From 7be2c0ef69e0f92f5102e44684b179d8165a0917 Mon Sep 17 00:00:00 2001 From: jimmy Date: Tue, 25 May 2021 02:24:56 +0000 Subject: [PATCH] Implement main.py --- src/main.py | 52 +++++++++++++++++++++++++++++++++++++++++++++++++++- 1 file changed, 51 insertions(+), 1 deletion(-) diff --git a/src/main.py b/src/main.py index a3ea3c6..334ba34 100644 --- a/src/main.py +++ b/src/main.py @@ -1 +1,51 @@ -print("Hello") \ No newline at end of file +from aiohttp import web +import os +import hmac +import pack + +class App: + def __init__(self): + self.pack = pack.Pack() + self.app = web.Application() + self.app.add_routes([web.post('/update', self.updatePack)]) + self.app.router.add_static('/files', "./files") + web.run_app(self.app) + + + async def updatePack(self, request): + json = await request.json() + text = await request.read() + header_signature = request.headers.get('X-Hub-Signature') + if (status := self.verify_signature(text, header_signature)) == 200: + self.pack.pull() + self.pack.collate() + self.pack.compress() + self.pack.hash() + print(status) + return web.Response(status=status) + + def verify_signature(self, request_data, header_signature): + # do not store your secret key in your code, pull from environment variable + secret_key = os.environ.get('GITHUB_WEBHOOK_SECRET') + + if not header_signature: + return 404 + + # separate the signature from the sha1 indication + sha_name, signature = header_signature.split('=') + if sha_name != 'sha1': + return 501 + + # create a new hmac with the secret key and the request data + mac = hmac.new(secret_key.encode(), msg=request_data, digestmod='sha1') + + # verify the digest matches the signature + if not hmac.compare_digest(mac.hexdigest(), signature): + return 404 + return 200 + + + +if __name__ == '__main__': + app = App() +