Skip to content

Stack middleware to restrict application access to GitHub Event bot with signed payload

License

Notifications You must be signed in to change notification settings

Swop/github-webhook-stackphp

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

16 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Github WebHook Stack middleware

Build Status

Stack middleware to restrict application access to GitHub Event bot with signed payload.

Every incoming request will see its X-Hub-Signature header checked in order to validate that the request was originally performed by GitHub. Any requests which doesn't have correct signature will lead to a 401 Unauthorized JSON response.

Installation

The recommended way to install this library is through Composer:

composer require "swop/github-webhook-stackphp"

Usage

Silex example

require __DIR__ . '/../vendor/autoload.php';

use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\HttpFoundation\Response;

$app = new \Silex\Application();

$app->get('/', function(Request $request) {
    return new Response('Hello world!', 200);
});

$app = (new \Stack\Builder())
    ->push('Swop\GitHubWebHookStackPHP\GitHubWebHook', 'my_secret')
    ->resolve($app)
;

$request = Request::createFromGlobals();
$response = $app->handle($request)->send();

$app->terminate($request, $response);

Symfony example

# web/app_dev.php

use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\Debug\Debug;

$loader = require_once __DIR__.'/../app/bootstrap.php.cache';
Debug::enable();

require_once __DIR__.'/../app/AppKernel.php';

$kernel = new AppKernel('dev', true);
$kernel->loadClassCache();

$stack = (new Stack\Builder())
    ->push('Swop\GitHubWebHookStackPHP\GitHubWebHook', 'my_secret')
;

$kernel = $stack->resolve($kernel);

Request::enableHttpMethodParameterOverride();
$request = Request::createFromGlobals();
$response = $kernel->handle($request);
$response->send();
$kernel->terminate($request, $response);

Contributing

See CONTRIBUTING file.

Original Credits

License

This library is released under the MIT license. See the complete license in the bundled LICENSE file.

About

Stack middleware to restrict application access to GitHub Event bot with signed payload

Resources

License

Stars

Watchers

Forks

Packages

No packages published