def test_must_specify_events_to_allow(self):
headers = {
'X-Hub-Signature': 'sha1=5d61605c3feea9799210ddcb71307d4ba264225f',
'X-GitHub-Delivery': '72d3162f-cc78-11e3-81ab-4c9367dc0958'
}
payload = ''
secret = 'secret'
assert webhook.verify(headers, payload, secret) is False
def test_must_specify_events_to_allow(self):
headers = {
"X-Hub-Signature": "sha1=5d61605c3feea9799210ddcb71307d4ba264225f",
"X-GitHub-Delivery": "72d3162f-cc78-11e3-81ab-4c9367dc0958",
}
payload = ""
secret = "secret"
assert webhook.verify(headers, payload, secret) is False
def test_can_filter_webhook_events(self):
headers = {
"X-Hub-Signature": "sha1=5d61605c3feea9799210ddcb71307d4ba264225f",
"X-GitHub-Delivery": "72d3162f-cc78-11e3-81ab-4c9367dc0958",
}
payload = ""
secret = "secret"
events = ["push"]
assert webhook.verify(headers, payload, secret, events=events) is False
def test_can_filter_webhook_events(self):
headers = {
'X-Hub-Signature': 'sha1=5d61605c3feea9799210ddcb71307d4ba264225f',
'X-GitHub-Delivery': '72d3162f-cc78-11e3-81ab-4c9367dc0958'
}
payload = ''
secret = 'secret'
events = ['push']
assert webhook.verify(headers, payload, secret, events=events) is False
def test_can_verify_webhook(self):
headers = {
"X-Hub-Signature": "sha1=25af6174a0fcecc4d346680a72b7ce644b9a88e8",
"X-GitHub-Event": "push",
"X-GitHub-Delivery": "72d3162f-cc78-11e3-81ab-4c9367dc0958",
}
payload = ""
secret = "secret"
events = ["push"]
assert webhook.verify(headers, payload, secret, events=events)
def test_delivery_guids_must_be_valid_guids(self):
headers = {
"X-Hub-Signature": "sha1=5d61605c3feea9799210ddcb71307d4ba264225f",
"X-GitHub-Event": "push",
"X-GitHub-Delivery": "not-a-guid",
}
payload = ""
secret = "secret"
events = ["push"]
assert webhook.verify(headers, payload, secret, events=events) is False
def test_can_request_app_id_be_returned_on_non_ping_events(self):
headers = {
"X-Hub-Signature": "sha1=25af6174a0fcecc4d346680a72b7ce644b9a88e8",
"X-GitHub-Event": "push",
"X-GitHub-Delivery": "72d3162f-cc78-11e3-81ab-4c9367dc0958",
"User-Agent": "GitHub-Hookshot/",
}
payload = ""
secret = "secret"
assert webhook.verify(headers, payload, secret, events=["*"], return_app_id=True)
def test_can_verify_webhook(self):
headers = {
'X-Hub-Signature': 'sha1=25af6174a0fcecc4d346680a72b7ce644b9a88e8',
'X-GitHub-Event': 'push',
'X-GitHub-Delivery': '72d3162f-cc78-11e3-81ab-4c9367dc0958'
}
payload = ''
secret = 'secret'
events = ['push']
assert webhook.verify(headers, payload, secret, events=events)
def test_delivery_guids_must_be_valid_guids(self):
headers = {
'X-Hub-Signature': 'sha1=5d61605c3feea9799210ddcb71307d4ba264225f',
'X-GitHub-Event': 'push',
'X-GitHub-Delivery': 'not-a-guid'
}
payload = ''
secret = 'secret'
events = ['push']
assert webhook.verify(headers, payload, secret, events=events) is False
def test_can_request_app_id_be_returned_on_non_ping_events(self):
headers = {
'X-Hub-Signature': 'sha1=25af6174a0fcecc4d346680a72b7ce644b9a88e8',
'X-GitHub-Event': 'push',
'X-GitHub-Delivery': '72d3162f-cc78-11e3-81ab-4c9367dc0958',
'User-Agent': 'GitHub-Hookshot/',
}
payload = ''
secret = 'secret'
assert webhook.verify(headers, payload, secret, events=['*'], return_app_id=True)
def test_verifies_user_agent(self):
headers = {
"X-Hub-Signature": "sha1=25af6174a0fcecc4d346680a72b7ce644b9a88e8",
"X-GitHub-Event": "push",
"X-GitHub-Delivery": "72d3162f-cc78-11e3-81ab-4c9367dc0958",
"User-Agent": "GitHub-Hooks",
}
payload = ""
secret = "secret"
events = ["push"]
assert webhook.verify(headers, payload, secret, events=events, verify_user_agent=True) is False
def test_verifies_user_agent(self):
headers = {
'X-Hub-Signature': 'sha1=25af6174a0fcecc4d346680a72b7ce644b9a88e8',
'X-GitHub-Event': 'push',
'X-GitHub-Delivery': '72d3162f-cc78-11e3-81ab-4c9367dc0958',
'User-Agent': 'GitHub-Hooks',
}
payload = ''
secret = 'secret'
events = ['push']
assert webhook.verify(headers, payload, secret, events=events, verify_user_agent=True) is False
def test_verify_ping_event(self):
headers = {
"X-Hub-Signature": "sha1=76b55589eeb1d5609a01922fc9a52475cf746a5b",
"X-GitHub-Event": "ping",
"X-GitHub-Delivery": "72d3162f-cc78-11e3-81ab-4c9367dc0958",
"User-Agent": "GitHub-Hookshot/",
}
payload = json.dumps(
{"hook": {"type": "App", "id": 11, "active": True, "events": ["pull_request"], "app_id": 42}}
)
payload = '{"hook": {"events": ["pull_request"], "app_id": 42, "id": 11, "active": true, "type": "App"}}'
secret = "secret"
app_id = webhook.verify(headers, payload, secret, events=["*"], return_app_id=True)
assert app_id == 42
def events():
if not webhook.verify(
bp.current_request.headers,
bp.current_request.raw_body.decode("utf-8"),
config.APP_WEBHOOK_SECRET,
events=["*"],
):
raise ForbiddenError(
f"Error validating the event: {bp.current_request.to_dict()}")
r: Request = bp.current_request
event_topic = r.headers["x-github-event"]
pub.sendMessage(f"gh.{event_topic}", payload=r.json_body)
return {}
def test_verify_ping_event(self):
headers = {
'X-Hub-Signature': 'sha1=76b55589eeb1d5609a01922fc9a52475cf746a5b',
'X-GitHub-Event': 'ping',
'X-GitHub-Delivery': '72d3162f-cc78-11e3-81ab-4c9367dc0958',
'User-Agent': 'GitHub-Hookshot/',
}
payload = json.dumps(
{
'hook': {
'type': 'App',
'id': 11,
'active': True,
'events': ['pull_request'],
'app_id': 42,
}
}
)
payload = '{"hook": {"events": ["pull_request"], "app_id": 42, "id": 11, "active": true, "type": "App"}}'
secret = 'secret'
app_id = webhook.verify(headers, payload, secret, events=['*'], return_app_id=True)
assert app_id == 42
