Module: LoadRunner::ServerHelper

Included in:
Server
Defined in:
lib/load_runner/server_helper.rb

Instance Method Summary collapse

Instance Method Details

#secret_tokenObject 



21
22
23
 
# File 'lib/load_runner/server_helper.rb', line 21

def secret_token
  ENV['GITHUB_SECRET_TOKEN']
end

#verify_signature(payload_body) ⇒ Object 



3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
 
# File 'lib/load_runner/server_helper.rb', line 3

def verify_signature(payload_body)
  request_signature = request.env['HTTP_X_HUB_SIGNATURE']

  if secret_token and !request_signature
    return halt 401, "Client did not send a signature"
  end

  if !secret_token and request_signature
    return halt 401, "Server secret token is not configured"
  end

  if secret_token and request_signature
    signature = 'sha1=' + OpenSSL::HMAC.hexdigest(OpenSSL::Digest.new('sha1'), secret_token, payload_body)
    signature_match = Rack::Utils.secure_compare(signature, request.env['HTTP_X_HUB_SIGNATURE'])
    return halt 401, "Signature mismatch" unless signature_match
  end
end