8000 Expands documentation · rjz/githubhook@bac14c6 · GitHub
[go: up one dir, main page]
Skip to content

Commit bac14c6

Browse files
rjzrjz
committed
Expands documentation
1 parent 021b6bb commit bac14c6

File tree

1 file changed

+27
-6
lines changed

1 file changed

+27
-6
lines changed

githubhook.go

Lines changed: 27 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -1,3 +1,4 @@
1+
// Package githubhook implements handling and verification of github webhooks
12
package githubhook
23

34
import (
@@ -10,12 +11,29 @@ import (
1011
"strings"
1112
)
1213

13-
// Hook describes an inbound github webhook
14+
// Hook is an inbound github webhook
1415
type Hook struct {
16+
17+
// Id specifies the Id of a github webhook request.
18+
//
19+
// Id is extracted from the inbound request's `X-Github-Delivery` header.
20+
Id string
21+
22+
// Event specifies the event name of a github webhook request.
23+
//
24+
// Event is extracted from the inbound request's `X-GitHub-Event` header.
25+
// See: https://developer.github.com/webhooks/#events
26+
Event string
27+
28+
// Signature specifies the signature of a github webhook request.
29+
//
30+
// Signature is extracted from the inbound request's `X-Hub-Signature` header.
1531
Signature string
16-
Event string
17-
Id string
18-
Payload []byte
32+
33+
// Payload contains the raw contents of the webhook request.
34+
//
35+
// Payload is extracted from the JSON-formatted body of the inbound request.
36+
Payload []byte
1937
}
2038

2139
const signaturePrefix = "sha1="
@@ -28,6 +46,9 @@ func signBody(secret, body []byte) []byte {
2846
}
2947

3048
// SignedBy checks that the provided secret matches the hook Signature
49+
//
50+
// Implements validation described in github's documentation:
51+
// https://developer.github.com/webhooks/securing/
3152
func (h *Hook) SignedBy(secret []byte) bool {
3253
if len(h.Signature) != signatureLength || !strings.HasPrefix(h.Signature, signaturePrefix) {
3354
return false
@@ -39,7 +60,7 @@ func (h *Hook) SignedBy(secret []byte) bool {
3960
return hmac.Equal(signBody(secret, h.Payload), actual)
4061
}
4162

42-
// New extracts a Hook from an incoming http.Request
63+
// New reads a Hook from an incoming HTTP Request.
4364
func New(req *http.Request) (hook *Hook, err error) {
4465
hook = new(Hook)
4566
if !strings.EqualFold(req.Method, "POST") {
@@ -62,7 +83,7 @@ func New(req *http.Request) (hook *Hook, err error) {
6283
return
6384
}
6485

65-
// Parse extracts and verifies a hook against a secret
86+
// Parse reads and verifies the hook in an inbound request.
6687
func Parse(secret []byte, req *http.Request) (hook *Hook, err error) {
6788
hook, err = New(req)
6889
if err == nil && !hook.SignedBy(secret) {

0 commit comments

Comments
 (0)
0