-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathindex.js
48 lines (42 loc) · 1.49 KB
/
index.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
require("dotenv").config();
const crypto = require("crypto");
const polka = require("polka");
const { json } = require("body-parser");
const { spawn } = require("child_process");
function createComparisonSignature(body = "") {
const hmac = crypto.createHmac("sha1", process.env.WEBHOOK_SECRET);
const signature = hmac.update(JSON.stringify(body)).digest("hex");
return `sha1=${signature}`;
}
function compareSignatures(selfSignature, receivedSignature = "") {
const source = Buffer.from(receivedSignature);
const comparison = Buffer.from(selfSignature);
return (
receivedSignature.length === selfSignature.length &&
crypto.timingSafeEqual(source, comparison)
);
}
function verifyPayload(req, res, next) {
const { headers, body } = req;
const receivedSignature = headers["x-hub-signature"];
const selfSignature = createComparisonSignature(body);
if (!compareSignatures(selfSignature, receivedSignature)) {
return res.writeHead(401).end("Signature mismatch!");
}
next();
}
function runUpdateScript() {
console.log("\nStarting script!\n\n");
const command = spawn("./script.sh", [process.env.REPO_PATH]);
command.stdout.on("data", (data) => console.log(data.toString()));
command.stderr.on("data", (data) => console.error(data.toString()));
}
polka()
.use(json())
.use(verifyPayload)
.post("/", (req, res) => {
runUpdateScript();
res.end("Script started.");
})
.listen(process.env.PORT);
console.log(`Server listening at http://localhost:${process.env.PORT}`);