python
/
webhook
1
0
Fork 0
Code Issues 1 Pull Requests Projects Releases Wiki Activity

Check json

This commit is contained in:
Jimmy 2022-02-23 10:25:19 +00:00
parent 0217d98d4f
commit c3141df775
1 changed files with 4 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
app/dependencies.py
View File

@ -6,11 +6,12 @@ from fastapi.exceptions import HTTPException
async def auth_hook(request: Request): async def auth_hook(request: Request):
try: try:
text = await request.body() text = await request.body()
json = await request.json()
except: except:
raise HTTPException(status_code=204, detail="Missing or bad content") raise HTTPException(status_code=204, detail="Missing or bad content")
header_signature = request.headers.get('X-Hub-Signature')
header_signature = request.headers.get('X-Hub-Signature')
if not header_signature: if not header_signature:
raise HTTPException(status_code=400, detail="Missing signature") raise HTTPException(status_code=400, detail="Missing signature")
@ -27,6 +28,7 @@ async def auth_hook(request: Request):
mac = hmac.new(secret_key.encode(), msg=text, digestmod='sha1') mac = hmac.new(secret_key.encode(), msg=text, digestmod='sha1')
# verify the digest matches the signature # verify the digest matches the signature
print(f'{mac.hexdigest()} {signature}')
if not hmac.compare_digest(mac.hexdigest(), signature): if not hmac.compare_digest(mac.hexdigest(), signature):
raise HTTPException(status_code=403, detail="Unauthorized") raise HTTPException(status_code=403, detail="Unauthorized")