Software /
code /
prosody-modules
Changeset
3515:f756e051fa02
mod_pubsub_github: Require a secret to be set (BC)
author | Kim Alvefur <zash@zash.se> |
---|---|
date | Sun, 31 Mar 2019 18:04:11 +0200 (2019-03-31) |
parents | 3514:8811b7dbe6e2 |
children | 3516:d94875c3ddda |
files | mod_pubsub_github/README.markdown mod_pubsub_github/mod_pubsub_github.lua |
diffstat | 2 files changed, 4 insertions(+), 2 deletions(-) [+] |
line wrap: on
line diff
--- a/mod_pubsub_github/README.markdown Sun Mar 31 17:59:17 2019 +0200 +++ b/mod_pubsub_github/README.markdown Sun Mar 31 18:04:11 2019 +0200 @@ -25,7 +25,7 @@ Name Default Description ----------------------- ------------------- ------------------------------------------------------------ `github_node` `"github"`{.lua} The pubsub node to publish commits on. - `github_secret` *not set* Shared secret used to sign HTTP requests. + `github_secret` **Required** Shared secret used to sign HTTP requests. `github_actor` *superuser* Which actor to do the publish as (used for access control) The URL for Github to post to would be either:
--- a/mod_pubsub_github/mod_pubsub_github.lua Sun Mar 31 17:59:17 2019 +0200 +++ b/mod_pubsub_github/mod_pubsub_github.lua Sun Mar 31 18:04:11 2019 +0200 @@ -9,6 +9,8 @@ local github_actor = module:get_option_string("github_actor") or true; local secret = module:get_option("github_secret"); +assert(secret, "Please set 'github_secret'"); + local error_mapping = { ["forbidden"] = 403; ["item-not-found"] = 404; @@ -18,7 +20,7 @@ function handle_POST(event) local request, response = event.request, event.response; - if secret and ("sha1=" .. hmac_sha1(secret, request.body, true)) ~= request.headers.x_hub_signature then + if ("sha1=" .. hmac_sha1(secret, request.body, true)) ~= request.headers.x_hub_signature then return 401; end local data = json.decode(request.body);