├── .gitignore ├── docs ├── .DS_Store └── images │ ├── AE923A85-B21F-4BC7-9041-2E70F71AC169.png │ └── C3316AF3-4E74-4395-B98F-B1DBD6A68767.png ├── README.md ├── package.json ├── LICENSE └── index.js /.gitignore: -------------------------------------------------------------------------------- 1 | node_modules/ 2 | -------------------------------------------------------------------------------- /docs/.DS_Store: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/coding/Webhook.v2.Demo/master/docs/.DS_Store -------------------------------------------------------------------------------- /docs/images/AE923A85-B21F-4BC7-9041-2E70F71AC169.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/coding/Webhook.v2.Demo/master/docs/images/AE923A85-B21F-4BC7-9041-2E70F71AC169.png -------------------------------------------------------------------------------- /docs/images/C3316AF3-4E74-4395-B98F-B1DBD6A68767.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/coding/Webhook.v2.Demo/master/docs/images/C3316AF3-4E74-4395-B98F-B1DBD6A68767.png -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # Webhook.v2.Demo 2 | 3 | ## Usage 4 | ``` 5 | SECRET_TOKEN=123 node index.js 6 | ``` 7 | 8 | ### Using Coding Webhook 9 | ![create webhook](./docs/images/C3316AF3-4E74-4395-B98F-B1DBD6A68767.png) 10 | 11 | ![run demo server](./docs/images/AE923A85-B21F-4BC7-9041-2E70F71AC169.png) 12 | 13 | 14 | ## Acknowledgements 15 | https://stackoverflow.com/a/44875872 16 | -------------------------------------------------------------------------------- /package.json: -------------------------------------------------------------------------------- 1 | { 2 | "name": "webhook.v2.demo", 3 | "version": "1.0.0", 4 | "description": "", 5 | "main": "index.js", 6 | "scripts": { 7 | "test": "echo \"Error: no test specified\" && exit 1" 8 | }, 9 | "repository": { 10 | "type": "git", 11 | "url": "git+https://github.com/Coding/Webhook.v2.Demo.git" 12 | }, 13 | "keywords": [ 14 | "Coding.net", 15 | "Webhook" 16 | ], 17 | "author": "wusisu ", 18 | "license": "MIT", 19 | "bugs": { 20 | "url": "https://github.com/Coding/Webhook.v2.Demo/issues" 21 | }, 22 | "homepage": "https://github.com/Coding/Webhook.v2.Demo#readme", 23 | "dependencies": { 24 | "body-parser": "^1.18.2", 25 | "express": "^4.16.3" 26 | } 27 | } 28 | -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- 1 | MIT License 2 | 3 | Copyright (c) 2018 Coding 4 | 5 | Permission is hereby granted, free of charge, to any person obtaining a copy 6 | of this software and associated documentation files (the "Software"), to deal 7 | in the Software without restriction, including without limitation the rights 8 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 9 | copies of the Software, and to permit persons to whom the Software is 10 | furnished to do so, subject to the following conditions: 11 | 12 | The above copyright notice and this permission notice shall be included in all 13 | copies or substantial portions of the Software. 14 | 15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 17 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 18 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 19 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 20 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE 21 | SOFTWARE. 22 | -------------------------------------------------------------------------------- /index.js: -------------------------------------------------------------------------------- 1 | const express = require('express'); 2 | const bodyParser = require('body-parser'); 3 | const crypto = require('crypto'); 4 | 5 | const verifyWebhook = (req) => { 6 | if (!req.headers['user-agent'].includes('Coding.net Hook')) { 7 | return false; 8 | } 9 | // Compare their hmac signature to our hmac signature 10 | // (hmac = hash-based message authentication code) 11 | const theirSignature = req.headers['x-coding-signature']; 12 | console.log(theirSignature); 13 | const payload = req.body; 14 | const secret = process.env.SECRET_TOKEN; 15 | const ourSignature = `sha1=${crypto.createHmac('sha1', secret).update(payload).digest('hex')}`; 16 | return crypto.timingSafeEqual(Buffer.from(theirSignature), Buffer.from(ourSignature)); 17 | }; 18 | 19 | 20 | const app = express(); 21 | app.use(bodyParser.text({ type: '*/*' })); 22 | 23 | const notAuthorized = (req, res) => { 24 | console.log('Someone who is NOT Coding is calling, redirect them'); 25 | res.redirect(301, '/'); // Redirect to domain root 26 | }; 27 | 28 | const authorizationSuccessful = () => { 29 | console.log('Coding is calling, do something here'); 30 | // TODO: Do something here 31 | }; 32 | 33 | app.post('*', (req, res) => { 34 | if (verifyWebhook(req)) { 35 | // Coding calling 36 | authorizationSuccessful(); 37 | res.writeHead(200, { 'Content-Type': 'text/plain' }); 38 | res.end('Thanks Coding <3'); 39 | } else { 40 | // Someone else calling 41 | notAuthorized(req, res); 42 | } 43 | }); 44 | 45 | app.all('*', notAuthorized); // Only webhook requests allowed at this address 46 | 47 | app.listen(3000); 48 | 49 | console.log('Webhook service running at http://localhost:3000'); 50 | 51 | --------------------------------------------------------------------------------