Ejemplo n.º 1
0
def webhook():

    payload = json.loads(request.data.decode('utf8'))

    if skip_webhook_payload(payload):
        return 'Nevermind'

    owner, repo, commit_sha, status_url = get_webhook_commit_info(
        current_app, payload)
    target_path = u'/{owner}/{repo}/{commit_sha}/'.format(**locals())

    status = dict(context='mapzen/precog',
                  state='success',
                  target_url=urljoin(request.url, target_path),
                  description=u'Preview your changes')

    owner_repo = '{}/{}'.format(owner, repo)
    token = current_app.config['HOOK_SECRETS_TOKENS'].get(owner_repo,
                                                          {}).get('token')

    try:
        post_github_status(status_url, status, (token, 'x-oauth-basic'))
    except ValueError as err:
        if err.message.startswith(
                'Failed status post to https://api.github.com'):
            return make_response(err.message, 403)
        raise

    return 'Yo.'
Ejemplo n.º 2
0
    def decorated_function(*args, **kwargs):
        try:
            webhook_payload = json.loads(request.data.decode('utf8'))
            owner, repo, _, _ = get_webhook_commit_info(
                current_app, webhook_payload)
        except:
            return Response(json.dumps({'error': 'Unknown repository'}),
                            401,
                            content_type='application/json')

        owner_repo = '{}/{}'.format(owner, repo)
        secret_key = current_app.config['HOOK_SECRETS_TOKENS'].get(
            owner_repo, {}).get('secret')

        #if not secret_key:
        #    # No configured secrets means no signature needed.
        #    getLogger('precog').info('No /hook signature required')
        #    return route_function(*args, **kwargs)

        if secret_key is None:
            return Response(json.dumps({'error': 'Missing key'}),
                            401,
                            content_type='application/json')

        if 'X-Hub-Signature' not in request.headers:
            # Missing required signature is an error.
            getLogger('precog').warning('No /hook signature provided')
            return Response(json.dumps({'error': 'Missing signature'}),
                            401,
                            content_type='application/json')

        def _sign(key):
            hash = hmac.new(key, request.data, hashlib.sha1)
            return 'sha1={}'.format(hash.hexdigest())

        actual = request.headers.get('X-Hub-Signature')
        expected = _sign(secret_key)

        if actual != expected:
            # Signature mismatch is an error.
            getLogger('precog').warning(
                'Mismatched /hook signatures: {actual} vs. {expected}'.format(
                    **locals()))
            return Response(json.dumps({'error': 'Invalid signature'}),
                            401,
                            content_type='application/json')

        getLogger('precog').debug(
            'Matching /hook signature: {actual}'.format(**locals()))
        return route_function(*args, **kwargs)
Ejemplo n.º 3
0
def webhook():

    payload = json.loads(request.data.decode('utf8'))

    if skip_webhook_payload(payload):
        return 'Nevermind'

    owner, repo, commit_sha, status_url = get_webhook_commit_info(current_app, payload)
    target_path = u'/{owner}/{repo}/{commit_sha}/'.format(**locals())
    
    status = dict(context='mapzen/precog', state='success',
                  target_url=urljoin(request.url, target_path),
                  description=u'Preview your changes')

    owner_repo = '{}/{}'.format(owner, repo)
    token = current_app.config['HOOK_SECRETS_TOKENS'].get(owner_repo, {}).get('token')
    
    post_github_status(status_url, status, (token, 'x-oauth-basic'))
    
    return 'Yo.'
Ejemplo n.º 4
0
def webhook():

    payload = json.loads(request.data.decode('utf8'))

    if skip_webhook_payload(payload):
        return 'Nevermind'

    owner, repo, commit_sha, status_url = get_webhook_commit_info(current_app, payload)
    target_path = u'/{owner}/{repo}/{commit_sha}/'.format(**locals())
    
    status = dict(context='mapzen/precog', state='success',
                  target_url=urljoin(request.url, target_path),
                  description=u'Preview your changes')

    owner_repo = '{}/{}'.format(owner, repo)
    token = current_app.config['HOOK_SECRETS_TOKENS'].get(owner_repo, {}).get('token')
    
    post_github_status(status_url, status, (token, 'x-oauth-basic'))
    
    return 'Yo.'
Ejemplo n.º 5
0
    def decorated_function(*args, **kwargs):
        try:
            webhook_payload = json.loads(request.data.decode('utf8'))
            owner, repo, _, _ = get_webhook_commit_info(current_app, webhook_payload)
        except:
            return Response(json.dumps({'error': 'Unknown repository'}),
                            401, content_type='application/json')
            
        owner_repo = '{}/{}'.format(owner, repo)
        secret_key = current_app.config['HOOK_SECRETS_TOKENS'].get(owner_repo, {}).get('secret')
    
        #if not secret_key:
        #    # No configured secrets means no signature needed.
        #    getLogger('precog').info('No /hook signature required')
        #    return route_function(*args, **kwargs)
        
        if secret_key is None:
            return Response(json.dumps({'error': 'Missing key'}),
                            401, content_type='application/json')
    
        if 'X-Hub-Signature' not in request.headers:
            # Missing required signature is an error.
            getLogger('precog').warning('No /hook signature provided')
            return Response(json.dumps({'error': 'Missing signature'}),
                            401, content_type='application/json')

        def _sign(key):
            hash = hmac.new(key, request.data, hashlib.sha1)
            return 'sha1={}'.format(hash.hexdigest())

        actual = request.headers.get('X-Hub-Signature')
        expected = _sign(secret_key)
        
        if actual != expected:
            # Signature mismatch is an error.
            getLogger('precog').warning('Mismatched /hook signatures: {actual} vs. {expected}'.format(**locals()))
            return Response(json.dumps({'error': 'Invalid signature'}),
                            401, content_type='application/json')

        getLogger('precog').debug('Matching /hook signature: {actual}'.format(**locals()))
        return route_function(*args, **kwargs)