Compare commits
7 Commits
1ddd966b38
...
28b09e374a
Author | SHA1 | Date |
---|---|---|
Jimmy | 28b09e374a | |
Jimmy | c3d363e15a | |
Jimmy | 346c57d2b9 | |
Jimmy | 2451d5b000 | |
Jimmy | 3ff1800869 | |
Jimmy | 683a4b487e | |
Jimmy | b8267c2040 |
|
@ -1,2 +1,3 @@
|
|||
DOMAIN =
|
||||
EMAIL =
|
||||
BRANCH=
|
||||
TOKEN=
|
||||
WEBHOOK_SECRET=
|
|
@ -1,11 +1,11 @@
|
|||
FROM python:slim
|
||||
FROM tiangolo/uvicorn-gunicorn-fastapi:python3.7
|
||||
|
||||
|
||||
ENV DOCKER=1
|
||||
|
||||
RUN pip install aiohttp
|
||||
RUN pip install fastapi-responses
|
||||
|
||||
|
||||
COPY src /src
|
||||
COPY ./app /app/app
|
||||
|
||||
CMD [ "python", "/src/main.py"]
|
||||
|
||||
|
|
5
Pipfile
5
Pipfile
|
@ -11,11 +11,10 @@ requests = "*"
|
|||
fastapi = "*"
|
||||
uvicorn = {extras = ["standard"], version = "*"}
|
||||
fastapi-responses = "*"
|
||||
python-dotenv = "*"
|
||||
|
||||
[requires]
|
||||
python_version = "3.8"
|
||||
|
||||
[scripts]
|
||||
test = "pytest src/test.py -s --capture=sys"
|
||||
dev = "uvicorn src/main:app --reload"
|
||||
test = "pytest app/test/test.py -s --capture=sys"
|
||||
dev = "uvicorn app.main:app --reload"
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
{
|
||||
"_meta": {
|
||||
"hash": {
|
||||
"sha256": "3316652f79feb318e6104f936f3380ec7feee77cab7033b07666e40461611dc6"
|
||||
"sha256": "4ce5e23dc521f0bcb803b2fa8327b19f956a56bc4267a13b1a0dd644af024078"
|
||||
},
|
||||
"pipfile-spec": 6,
|
||||
"requires": {
|
||||
|
@ -109,7 +109,6 @@
|
|||
"sha256:aae25dc1ebe97c420f50b81fb0e5c949659af713f31fdb63c749ca68748f34b1",
|
||||
"sha256:f521bc2ac9a8e03c736f62911605c5d83970021e3fa95b37d769e2bbbe9b6172"
|
||||
],
|
||||
"index": "pypi",
|
||||
"version": "==0.19.0"
|
||||
},
|
||||
"pyyaml": {
|
||||
|
|
12
README.md
12
README.md
|
@ -1,2 +1,12 @@
|
|||
# webhook
|
||||
# Github Web Hook
|
||||
|
||||
Example of how to use Github weeb hooks using Fastapi
|
||||
|
||||
```pipenv sync```
|
||||
|
||||
```pipenv run test```
|
||||
|
||||
```cp .env.sample .env```
|
||||
|
||||
|
||||
|
||||
|
|
|
@ -1,17 +1,13 @@
|
|||
import os
|
||||
from os import getenv
|
||||
import hmac
|
||||
from fastapi import Request
|
||||
from fastapi.exceptions import HTTPException
|
||||
from fastapi.param_functions import Header
|
||||
from dotenv import load_dotenv
|
||||
|
||||
load_dotenv()
|
||||
|
||||
async def check_ref(request: Request):
|
||||
json = await request.json()
|
||||
if json["ref"] and json["ref"] == f"refs/heads/{os.environ.get('BRANCH')}":
|
||||
if json["ref"] and json["ref"] == f"refs/heads/{getenv('BRANCH')}":
|
||||
return
|
||||
raise HTTPException(status_code=403, detail="Invalid branch")
|
||||
raise HTTPException(status_code=202, detail="Invalid branch")
|
||||
|
||||
async def auth_hook(request: Request):
|
||||
try:
|
||||
|
@ -29,7 +25,7 @@ async def auth_hook(request: Request):
|
|||
if sha_name != 'sha1':
|
||||
raise HTTPException(status_code=400, detail="Invalid signature")
|
||||
|
||||
secret_key = os.environ.get('WEBHOOK_SECRET')
|
||||
secret_key = getenv('WEBHOOK_SECRET')
|
||||
if secret_key is None:
|
||||
raise HTTPException(status_code=503, detail="Missing WEBHOOK_SECRET")
|
||||
|
||||
|
@ -42,9 +38,8 @@ async def auth_hook(request: Request):
|
|||
|
||||
async def auth_web(request: Request):
|
||||
token = request._query_params.get("token")
|
||||
if token is None:
|
||||
if token is None or token is "":
|
||||
raise HTTPException(status_code=400, detail="Missing token")
|
||||
print(token, os.environ.get("TOKEN"))
|
||||
if token == os.environ.get("TOKEN"):
|
||||
if token == getenv("TOKEN"):
|
||||
return
|
||||
raise HTTPException(status_code=403, detail="Invalid token")
|
|
@ -0,0 +1,14 @@
|
|||
from fastapi import FastAPI, Request, Depends
|
||||
from fastapi_responses import custom_openapi
|
||||
from app.dependencies import auth_hook, auth_web, check_ref
|
||||
|
||||
app = FastAPI()
|
||||
|
||||
app.openapi = custom_openapi(app)
|
||||
|
||||
@app.get("/", dependencies=[Depends(auth_web)])
|
||||
@app.post("/", dependencies=[Depends(auth_hook), Depends(check_ref)])
|
||||
async def hook(req: Request):
|
||||
return "Update"
|
||||
|
||||
|
|
@ -0,0 +1,3 @@
|
|||
import sys
|
||||
import os
|
||||
sys.path.insert(0, os.path.abspath(os.path.join(os.path.dirname(__file__), '..')))
|
|
@ -2,17 +2,15 @@ from fastapi import FastAPI, Request, Depends
|
|||
|
||||
from fastapi.testclient import TestClient
|
||||
import hmac
|
||||
|
||||
from starlette.routing import request_response
|
||||
from main import app
|
||||
from auth import auth_hook, auth_web, check_ref
|
||||
from os import environ
|
||||
from app.main import app
|
||||
from app.dependencies import auth_hook, auth_web, check_ref
|
||||
from os import environ, getenv
|
||||
import json
|
||||
|
||||
environ['WEBHOOK_SECRET'] = "dfsgdsjghhgdaehlsdfjhjkdh"
|
||||
environ["BRANCH"] = "master"
|
||||
environ["TOKEN"] = "assdcvfgvh"
|
||||
secret_key = environ.get('WEBHOOK_SECRET')
|
||||
secret_key = getenv('WEBHOOK_SECRET')
|
||||
|
||||
client = TestClient(app)
|
||||
|
||||
|
@ -56,14 +54,14 @@ def test_auth():
|
|||
def test_branch():
|
||||
payload = {"ref": "refs/heads/master"}
|
||||
response = client.post("/test_ref", json= payload)
|
||||
assert response.status_code == 200
|
||||
assert response.status_code == 202
|
||||
|
||||
payload = {"ref": "refs/heads/test"}
|
||||
response = client.post("/test_ref", json= payload)
|
||||
assert response.status_code == 403
|
||||
|
||||
def test_web():
|
||||
response = client.get('/test_web?token={}'.format(environ.get("TOKEN")))
|
||||
response = client.get('/test_web?token={}'.format(getenv("TOKEN")))
|
||||
assert response.status_code == 200
|
||||
|
||||
response = client.get('/test_web')
|
|
@ -8,15 +8,15 @@ services:
|
|||
networks:
|
||||
- caddy
|
||||
restart: unless-stopped
|
||||
labels:
|
||||
caddy: ${DOMAIN}
|
||||
caddy.tls: ${EMAIL}
|
||||
caddy.reverse_proxy: "{{upstreams 8080}}"
|
||||
logging:
|
||||
driver: "json-file"
|
||||
options:
|
||||
max-size: "1m"
|
||||
tty: true
|
||||
env_file:
|
||||
.env
|
||||
ports:
|
||||
- 8000:80
|
||||
|
||||
networks:
|
||||
caddy:
|
||||
|
|
25
src/main.py
25
src/main.py
|
@ -1,25 +0,0 @@
|
|||
from os import environ
|
||||
import os
|
||||
from fastapi import FastAPI, Body, Request, Depends
|
||||
import json
|
||||
from fastapi.exceptions import HTTPException
|
||||
|
||||
from fastapi.param_functions import Header
|
||||
from fastapi_responses import custom_openapi
|
||||
from auth import auth_hook, auth_web, check_ref
|
||||
|
||||
|
||||
if not os.environ.get("DOCKER"):
|
||||
from dotenv import load_dotenv
|
||||
load_dotenv
|
||||
|
||||
app = FastAPI()
|
||||
|
||||
app.openapi = custom_openapi(app)
|
||||
|
||||
@app.get("/", dependencies=[Depends(auth_web)])
|
||||
@app.post("/", dependencies=[Depends(auth_hook), Depends(check_ref)])
|
||||
async def hook(req: Request):
|
||||
return "Update"
|
||||
|
||||
|
Loading…
Reference in New Issue