-
Notifications
You must be signed in to change notification settings - Fork 3
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Signed-off-by: Mehmet Baran Geylani <[email protected]>
- Loading branch information
Showing
10 changed files
with
1,452 additions
and
111 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Large diffs are not rendered by default.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,40 @@ | ||
from flask import Blueprint, abort | ||
from ..database import db | ||
from ..models.service import Service | ||
from .parser.parser import msg_parser | ||
from fedora_messaging import api | ||
from webhook_to_fedora_messaging.exceptions import SignatureMatchError | ||
from sqlalchemy import select | ||
from sqlalchemy.exc import NoResultFound | ||
|
||
|
||
message_endpoint = Blueprint("message_endpoint", __name__) | ||
|
||
|
||
@message_endpoint.route("/message/<service_uuid>", methods=["POST"]) | ||
def create_msg(service_uuid): | ||
""" | ||
Used for creating a new message by sending a post request to /message path | ||
Request Body: | ||
service_uuid: Service related to message. | ||
""" | ||
|
||
try: | ||
service = db.session.scalar(select(Service).where(Service.uuid == service_uuid)).one() | ||
except NoResultFound: | ||
return {'message': 'Service UUID Not Found'}, 404 | ||
|
||
try: | ||
msg = msg_parser(service.type, service.token) | ||
except SignatureMatchError as e: | ||
return abort(400, {'message': str(e)}) | ||
except ValueError as e: | ||
return abort(400, {'message': str(e)}) | ||
|
||
if msg is not None: | ||
api.publish(msg) | ||
return {'message': 'Success'} | ||
else: | ||
return abort(400, {'message': "Bad Request"}) |
Empty file.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,39 @@ | ||
from flask import request | ||
import hashlib | ||
import hmac | ||
from webhook_to_fedora_messaging_messages.github.github import GithubMessageV1 | ||
from ..util import fas_by_github | ||
from webhook_to_fedora_messaging.exceptions import SignatureMatchError | ||
|
||
def github_parser(secret: str) -> GithubMessageV1: | ||
"""Convert Flask request objects into desired FedMsg format. | ||
Args: | ||
secret: Specifies whether the webhook has secret key feature on or not | ||
""" | ||
|
||
headers = dict(request.headers) | ||
|
||
if secret and not verify_signature(secret, headers['X-Hub-Signature-256']): | ||
raise SignatureMatchError("Message Signature Couldn't be Matched.") | ||
|
||
topic = f"github.{headers['X-Github-Event']}" | ||
agent = fas_by_github(request.json['sender']['login']) # FASJSON | ||
return GithubMessageV1(topic=topic, body={'body': request.json, 'headers': headers, 'agent': agent}) | ||
|
||
|
||
def verify_signature(secret_token: str, signature_header: str) -> bool: | ||
"""Verify that the payload was sent from GitHub by validating SHA256. | ||
Return false if not authorized. | ||
Args: | ||
secret_token: GitHub app webhook token (WEBHOOK_SECRET) | ||
signature_header: header received from GitHub (x-hub-signature-256) | ||
""" | ||
if not signature_header: | ||
return False | ||
hash_object = hmac.new(secret_token.encode('utf-8'), msg=request.data, digestmod=hashlib.sha256) | ||
expected_signature = "sha256=" + hash_object.hexdigest() | ||
|
||
return hmac.compare_digest(expected_signature, signature_header) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,7 @@ | ||
from .github import github_parser | ||
|
||
def msg_parser(service_type: str, secret: str): | ||
if service_type.lower() == "github": | ||
return github_parser(secret) | ||
else: | ||
raise ValueError(f"Unsupported Service: {service_type}") |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -9,3 +9,7 @@ def __init__(self, text): | |
|
||
def __str__(self): | ||
return self.text | ||
|
||
class SignatureMatchError(Exception): | ||
pass | ||
|