if err != nil { |