Stack middleware to restrict application access to GitHub Event bot with signed payload.
Every incoming request will see its X-Hub-Signature
header checked in order to validate that the request was originally performed by GitHub.
Any requests which doesn't have correct signature will lead to a 401 Unauthorized
JSON response.
The recommended way to install this library is through Composer:
composer require "swop/github-webhook-stackphp"
require __DIR__ . '/../vendor/autoload.php';
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\HttpFoundation\Response;
$app = new \Silex\Application();
$app->get('/', function(Request $request) {
return new Response('Hello world!', 200);
});
$app = (new \Stack\Builder())
->push('Swop\GitHubWebHookStackPHP\GitHubWebHook', 'my_secret')
->resolve($app)
;
$request = Request::createFromGlobals();
$response = $app->handle($request)->send();
$app->terminate($request, $response);
# web/app_dev.php
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\Debug\Debug;
$loader = require_once __DIR__.'/../app/bootstrap.php.cache';
Debug::enable();
require_once __DIR__.'/../app/AppKernel.php';
$kernel = new AppKernel('dev', true);
$kernel->loadClassCache();
$stack = (new Stack\Builder())
->push('Swop\GitHubWebHookStackPHP\GitHubWebHook', 'my_secret')
;
$kernel = $stack->resolve($kernel);
Request::enableHttpMethodParameterOverride();
$request = Request::createFromGlobals();
$response = $kernel->handle($request);
$response->send();
$kernel->terminate($request, $response);
See CONTRIBUTING file.
- Sylvain MAUDUIT (@Swop) as main author.
This library is released under the MIT license. See the complete license in the bundled LICENSE file.