├── .formatter.exs
├── .gitignore
├── README.md
├── assets
├── .babelrc
├── css
│ ├── app.scss
│ └── phoenix.css
├── js
│ ├── app.js
│ └── socket.js
├── package-lock.json
├── package.json
├── static
│ ├── favicon.ico
│ ├── images
│ │ └── phoenix.png
│ └── robots.txt
└── webpack.config.js
├── config
├── config.exs
├── dev.exs
├── prod.exs
├── prod.secret.exs
└── test.exs
├── lib
├── webhook_signature.ex
├── webhook_signature
│ ├── application.ex
│ ├── payload_validator.ex
│ └── repo.ex
├── webhook_signature_web.ex
└── webhook_signature_web
│ ├── channels
│ └── user_socket.ex
│ ├── controllers
│ ├── github_webhook_controller.ex
│ └── page_controller.ex
│ ├── endpoint.ex
│ ├── gettext.ex
│ ├── plugs
│ ├── raw_body_passthrough.ex
│ └── require_payload_signature_match.ex
│ ├── router.ex
│ ├── telemetry.ex
│ ├── templates
│ ├── layout
│ │ └── app.html.eex
│ └── page
│ │ └── index.html.eex
│ └── views
│ ├── error_helpers.ex
│ ├── error_view.ex
│ ├── github_webhook_view.ex
│ ├── layout_view.ex
│ └── page_view.ex
├── mix.exs
├── mix.lock
├── priv
├── gettext
│ ├── en
│ │ └── LC_MESSAGES
│ │ │ └── errors.po
│ └── errors.pot
└── repo
│ ├── migrations
│ └── .formatter.exs
│ └── seeds.exs
└── test
├── support
├── channel_case.ex
├── conn_case.ex
└── data_case.ex
├── test_helper.exs
├── webhook_signature
└── payload_validator_test.exs
└── webhook_signature_web
├── controllers
├── github_webhook_controller_test.exs
└── page_controller_test.exs
└── views
├── error_view_test.exs
├── layout_view_test.exs
└── page_view_test.exs
/.formatter.exs:
--------------------------------------------------------------------------------
1 | [
2 | import_deps: [:ecto, :phoenix],
3 | inputs: ["*.{ex,exs}", "priv/*/seeds.exs", "{config,lib,test}/**/*.{ex,exs}"],
4 | subdirectories: ["priv/*/migrations"]
5 | ]
6 |
--------------------------------------------------------------------------------
/.gitignore:
--------------------------------------------------------------------------------
1 | # The directory Mix will write compiled artifacts to.
2 | /_build/
3 |
4 | # If you run "mix test --cover", coverage assets end up here.
5 | /cover/
6 |
7 | # The directory Mix downloads your dependencies sources to.
8 | /deps/
9 |
10 | # Where 3rd-party dependencies like ExDoc output generated docs.
11 | /doc/
12 |
13 | # Ignore .fetch files in case you like to edit your project deps locally.
14 | /.fetch
15 |
16 | # If the VM crashes, it generates a dump, let's ignore it too.
17 | erl_crash.dump
18 |
19 | # Also ignore archive artifacts (built via "mix archive.build").
20 | *.ez
21 |
22 | # Ignore package tarball (built via "mix hex.build").
23 | webhook_signature-*.tar
24 |
25 | # If NPM crashes, it generates a log, let's ignore it too.
26 | npm-debug.log
27 |
28 | # The directory NPM downloads your dependencies sources to.
29 | /assets/node_modules/
30 |
31 | # Since we are building assets from assets/,
32 | # we ignore priv/static. You may want to comment
33 | # this depending on your deployment strategy.
34 | /priv/static/
35 |
--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
1 | # WebhookSignature
2 |
3 | A sample Phoenix app to help demonstrate how to validate the signature of a webhook payload in Elixir.
4 |
5 | Blog post:
6 |
7 | ## Usage Demo
8 |
9 | ```bash
10 | $ curl --verbose \
11 | -H "Content-Type: application/json" \
12 | -H "X-Hub-Signature: sha256=83f6ac8a267da03ba43b9a87b5b665fa8e303bd493dc6c90d44e07a19bf7cb8c" \
13 | -d '{"hello":"world"}' \
14 | http://127.0.0.1:4000/github/webhook
15 | ```
16 |
17 | Output showing success, `HTTP/1.1 200 OK`:
18 |
19 | ```
20 | * Trying 127.0.0.1...
21 | * TCP_NODELAY set
22 | * Connected to 127.0.0.1 (127.0.0.1) port 4000 (#0)
23 | > POST /github/webhook HTTP/1.1
24 | > Host: 127.0.0.1:4000
25 | > User-Agent: curl/7.64.1
26 | > Accept: */*
27 | > Content-Type: application/json
28 | > X-Hub-Signature: sha256=83f6ac8a267da03ba43b9a87b5b665fa8e303bd493dc6c90d44e07a19bf7cb8c
29 | > Content-Length: 17
30 | >
31 | * upload completely sent off: 17 out of 17 bytes
32 | < HTTP/1.1 200 OK
33 | < cache-control: max-age=0, private, must-revalidate
34 | < content-length: 4
35 | < content-type: application/json; charset=utf-8
36 | < date: Mon, 22 Feb 2021 20:11:53 GMT
37 | < server: Cowboy
38 | < x-request-id: FmYq7ROzBOzPgWkAABIB
39 | <
40 | * Connection #0 to host 127.0.0.1 left intact
41 | null* Closing connection 0
42 | ```
43 |
44 | ## Standard Phoenix Things
45 |
46 | To start your Phoenix server:
47 |
48 | * Install dependencies with `mix deps.get`
49 | * Create and migrate your database with `mix ecto.setup`
50 | * Install Node.js dependencies with `npm install` inside the `assets` directory
51 | * Start Phoenix endpoint with `mix phx.server`
52 |
53 | Now you can visit [`localhost:4000`](http://localhost:4000) from your browser.
54 |
55 | Ready to run in production? Please [check our deployment guides](https://hexdocs.pm/phoenix/deployment.html).
56 |
57 | ## Learn more
58 |
59 | * Official website: https://www.phoenixframework.org/
60 | * Guides: https://hexdocs.pm/phoenix/overview.html
61 | * Docs: https://hexdocs.pm/phoenix
62 | * Forum: https://elixirforum.com/c/phoenix-forum
63 | * Source: https://github.com/phoenixframework/phoenix
64 |
--------------------------------------------------------------------------------
/assets/.babelrc:
--------------------------------------------------------------------------------
1 | {
2 | "presets": [
3 | "@babel/preset-env"
4 | ]
5 | }
6 |
--------------------------------------------------------------------------------
/assets/css/app.scss:
--------------------------------------------------------------------------------
1 | /* This file is for your main application css. */
2 | @import "./phoenix.css";
3 |
4 | /* Alerts and form errors */
5 | .alert {
6 | padding: 15px;
7 | margin-bottom: 20px;
8 | border: 1px solid transparent;
9 | border-radius: 4px;
10 | }
11 | .alert-info {
12 | color: #31708f;
13 | background-color: #d9edf7;
14 | border-color: #bce8f1;
15 | }
16 | .alert-warning {
17 | color: #8a6d3b;
18 | background-color: #fcf8e3;
19 | border-color: #faebcc;
20 | }
21 | .alert-danger {
22 | color: #a94442;
23 | background-color: #f2dede;
24 | border-color: #ebccd1;
25 | }
26 | .alert p {
27 | margin-bottom: 0;
28 | }
29 | .alert:empty {
30 | display: none;
31 | }
32 | .invalid-feedback {
33 | color: #a94442;
34 | display: block;
35 | margin: -1rem 0 2rem;
36 | }
37 |
--------------------------------------------------------------------------------
/assets/css/phoenix.css:
--------------------------------------------------------------------------------
1 | /* Includes some default style for the starter application.
2 | * This can be safely deleted to start fresh.
3 | */
4 |
5 | /* Milligram v1.3.0 https://milligram.github.io
6 | * Copyright (c) 2017 CJ Patoilo Licensed under the MIT license
7 | */
8 |
9 | *,*:after,*:before{box-sizing:inherit}html{box-sizing:border-box;font-size:62.5%}body{color:#000000;font-family:'Helvetica', 'Arial', sans-serif;font-size:1.6em;font-weight:300;line-height:1.6}blockquote{border-left:0.3rem solid #d1d1d1;margin-left:0;margin-right:0;padding:1rem 1.5rem}blockquote *:last-child{margin-bottom:0}.button,button,input[type='button'],input[type='reset'],input[type='submit']{background-color:#0069d9;border:0.1rem solid #0069d9;border-radius:.4rem;color:#fff;cursor:pointer;display:inline-block;font-size:1.1rem;font-weight:700;height:3.8rem;letter-spacing:.1rem;line-height:3.8rem;padding:0 3.0rem;text-align:center;text-decoration:none;text-transform:uppercase;white-space:nowrap}.button:focus,.button:hover,button:focus,button:hover,input[type='button']:focus,input[type='button']:hover,input[type='reset']:focus,input[type='reset']:hover,input[type='submit']:focus,input[type='submit']:hover{background-color:#606c76;border-color:#606c76;color:#fff;outline:0}.button[disabled],button[disabled],input[type='button'][disabled],input[type='reset'][disabled],input[type='submit'][disabled]{cursor:default;opacity:.5}.button[disabled]:focus,.button[disabled]:hover,button[disabled]:focus,button[disabled]:hover,input[type='button'][disabled]:focus,input[type='button'][disabled]:hover,input[type='reset'][disabled]:focus,input[type='reset'][disabled]:hover,input[type='submit'][disabled]:focus,input[type='submit'][disabled]:hover{background-color:#0069d9;border-color:#0069d9}.button.button-outline,button.button-outline,input[type='button'].button-outline,input[type='reset'].button-outline,input[type='submit'].button-outline{background-color:transparent;color:#0069d9}.button.button-outline:focus,.button.button-outline:hover,button.button-outline:focus,button.button-outline:hover,input[type='button'].button-outline:focus,input[type='button'].button-outline:hover,input[type='reset'].button-outline:focus,input[type='reset'].button-outline:hover,input[type='submit'].button-outline:focus,input[type='submit'].button-outline:hover{background-color:transparent;border-color:#606c76;color:#606c76}.button.button-outline[disabled]:focus,.button.button-outline[disabled]:hover,button.button-outline[disabled]:focus,button.button-outline[disabled]:hover,input[type='button'].button-outline[disabled]:focus,input[type='button'].button-outline[disabled]:hover,input[type='reset'].button-outline[disabled]:focus,input[type='reset'].button-outline[disabled]:hover,input[type='submit'].button-outline[disabled]:focus,input[type='submit'].button-outline[disabled]:hover{border-color:inherit;color:#0069d9}.button.button-clear,button.button-clear,input[type='button'].button-clear,input[type='reset'].button-clear,input[type='submit'].button-clear{background-color:transparent;border-color:transparent;color:#0069d9}.button.button-clear:focus,.button.button-clear:hover,button.button-clear:focus,button.button-clear:hover,input[type='button'].button-clear:focus,input[type='button'].button-clear:hover,input[type='reset'].button-clear:focus,input[type='reset'].button-clear:hover,input[type='submit'].button-clear:focus,input[type='submit'].button-clear:hover{background-color:transparent;border-color:transparent;color:#606c76}.button.button-clear[disabled]:focus,.button.button-clear[disabled]:hover,button.button-clear[disabled]:focus,button.button-clear[disabled]:hover,input[type='button'].button-clear[disabled]:focus,input[type='button'].button-clear[disabled]:hover,input[type='reset'].button-clear[disabled]:focus,input[type='reset'].button-clear[disabled]:hover,input[type='submit'].button-clear[disabled]:focus,input[type='submit'].button-clear[disabled]:hover{color:#0069d9}code{background:#f4f5f6;border-radius:.4rem;font-size:86%;margin:0 .2rem;padding:.2rem .5rem;white-space:nowrap}pre{background:#f4f5f6;border-left:0.3rem solid #0069d9;overflow-y:hidden}pre>code{border-radius:0;display:block;padding:1rem 1.5rem;white-space:pre}hr{border:0;border-top:0.1rem solid #f4f5f6;margin:3.0rem 0}input[type='email'],input[type='number'],input[type='password'],input[type='search'],input[type='tel'],input[type='text'],input[type='url'],textarea,select{-webkit-appearance:none;-moz-appearance:none;appearance:none;background-color:transparent;border:0.1rem solid #d1d1d1;border-radius:.4rem;box-shadow:none;box-sizing:inherit;height:3.8rem;padding:.6rem 1.0rem;width:100%}input[type='email']:focus,input[type='number']:focus,input[type='password']:focus,input[type='search']:focus,input[type='tel']:focus,input[type='text']:focus,input[type='url']:focus,textarea:focus,select:focus{border-color:#0069d9;outline:0}select{background:url('data:image/svg+xml;utf8,') center right no-repeat;padding-right:3.0rem}select:focus{background-image:url('data:image/svg+xml;utf8,')}textarea{min-height:6.5rem}label,legend{display:block;font-size:1.6rem;font-weight:700;margin-bottom:.5rem}fieldset{border-width:0;padding:0}input[type='checkbox'],input[type='radio']{display:inline}.label-inline{display:inline-block;font-weight:normal;margin-left:.5rem}.row{display:flex;flex-direction:column;padding:0;width:100%}.row.row-no-padding{padding:0}.row.row-no-padding>.column{padding:0}.row.row-wrap{flex-wrap:wrap}.row.row-top{align-items:flex-start}.row.row-bottom{align-items:flex-end}.row.row-center{align-items:center}.row.row-stretch{align-items:stretch}.row.row-baseline{align-items:baseline}.row .column{display:block;flex:1 1 auto;margin-left:0;max-width:100%;width:100%}.row .column.column-offset-10{margin-left:10%}.row .column.column-offset-20{margin-left:20%}.row .column.column-offset-25{margin-left:25%}.row .column.column-offset-33,.row .column.column-offset-34{margin-left:33.3333%}.row .column.column-offset-50{margin-left:50%}.row .column.column-offset-66,.row .column.column-offset-67{margin-left:66.6666%}.row .column.column-offset-75{margin-left:75%}.row .column.column-offset-80{margin-left:80%}.row .column.column-offset-90{margin-left:90%}.row .column.column-10{flex:0 0 10%;max-width:10%}.row .column.column-20{flex:0 0 20%;max-width:20%}.row .column.column-25{flex:0 0 25%;max-width:25%}.row .column.column-33,.row .column.column-34{flex:0 0 33.3333%;max-width:33.3333%}.row .column.column-40{flex:0 0 40%;max-width:40%}.row .column.column-50{flex:0 0 50%;max-width:50%}.row .column.column-60{flex:0 0 60%;max-width:60%}.row .column.column-66,.row .column.column-67{flex:0 0 66.6666%;max-width:66.6666%}.row .column.column-75{flex:0 0 75%;max-width:75%}.row .column.column-80{flex:0 0 80%;max-width:80%}.row .column.column-90{flex:0 0 90%;max-width:90%}.row .column .column-top{align-self:flex-start}.row .column .column-bottom{align-self:flex-end}.row .column .column-center{-ms-grid-row-align:center;align-self:center}@media (min-width: 40rem){.row{flex-direction:row;margin-left:-1.0rem;width:calc(100% + 2.0rem)}.row .column{margin-bottom:inherit;padding:0 1.0rem}}a{color:#0069d9;text-decoration:none}a:focus,a:hover{color:#606c76}dl,ol,ul{list-style:none;margin-top:0;padding-left:0}dl dl,dl ol,dl ul,ol dl,ol ol,ol ul,ul dl,ul ol,ul ul{font-size:90%;margin:1.5rem 0 1.5rem 3.0rem}ol{list-style:decimal inside}ul{list-style:circle inside}.button,button,dd,dt,li{margin-bottom:1.0rem}fieldset,input,select,textarea{margin-bottom:1.5rem}blockquote,dl,figure,form,ol,p,pre,table,ul{margin-bottom:2.5rem}table{border-spacing:0;width:100%}td,th{border-bottom:0.1rem solid #e1e1e1;padding:1.2rem 1.5rem;text-align:left}td:first-child,th:first-child{padding-left:0}td:last-child,th:last-child{padding-right:0}b,strong{font-weight:bold}p{margin-top:0}h1,h2,h3,h4,h5,h6{font-weight:300;letter-spacing:-.1rem;margin-bottom:2.0rem;margin-top:0}h1{font-size:4.6rem;line-height:1.2}h2{font-size:3.6rem;line-height:1.25}h3{font-size:2.8rem;line-height:1.3}h4{font-size:2.2rem;letter-spacing:-.08rem;line-height:1.35}h5{font-size:1.8rem;letter-spacing:-.05rem;line-height:1.5}h6{font-size:1.6rem;letter-spacing:0;line-height:1.4}img{max-width:100%}.clearfix:after{clear:both;content:' ';display:table}.float-left{float:left}.float-right{float:right}
10 |
11 | /* General style */
12 | h1{font-size: 3.6rem; line-height: 1.25}
13 | h2{font-size: 2.8rem; line-height: 1.3}
14 | h3{font-size: 2.2rem; letter-spacing: -.08rem; line-height: 1.35}
15 | h4{font-size: 1.8rem; letter-spacing: -.05rem; line-height: 1.5}
16 | h5{font-size: 1.6rem; letter-spacing: 0; line-height: 1.4}
17 | h6{font-size: 1.4rem; letter-spacing: 0; line-height: 1.2}
18 | pre{padding: 1em;}
19 |
20 | .container{
21 | margin: 0 auto;
22 | max-width: 80.0rem;
23 | padding: 0 2.0rem;
24 | position: relative;
25 | width: 100%
26 | }
27 | select {
28 | width: auto;
29 | }
30 |
31 | /* Phoenix promo and logo */
32 | .phx-hero {
33 | text-align: center;
34 | border-bottom: 1px solid #e3e3e3;
35 | background: #eee;
36 | border-radius: 6px;
37 | padding: 3em 3em 1em;
38 | margin-bottom: 3rem;
39 | font-weight: 200;
40 | font-size: 120%;
41 | }
42 | .phx-hero input {
43 | background: #ffffff;
44 | }
45 | .phx-logo {
46 | min-width: 300px;
47 | margin: 1rem;
48 | display: block;
49 | }
50 | .phx-logo img {
51 | width: auto;
52 | display: block;
53 | }
54 |
55 | /* Headers */
56 | header {
57 | width: 100%;
58 | background: #fdfdfd;
59 | border-bottom: 1px solid #eaeaea;
60 | margin-bottom: 2rem;
61 | }
62 | header section {
63 | align-items: center;
64 | display: flex;
65 | flex-direction: column;
66 | justify-content: space-between;
67 | }
68 | header section :first-child {
69 | order: 2;
70 | }
71 | header section :last-child {
72 | order: 1;
73 | }
74 | header nav ul,
75 | header nav li {
76 | margin: 0;
77 | padding: 0;
78 | display: block;
79 | text-align: right;
80 | white-space: nowrap;
81 | }
82 | header nav ul {
83 | margin: 1rem;
84 | margin-top: 0;
85 | }
86 | header nav a {
87 | display: block;
88 | }
89 |
90 | @media (min-width: 40.0rem) { /* Small devices (landscape phones, 576px and up) */
91 | header section {
92 | flex-direction: row;
93 | }
94 | header nav ul {
95 | margin: 1rem;
96 | }
97 | .phx-logo {
98 | flex-basis: 527px;
99 | margin: 2rem 1rem;
100 | }
101 | }
102 |
--------------------------------------------------------------------------------
/assets/js/app.js:
--------------------------------------------------------------------------------
1 | // We need to import the CSS so that webpack will load it.
2 | // The MiniCssExtractPlugin is used to separate it out into
3 | // its own CSS file.
4 | import "../css/app.scss"
5 |
6 | // webpack automatically bundles all modules in your
7 | // entry points. Those entry points can be configured
8 | // in "webpack.config.js".
9 | //
10 | // Import deps with the dep name or local files with a relative path, for example:
11 | //
12 | // import {Socket} from "phoenix"
13 | // import socket from "./socket"
14 | //
15 | import "phoenix_html"
16 |
--------------------------------------------------------------------------------
/assets/js/socket.js:
--------------------------------------------------------------------------------
1 | // NOTE: The contents of this file will only be executed if
2 | // you uncomment its entry in "assets/js/app.js".
3 |
4 | // To use Phoenix channels, the first step is to import Socket,
5 | // and connect at the socket path in "lib/web/endpoint.ex".
6 | //
7 | // Pass the token on params as below. Or remove it
8 | // from the params if you are not using authentication.
9 | import {Socket} from "phoenix"
10 |
11 | let socket = new Socket("/socket", {params: {token: window.userToken}})
12 |
13 | // When you connect, you'll often need to authenticate the client.
14 | // For example, imagine you have an authentication plug, `MyAuth`,
15 | // which authenticates the session and assigns a `:current_user`.
16 | // If the current user exists you can assign the user's token in
17 | // the connection for use in the layout.
18 | //
19 | // In your "lib/web/router.ex":
20 | //
21 | // pipeline :browser do
22 | // ...
23 | // plug MyAuth
24 | // plug :put_user_token
25 | // end
26 | //
27 | // defp put_user_token(conn, _) do
28 | // if current_user = conn.assigns[:current_user] do
29 | // token = Phoenix.Token.sign(conn, "user socket", current_user.id)
30 | // assign(conn, :user_token, token)
31 | // else
32 | // conn
33 | // end
34 | // end
35 | //
36 | // Now you need to pass this token to JavaScript. You can do so
37 | // inside a script tag in "lib/web/templates/layout/app.html.eex":
38 | //
39 | //
40 | //
41 | // You will need to verify the user token in the "connect/3" function
42 | // in "lib/web/channels/user_socket.ex":
43 | //
44 | // def connect(%{"token" => token}, socket, _connect_info) do
45 | // # max_age: 1209600 is equivalent to two weeks in seconds
46 | // case Phoenix.Token.verify(socket, "user socket", token, max_age: 1209600) do
47 | // {:ok, user_id} ->
48 | // {:ok, assign(socket, :user, user_id)}
49 | // {:error, reason} ->
50 | // :error
51 | // end
52 | // end
53 | //
54 | // Finally, connect to the socket:
55 | socket.connect()
56 |
57 | // Now that you are connected, you can join channels with a topic:
58 | let channel = socket.channel("topic:subtopic", {})
59 | channel.join()
60 | .receive("ok", resp => { console.log("Joined successfully", resp) })
61 | .receive("error", resp => { console.log("Unable to join", resp) })
62 |
63 | export default socket
64 |
--------------------------------------------------------------------------------
/assets/package.json:
--------------------------------------------------------------------------------
1 | {
2 | "repository": {},
3 | "description": " ",
4 | "license": "MIT",
5 | "scripts": {
6 | "deploy": "webpack --mode production",
7 | "watch": "webpack --mode development --watch"
8 | },
9 | "dependencies": {
10 | "phoenix": "file:../deps/phoenix",
11 | "phoenix_html": "file:../deps/phoenix_html"
12 | },
13 | "devDependencies": {
14 | "@babel/core": "^7.0.0",
15 | "@babel/preset-env": "^7.0.0",
16 | "babel-loader": "^8.0.0",
17 | "copy-webpack-plugin": "^5.1.1",
18 | "css-loader": "^3.4.2",
19 | "hard-source-webpack-plugin": "^0.13.1",
20 | "mini-css-extract-plugin": "^0.9.0",
21 | "node-sass": "^4.13.1",
22 | "optimize-css-assets-webpack-plugin": "^5.0.1",
23 | "sass-loader": "^8.0.2",
24 | "terser-webpack-plugin": "^2.3.2",
25 | "webpack": "4.41.5",
26 | "webpack-cli": "^3.3.2"
27 | }
28 | }
29 |
--------------------------------------------------------------------------------
/assets/static/favicon.ico:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/elixirfocus/webhook_signature/133371c9300af5f4564a03d6a123141dab958501/assets/static/favicon.ico
--------------------------------------------------------------------------------
/assets/static/images/phoenix.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/elixirfocus/webhook_signature/133371c9300af5f4564a03d6a123141dab958501/assets/static/images/phoenix.png
--------------------------------------------------------------------------------
/assets/static/robots.txt:
--------------------------------------------------------------------------------
1 | # See http://www.robotstxt.org/robotstxt.html for documentation on how to use the robots.txt file
2 | #
3 | # To ban all spiders from the entire site uncomment the next two lines:
4 | # User-agent: *
5 | # Disallow: /
6 |
--------------------------------------------------------------------------------
/assets/webpack.config.js:
--------------------------------------------------------------------------------
1 | const path = require('path');
2 | const glob = require('glob');
3 | const HardSourceWebpackPlugin = require('hard-source-webpack-plugin');
4 | const MiniCssExtractPlugin = require('mini-css-extract-plugin');
5 | const TerserPlugin = require('terser-webpack-plugin');
6 | const OptimizeCSSAssetsPlugin = require('optimize-css-assets-webpack-plugin');
7 | const CopyWebpackPlugin = require('copy-webpack-plugin');
8 |
9 | module.exports = (env, options) => {
10 | const devMode = options.mode !== 'production';
11 |
12 | return {
13 | optimization: {
14 | minimizer: [
15 | new TerserPlugin({ cache: true, parallel: true, sourceMap: devMode }),
16 | new OptimizeCSSAssetsPlugin({})
17 | ]
18 | },
19 | entry: {
20 | 'app': glob.sync('./vendor/**/*.js').concat(['./js/app.js'])
21 | },
22 | output: {
23 | filename: '[name].js',
24 | path: path.resolve(__dirname, '../priv/static/js'),
25 | publicPath: '/js/'
26 | },
27 | devtool: devMode ? 'eval-cheap-module-source-map' : undefined,
28 | module: {
29 | rules: [
30 | {
31 | test: /\.js$/,
32 | exclude: /node_modules/,
33 | use: {
34 | loader: 'babel-loader'
35 | }
36 | },
37 | {
38 | test: /\.[s]?css$/,
39 | use: [
40 | MiniCssExtractPlugin.loader,
41 | 'css-loader',
42 | 'sass-loader',
43 | ],
44 | }
45 | ]
46 | },
47 | plugins: [
48 | new MiniCssExtractPlugin({ filename: '../css/app.css' }),
49 | new CopyWebpackPlugin([{ from: 'static/', to: '../' }])
50 | ]
51 | .concat(devMode ? [new HardSourceWebpackPlugin()] : [])
52 | }
53 | };
54 |
--------------------------------------------------------------------------------
/config/config.exs:
--------------------------------------------------------------------------------
1 | # This file is responsible for configuring your application
2 | # and its dependencies with the aid of the Mix.Config module.
3 | #
4 | # This configuration file is loaded before any dependency and
5 | # is restricted to this project.
6 |
7 | # General application configuration
8 | use Mix.Config
9 |
10 | config :webhook_signature,
11 | ecto_repos: [WebhookSignature.Repo]
12 |
13 | # Configures the endpoint
14 | config :webhook_signature, WebhookSignatureWeb.Endpoint,
15 | url: [host: "localhost"],
16 | secret_key_base: "6GIdfVJV2HYMieWU9uQ6bZbVOUNVrVu8x1deQCr1PY66Pq7ZTkv14vjv7SWwiKjR",
17 | render_errors: [view: WebhookSignatureWeb.ErrorView, accepts: ~w(html json), layout: false],
18 | pubsub_server: WebhookSignature.PubSub,
19 | live_view: [signing_salt: "4lidY2FA"]
20 |
21 | # Configures Elixir's Logger
22 | config :logger, :console,
23 | format: "$time $metadata[$level] $message\n",
24 | metadata: [:request_id]
25 |
26 | # Use Jason for JSON parsing in Phoenix
27 | config :phoenix, :json_library, Jason
28 |
29 | # Import environment specific config. This must remain at the bottom
30 | # of this file so it overrides the configuration defined above.
31 | import_config "#{Mix.env()}.exs"
32 |
--------------------------------------------------------------------------------
/config/dev.exs:
--------------------------------------------------------------------------------
1 | use Mix.Config
2 |
3 | # Configure your database
4 | config :webhook_signature, WebhookSignature.Repo,
5 | username: "postgres",
6 | password: "postgres",
7 | database: "webhook_signature_dev",
8 | hostname: "localhost",
9 | show_sensitive_data_on_connection_error: true,
10 | pool_size: 10
11 |
12 | # For development, we disable any cache and enable
13 | # debugging and code reloading.
14 | #
15 | # The watchers configuration can be used to run external
16 | # watchers to your application. For example, we use it
17 | # with webpack to recompile .js and .css sources.
18 | config :webhook_signature, WebhookSignatureWeb.Endpoint,
19 | http: [port: 4000],
20 | debug_errors: true,
21 | code_reloader: true,
22 | check_origin: false,
23 | watchers: [
24 | node: [
25 | "node_modules/webpack/bin/webpack.js",
26 | "--mode",
27 | "development",
28 | "--watch-stdin",
29 | cd: Path.expand("../assets", __DIR__)
30 | ]
31 | ]
32 |
33 | # ## SSL Support
34 | #
35 | # In order to use HTTPS in development, a self-signed
36 | # certificate can be generated by running the following
37 | # Mix task:
38 | #
39 | # mix phx.gen.cert
40 | #
41 | # Note that this task requires Erlang/OTP 20 or later.
42 | # Run `mix help phx.gen.cert` for more information.
43 | #
44 | # The `http:` config above can be replaced with:
45 | #
46 | # https: [
47 | # port: 4001,
48 | # cipher_suite: :strong,
49 | # keyfile: "priv/cert/selfsigned_key.pem",
50 | # certfile: "priv/cert/selfsigned.pem"
51 | # ],
52 | #
53 | # If desired, both `http:` and `https:` keys can be
54 | # configured to run both http and https servers on
55 | # different ports.
56 |
57 | # Watch static and templates for browser reloading.
58 | config :webhook_signature, WebhookSignatureWeb.Endpoint,
59 | live_reload: [
60 | patterns: [
61 | ~r"priv/static/.*(js|css|png|jpeg|jpg|gif|svg)$",
62 | ~r"priv/gettext/.*(po)$",
63 | ~r"lib/webhook_signature_web/(live|views)/.*(ex)$",
64 | ~r"lib/webhook_signature_web/templates/.*(eex)$"
65 | ]
66 | ]
67 |
68 | # Do not include metadata nor timestamps in development logs
69 | config :logger, :console, format: "[$level] $message\n"
70 |
71 | # Set a higher stacktrace during development. Avoid configuring such
72 | # in production as building large stacktraces may be expensive.
73 | config :phoenix, :stacktrace_depth, 20
74 |
75 | # Initialize plugs at runtime for faster development compilation
76 | config :phoenix, :plug_init_mode, :runtime
77 |
78 | # This is the secret we would share with GitHub when setting up the webhook.
79 | config :webhook_signature, :github, webhook_secret: "secretstuff"
80 |
--------------------------------------------------------------------------------
/config/prod.exs:
--------------------------------------------------------------------------------
1 | use Mix.Config
2 |
3 | # For production, don't forget to configure the url host
4 | # to something meaningful, Phoenix uses this information
5 | # when generating URLs.
6 | #
7 | # Note we also include the path to a cache manifest
8 | # containing the digested version of static files. This
9 | # manifest is generated by the `mix phx.digest` task,
10 | # which you should run after static files are built and
11 | # before starting your production server.
12 | config :webhook_signature, WebhookSignatureWeb.Endpoint,
13 | url: [host: "example.com", port: 80],
14 | cache_static_manifest: "priv/static/cache_manifest.json"
15 |
16 | # Do not print debug messages in production
17 | config :logger, level: :info
18 |
19 | # ## SSL Support
20 | #
21 | # To get SSL working, you will need to add the `https` key
22 | # to the previous section and set your `:url` port to 443:
23 | #
24 | # config :webhook_signature, WebhookSignatureWeb.Endpoint,
25 | # ...
26 | # url: [host: "example.com", port: 443],
27 | # https: [
28 | # port: 443,
29 | # cipher_suite: :strong,
30 | # keyfile: System.get_env("SOME_APP_SSL_KEY_PATH"),
31 | # certfile: System.get_env("SOME_APP_SSL_CERT_PATH"),
32 | # transport_options: [socket_opts: [:inet6]]
33 | # ]
34 | #
35 | # The `cipher_suite` is set to `:strong` to support only the
36 | # latest and more secure SSL ciphers. This means old browsers
37 | # and clients may not be supported. You can set it to
38 | # `:compatible` for wider support.
39 | #
40 | # `:keyfile` and `:certfile` expect an absolute path to the key
41 | # and cert in disk or a relative path inside priv, for example
42 | # "priv/ssl/server.key". For all supported SSL configuration
43 | # options, see https://hexdocs.pm/plug/Plug.SSL.html#configure/1
44 | #
45 | # We also recommend setting `force_ssl` in your endpoint, ensuring
46 | # no data is ever sent via http, always redirecting to https:
47 | #
48 | # config :webhook_signature, WebhookSignatureWeb.Endpoint,
49 | # force_ssl: [hsts: true]
50 | #
51 | # Check `Plug.SSL` for all available options in `force_ssl`.
52 |
53 | # Finally import the config/prod.secret.exs which loads secrets
54 | # and configuration from environment variables.
55 | import_config "prod.secret.exs"
56 |
--------------------------------------------------------------------------------
/config/prod.secret.exs:
--------------------------------------------------------------------------------
1 | # In this file, we load production configuration and secrets
2 | # from environment variables. You can also hardcode secrets,
3 | # although such is generally not recommended and you have to
4 | # remember to add this file to your .gitignore.
5 | use Mix.Config
6 |
7 | database_url =
8 | System.get_env("DATABASE_URL") ||
9 | raise """
10 | environment variable DATABASE_URL is missing.
11 | For example: ecto://USER:PASS@HOST/DATABASE
12 | """
13 |
14 | config :webhook_signature, WebhookSignature.Repo,
15 | # ssl: true,
16 | url: database_url,
17 | pool_size: String.to_integer(System.get_env("POOL_SIZE") || "10")
18 |
19 | secret_key_base =
20 | System.get_env("SECRET_KEY_BASE") ||
21 | raise """
22 | environment variable SECRET_KEY_BASE is missing.
23 | You can generate one by calling: mix phx.gen.secret
24 | """
25 |
26 | config :webhook_signature, WebhookSignatureWeb.Endpoint,
27 | http: [
28 | port: String.to_integer(System.get_env("PORT") || "4000"),
29 | transport_options: [socket_opts: [:inet6]]
30 | ],
31 | secret_key_base: secret_key_base
32 |
33 | # ## Using releases (Elixir v1.9+)
34 | #
35 | # If you are doing OTP releases, you need to instruct Phoenix
36 | # to start each relevant endpoint:
37 | #
38 | # config :webhook_signature, WebhookSignatureWeb.Endpoint, server: true
39 | #
40 | # Then you can assemble a release by calling `mix release`.
41 | # See `mix help release` for more information.
42 |
--------------------------------------------------------------------------------
/config/test.exs:
--------------------------------------------------------------------------------
1 | use Mix.Config
2 |
3 | # Configure your database
4 | #
5 | # The MIX_TEST_PARTITION environment variable can be used
6 | # to provide built-in test partitioning in CI environment.
7 | # Run `mix help test` for more information.
8 | config :webhook_signature, WebhookSignature.Repo,
9 | username: "postgres",
10 | password: "postgres",
11 | database: "webhook_signature_test#{System.get_env("MIX_TEST_PARTITION")}",
12 | hostname: "localhost",
13 | pool: Ecto.Adapters.SQL.Sandbox
14 |
15 | # We don't run a server during test. If one is required,
16 | # you can enable the server option below.
17 | config :webhook_signature, WebhookSignatureWeb.Endpoint,
18 | http: [port: 4002],
19 | server: false
20 |
21 | # Print only warnings and errors during test
22 | config :logger, level: :warn
23 |
24 | config :webhook_signature, :github, webhook_secret: nil
25 |
--------------------------------------------------------------------------------
/lib/webhook_signature.ex:
--------------------------------------------------------------------------------
1 | defmodule WebhookSignature do
2 | @moduledoc """
3 | WebhookSignature keeps the contexts that define your domain
4 | and business logic.
5 |
6 | Contexts are also responsible for managing your data, regardless
7 | if it comes from the database, an external API or others.
8 | """
9 | end
10 |
--------------------------------------------------------------------------------
/lib/webhook_signature/application.ex:
--------------------------------------------------------------------------------
1 | defmodule WebhookSignature.Application do
2 | # See https://hexdocs.pm/elixir/Application.html
3 | # for more information on OTP Applications
4 | @moduledoc false
5 |
6 | use Application
7 |
8 | def start(_type, _args) do
9 | children = [
10 | # Start the Ecto repository
11 | WebhookSignature.Repo,
12 | # Start the Telemetry supervisor
13 | WebhookSignatureWeb.Telemetry,
14 | # Start the PubSub system
15 | {Phoenix.PubSub, name: WebhookSignature.PubSub},
16 | # Start the Endpoint (http/https)
17 | WebhookSignatureWeb.Endpoint
18 | # Start a worker by calling: WebhookSignature.Worker.start_link(arg)
19 | # {WebhookSignature.Worker, arg}
20 | ]
21 |
22 | # See https://hexdocs.pm/elixir/Supervisor.html
23 | # for other strategies and supported options
24 | opts = [strategy: :one_for_one, name: WebhookSignature.Supervisor]
25 | Supervisor.start_link(children, opts)
26 | end
27 |
28 | # Tell Phoenix to update the endpoint configuration
29 | # whenever the application is updated.
30 | def config_change(changed, _new, removed) do
31 | WebhookSignatureWeb.Endpoint.config_change(changed, removed)
32 | :ok
33 | end
34 | end
35 |
--------------------------------------------------------------------------------
/lib/webhook_signature/payload_validator.ex:
--------------------------------------------------------------------------------
1 | defmodule WebhookSignature.PayloadValidator do
2 | alias Plug.Conn
3 |
4 | def is_authentic_payload?(%Conn{req_headers: req_headers}, payload) do
5 | case signature_from_req_headers(req_headers) do
6 | nil ->
7 | false
8 |
9 | signature ->
10 | is_payload_signature_valid?(signature, payload)
11 | end
12 | end
13 |
14 | defp signature_from_req_headers(req_headers) do
15 | case List.keyfind(req_headers, "x-hub-signature", 0) do
16 | {"x-hub-signature", full_signature} ->
17 | "sha256=" <> signature = full_signature
18 | signature
19 |
20 | _ ->
21 | nil
22 | end
23 | end
24 |
25 | defp is_payload_signature_valid?(payload_signature, payload) do
26 | case generate_payload_signature(payload, webhook_secret()) do
27 | {:ok, generated_payload_signature} ->
28 | Plug.Crypto.secure_compare(generated_payload_signature, payload_signature)
29 |
30 | _ ->
31 | false
32 | end
33 | end
34 |
35 | def generate_payload_signature(_, nil) do
36 | {:error, :missing_app_secret}
37 | end
38 |
39 | def generate_payload_signature(payload, app_secret) do
40 | {:ok, :crypto.mac(:hmac, :sha256, app_secret, payload) |> Base.encode16(case: :lower)}
41 | end
42 |
43 | defp webhook_secret do
44 | Keyword.fetch!(Application.fetch_env!(:webhook_signature, :github), :webhook_secret)
45 | end
46 | end
47 |
--------------------------------------------------------------------------------
/lib/webhook_signature/repo.ex:
--------------------------------------------------------------------------------
1 | defmodule WebhookSignature.Repo do
2 | use Ecto.Repo,
3 | otp_app: :webhook_signature,
4 | adapter: Ecto.Adapters.Postgres
5 | end
6 |
--------------------------------------------------------------------------------
/lib/webhook_signature_web.ex:
--------------------------------------------------------------------------------
1 | defmodule WebhookSignatureWeb do
2 | @moduledoc """
3 | The entrypoint for defining your web interface, such
4 | as controllers, views, channels and so on.
5 |
6 | This can be used in your application as:
7 |
8 | use WebhookSignatureWeb, :controller
9 | use WebhookSignatureWeb, :view
10 |
11 | The definitions below will be executed for every view,
12 | controller, etc, so keep them short and clean, focused
13 | on imports, uses and aliases.
14 |
15 | Do NOT define functions inside the quoted expressions
16 | below. Instead, define any helper function in modules
17 | and import those modules here.
18 | """
19 |
20 | def controller do
21 | quote do
22 | use Phoenix.Controller, namespace: WebhookSignatureWeb
23 |
24 | import Plug.Conn
25 | import WebhookSignatureWeb.Gettext
26 | alias WebhookSignatureWeb.Router.Helpers, as: Routes
27 | end
28 | end
29 |
30 | def view do
31 | quote do
32 | use Phoenix.View,
33 | root: "lib/webhook_signature_web/templates",
34 | namespace: WebhookSignatureWeb
35 |
36 | # Import convenience functions from controllers
37 | import Phoenix.Controller,
38 | only: [get_flash: 1, get_flash: 2, view_module: 1, view_template: 1]
39 |
40 | # Include shared imports and aliases for views
41 | unquote(view_helpers())
42 | end
43 | end
44 |
45 | def router do
46 | quote do
47 | use Phoenix.Router
48 |
49 | import Plug.Conn
50 | import Phoenix.Controller
51 | end
52 | end
53 |
54 | def channel do
55 | quote do
56 | use Phoenix.Channel
57 | import WebhookSignatureWeb.Gettext
58 | end
59 | end
60 |
61 | defp view_helpers do
62 | quote do
63 | # Use all HTML functionality (forms, tags, etc)
64 | use Phoenix.HTML
65 |
66 | # Import basic rendering functionality (render, render_layout, etc)
67 | import Phoenix.View
68 |
69 | import WebhookSignatureWeb.ErrorHelpers
70 | import WebhookSignatureWeb.Gettext
71 | alias WebhookSignatureWeb.Router.Helpers, as: Routes
72 | end
73 | end
74 |
75 | @doc """
76 | When used, dispatch to the appropriate controller/view/etc.
77 | """
78 | defmacro __using__(which) when is_atom(which) do
79 | apply(__MODULE__, which, [])
80 | end
81 | end
82 |
--------------------------------------------------------------------------------
/lib/webhook_signature_web/channels/user_socket.ex:
--------------------------------------------------------------------------------
1 | defmodule WebhookSignatureWeb.UserSocket do
2 | use Phoenix.Socket
3 |
4 | ## Channels
5 | # channel "room:*", WebhookSignatureWeb.RoomChannel
6 |
7 | # Socket params are passed from the client and can
8 | # be used to verify and authenticate a user. After
9 | # verification, you can put default assigns into
10 | # the socket that will be set for all channels, ie
11 | #
12 | # {:ok, assign(socket, :user_id, verified_user_id)}
13 | #
14 | # To deny connection, return `:error`.
15 | #
16 | # See `Phoenix.Token` documentation for examples in
17 | # performing token verification on connect.
18 | @impl true
19 | def connect(_params, socket, _connect_info) do
20 | {:ok, socket}
21 | end
22 |
23 | # Socket id's are topics that allow you to identify all sockets for a given user:
24 | #
25 | # def id(socket), do: "user_socket:#{socket.assigns.user_id}"
26 | #
27 | # Would allow you to broadcast a "disconnect" event and terminate
28 | # all active sockets and channels for a given user:
29 | #
30 | # WebhookSignatureWeb.Endpoint.broadcast("user_socket:#{user.id}", "disconnect", %{})
31 | #
32 | # Returning `nil` makes this socket anonymous.
33 | @impl true
34 | def id(_socket), do: nil
35 | end
36 |
--------------------------------------------------------------------------------
/lib/webhook_signature_web/controllers/github_webhook_controller.ex:
--------------------------------------------------------------------------------
1 | defmodule WebhookSignatureWeb.GitHubWebhookController do
2 | use WebhookSignatureWeb, :controller
3 |
4 | def webhook(conn, _params) do
5 | json(conn, nil)
6 | end
7 | end
8 |
--------------------------------------------------------------------------------
/lib/webhook_signature_web/controllers/page_controller.ex:
--------------------------------------------------------------------------------
1 | defmodule WebhookSignatureWeb.PageController do
2 | use WebhookSignatureWeb, :controller
3 |
4 | def index(conn, _params) do
5 | render(conn, "index.html")
6 | end
7 | end
8 |
--------------------------------------------------------------------------------
/lib/webhook_signature_web/endpoint.ex:
--------------------------------------------------------------------------------
1 | defmodule WebhookSignatureWeb.Endpoint do
2 | use Phoenix.Endpoint, otp_app: :webhook_signature
3 |
4 | # The session will be stored in the cookie and signed,
5 | # this means its contents can be read but not tampered with.
6 | # Set :encryption_salt if you would also like to encrypt it.
7 | @session_options [
8 | store: :cookie,
9 | key: "_webhook_signature_key",
10 | signing_salt: "1VH2yQhw"
11 | ]
12 |
13 | socket "/socket", WebhookSignatureWeb.UserSocket,
14 | websocket: true,
15 | longpoll: false
16 |
17 | socket "/live", Phoenix.LiveView.Socket, websocket: [connect_info: [session: @session_options]]
18 |
19 | # Serve at "/" the static files from "priv/static" directory.
20 | #
21 | # You should set gzip to true if you are running phx.digest
22 | # when deploying your static files in production.
23 | plug Plug.Static,
24 | at: "/",
25 | from: :webhook_signature,
26 | gzip: false,
27 | only: ~w(css fonts images js favicon.ico robots.txt)
28 |
29 | # Code reloading can be explicitly enabled under the
30 | # :code_reloader configuration of your endpoint.
31 | if code_reloading? do
32 | socket "/phoenix/live_reload/socket", Phoenix.LiveReloader.Socket
33 | plug Phoenix.LiveReloader
34 | plug Phoenix.CodeReloader
35 | plug Phoenix.Ecto.CheckRepoStatus, otp_app: :webhook_signature
36 | end
37 |
38 | plug Phoenix.LiveDashboard.RequestLogger,
39 | param_key: "request_logger",
40 | cookie_key: "request_logger"
41 |
42 | plug Plug.RequestId
43 | plug Plug.Telemetry, event_prefix: [:phoenix, :endpoint]
44 |
45 | plug Plug.MethodOverride
46 | plug Plug.Head
47 | plug Plug.Session, @session_options
48 | plug WebhookSignatureWeb.Router
49 | end
50 |
--------------------------------------------------------------------------------
/lib/webhook_signature_web/gettext.ex:
--------------------------------------------------------------------------------
1 | defmodule WebhookSignatureWeb.Gettext do
2 | @moduledoc """
3 | A module providing Internationalization with a gettext-based API.
4 |
5 | By using [Gettext](https://hexdocs.pm/gettext),
6 | your module gains a set of macros for translations, for example:
7 |
8 | import WebhookSignatureWeb.Gettext
9 |
10 | # Simple translation
11 | gettext("Here is the string to translate")
12 |
13 | # Plural translation
14 | ngettext("Here is the string to translate",
15 | "Here are the strings to translate",
16 | 3)
17 |
18 | # Domain-based translation
19 | dgettext("errors", "Here is the error message to translate")
20 |
21 | See the [Gettext Docs](https://hexdocs.pm/gettext) for detailed usage.
22 | """
23 | use Gettext, otp_app: :webhook_signature
24 | end
25 |
--------------------------------------------------------------------------------
/lib/webhook_signature_web/plugs/raw_body_passthrough.ex:
--------------------------------------------------------------------------------
1 | defmodule WebhookSignatureWeb.Plugs.RawBodyPassthrough do
2 | @moduledoc """
3 | This plug will read the body for `POST` and PUT` request and store it into a
4 | new assigns key `:raw_body`.
5 |
6 | This plug is used on certain routes in preference to the default Phoenix
7 | behaviors that would automatically decode the params and request body into
8 | native elixir values for a controller. It is a required choice since the body
9 | of a `Plug.Conn` can only be read from once.
10 | """
11 |
12 | import Plug.Conn
13 | alias Plug.Conn
14 |
15 | @spec init(Keyword.t()) :: Keyword.t()
16 | def init(options), do: options
17 |
18 | @spec call(Conn.t(), term()) :: Conn.t()
19 | def call(%Conn{method: method} = conn, opts) when method == "POST" or method == "PUT" do
20 | case Conn.read_body(conn, opts) do
21 | {:ok, body, _conn_details} ->
22 | Conn.assign(conn, :raw_body, body)
23 |
24 | {:more, _partial_body, _conn_details} ->
25 | conn
26 | |> send_resp(413, "PAYLOAD TOO LARGE")
27 | |> halt
28 | end
29 | end
30 |
31 | def call(conn, _opts), do: Conn.assign(conn, :cached_body, %{})
32 | end
33 |
--------------------------------------------------------------------------------
/lib/webhook_signature_web/plugs/require_payload_signature_match.ex:
--------------------------------------------------------------------------------
1 | defmodule WebhookSignatureWeb.Plugs.RequirePayloadSignatureMatch do
2 | @moduledoc """
3 | This plug will verify that the payload from a webhook request matches the accompanying header signature, based on a previously shared `webhook_secret`.
4 |
5 | When the payload is verified the connection continues as normal.
6 |
7 | When the payload is unverifiable the connection is halted with a 403 response.
8 | """
9 |
10 | import Plug.Conn
11 | alias Plug.Conn
12 | alias WebhookSignature.PayloadValidator
13 |
14 | @spec init(Keyword.t()) :: Keyword.t()
15 | def init(options), do: options
16 |
17 | @spec call(Conn.t(), term()) :: Conn.t()
18 | def call(%Conn{method: method} = conn, _opts) when method == "POST" or method == "PUT" do
19 | case PayloadValidator.is_authentic_payload?(conn, conn.assigns.raw_body) do
20 | true ->
21 | conn
22 |
23 | false ->
24 | conn
25 | |> put_resp_content_type("application/json")
26 | |> send_resp(403, "{\"error\":\"PAYLOAD SIGNATURE FAILED\"}")
27 | |> halt
28 | end
29 | end
30 |
31 | def call(conn, _opts), do: Conn.assign(conn, :cached_body, %{})
32 | end
33 |
--------------------------------------------------------------------------------
/lib/webhook_signature_web/router.ex:
--------------------------------------------------------------------------------
1 | defmodule WebhookSignatureWeb.Router do
2 | use WebhookSignatureWeb, :router
3 |
4 | pipeline :browser do
5 | plug :accepts, ["html"]
6 | plug :fetch_session
7 | plug :fetch_flash
8 | plug :protect_from_forgery
9 | plug :put_secure_browser_headers
10 |
11 | plug Plug.Parsers,
12 | parsers: [:urlencoded, :multipart, :json],
13 | pass: ["*/*"],
14 | json_decoder: Phoenix.json_library()
15 | end
16 |
17 | pipeline :api do
18 | plug :accepts, ["json"]
19 | plug WebhookSignatureWeb.Plugs.RawBodyPassthrough, length: 4_000_000
20 |
21 | # It is important that this comes after `WebhookSignatureWeb.Plugs.RawBodyPassthrough`
22 | # as it relies on the `:raw_body` being inside the `conn.assigns`.
23 | plug WebhookSignatureWeb.Plugs.RequirePayloadSignatureMatch
24 | end
25 |
26 | scope "/", WebhookSignatureWeb do
27 | pipe_through :browser
28 |
29 | get "/", PageController, :index
30 | end
31 |
32 | scope "/github", WebhookSignatureWeb do
33 | pipe_through :api
34 |
35 | post "/webhook", GitHubWebhookController, :webhook
36 | end
37 |
38 | # Other scopes may use custom stacks.
39 | # scope "/api", WebhookSignatureWeb do
40 | # pipe_through :api
41 | # end
42 |
43 | # Enables LiveDashboard only for development
44 | #
45 | # If you want to use the LiveDashboard in production, you should put
46 | # it behind authentication and allow only admins to access it.
47 | # If your application does not have an admins-only section yet,
48 | # you can use Plug.BasicAuth to set up some basic authentication
49 | # as long as you are also using SSL (which you should anyway).
50 | if Mix.env() in [:dev, :test] do
51 | import Phoenix.LiveDashboard.Router
52 |
53 | scope "/" do
54 | pipe_through :browser
55 | live_dashboard "/dashboard", metrics: WebhookSignatureWeb.Telemetry
56 | end
57 | end
58 | end
59 |
--------------------------------------------------------------------------------
/lib/webhook_signature_web/telemetry.ex:
--------------------------------------------------------------------------------
1 | defmodule WebhookSignatureWeb.Telemetry do
2 | use Supervisor
3 | import Telemetry.Metrics
4 |
5 | def start_link(arg) do
6 | Supervisor.start_link(__MODULE__, arg, name: __MODULE__)
7 | end
8 |
9 | @impl true
10 | def init(_arg) do
11 | children = [
12 | # Telemetry poller will execute the given period measurements
13 | # every 10_000ms. Learn more here: https://hexdocs.pm/telemetry_metrics
14 | {:telemetry_poller, measurements: periodic_measurements(), period: 10_000}
15 | # Add reporters as children of your supervision tree.
16 | # {Telemetry.Metrics.ConsoleReporter, metrics: metrics()}
17 | ]
18 |
19 | Supervisor.init(children, strategy: :one_for_one)
20 | end
21 |
22 | def metrics do
23 | [
24 | # Phoenix Metrics
25 | summary("phoenix.endpoint.stop.duration",
26 | unit: {:native, :millisecond}
27 | ),
28 | summary("phoenix.router_dispatch.stop.duration",
29 | tags: [:route],
30 | unit: {:native, :millisecond}
31 | ),
32 |
33 | # Database Metrics
34 | summary("webhook_signature.repo.query.total_time", unit: {:native, :millisecond}),
35 | summary("webhook_signature.repo.query.decode_time", unit: {:native, :millisecond}),
36 | summary("webhook_signature.repo.query.query_time", unit: {:native, :millisecond}),
37 | summary("webhook_signature.repo.query.queue_time", unit: {:native, :millisecond}),
38 | summary("webhook_signature.repo.query.idle_time", unit: {:native, :millisecond}),
39 |
40 | # VM Metrics
41 | summary("vm.memory.total", unit: {:byte, :kilobyte}),
42 | summary("vm.total_run_queue_lengths.total"),
43 | summary("vm.total_run_queue_lengths.cpu"),
44 | summary("vm.total_run_queue_lengths.io")
45 | ]
46 | end
47 |
48 | defp periodic_measurements do
49 | [
50 | # A module, function and arguments to be invoked periodically.
51 | # This function must call :telemetry.execute/3 and a metric must be added above.
52 | # {WebhookSignatureWeb, :count_users, []}
53 | ]
54 | end
55 | end
56 |
--------------------------------------------------------------------------------
/lib/webhook_signature_web/templates/layout/app.html.eex:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 |
6 |
7 | WebhookSignature · Phoenix Framework
8 | "/>
9 |
10 |
11 |
12 |
27 |
28 | <%= get_flash(@conn, :info) %>
29 | <%= get_flash(@conn, :error) %>
30 | <%= @inner_content %>
31 |
32 |
33 |
34 |
--------------------------------------------------------------------------------
/lib/webhook_signature_web/templates/page/index.html.eex:
--------------------------------------------------------------------------------
1 |
2 | <%= gettext "Welcome to %{name}!", name: "Phoenix" %>
3 | Peace of mind from prototype to production
4 |
5 |
6 |
7 |
8 | Resources
9 |
20 |
21 |
22 | Help
23 |
37 |
38 |
39 |
--------------------------------------------------------------------------------
/lib/webhook_signature_web/views/error_helpers.ex:
--------------------------------------------------------------------------------
1 | defmodule WebhookSignatureWeb.ErrorHelpers do
2 | @moduledoc """
3 | Conveniences for translating and building error messages.
4 | """
5 |
6 | use Phoenix.HTML
7 |
8 | @doc """
9 | Generates tag for inlined form input errors.
10 | """
11 | def error_tag(form, field) do
12 | Enum.map(Keyword.get_values(form.errors, field), fn error ->
13 | content_tag(:span, translate_error(error),
14 | class: "invalid-feedback",
15 | phx_feedback_for: input_id(form, field)
16 | )
17 | end)
18 | end
19 |
20 | @doc """
21 | Translates an error message using gettext.
22 | """
23 | def translate_error({msg, opts}) do
24 | # When using gettext, we typically pass the strings we want
25 | # to translate as a static argument:
26 | #
27 | # # Translate "is invalid" in the "errors" domain
28 | # dgettext("errors", "is invalid")
29 | #
30 | # # Translate the number of files with plural rules
31 | # dngettext("errors", "1 file", "%{count} files", count)
32 | #
33 | # Because the error messages we show in our forms and APIs
34 | # are defined inside Ecto, we need to translate them dynamically.
35 | # This requires us to call the Gettext module passing our gettext
36 | # backend as first argument.
37 | #
38 | # Note we use the "errors" domain, which means translations
39 | # should be written to the errors.po file. The :count option is
40 | # set by Ecto and indicates we should also apply plural rules.
41 | if count = opts[:count] do
42 | Gettext.dngettext(WebhookSignatureWeb.Gettext, "errors", msg, msg, count, opts)
43 | else
44 | Gettext.dgettext(WebhookSignatureWeb.Gettext, "errors", msg, opts)
45 | end
46 | end
47 | end
48 |
--------------------------------------------------------------------------------
/lib/webhook_signature_web/views/error_view.ex:
--------------------------------------------------------------------------------
1 | defmodule WebhookSignatureWeb.ErrorView do
2 | use WebhookSignatureWeb, :view
3 |
4 | # If you want to customize a particular status code
5 | # for a certain format, you may uncomment below.
6 | # def render("500.html", _assigns) do
7 | # "Internal Server Error"
8 | # end
9 |
10 | # By default, Phoenix returns the status message from
11 | # the template name. For example, "404.html" becomes
12 | # "Not Found".
13 | def template_not_found(template, _assigns) do
14 | Phoenix.Controller.status_message_from_template(template)
15 | end
16 | end
17 |
--------------------------------------------------------------------------------
/lib/webhook_signature_web/views/github_webhook_view.ex:
--------------------------------------------------------------------------------
1 | defmodule WebhookSignatureWeb.GitHubWebhookView do
2 | use WebhookSignatureWeb, :view
3 | end
4 |
--------------------------------------------------------------------------------
/lib/webhook_signature_web/views/layout_view.ex:
--------------------------------------------------------------------------------
1 | defmodule WebhookSignatureWeb.LayoutView do
2 | use WebhookSignatureWeb, :view
3 | end
4 |
--------------------------------------------------------------------------------
/lib/webhook_signature_web/views/page_view.ex:
--------------------------------------------------------------------------------
1 | defmodule WebhookSignatureWeb.PageView do
2 | use WebhookSignatureWeb, :view
3 | end
4 |
--------------------------------------------------------------------------------
/mix.exs:
--------------------------------------------------------------------------------
1 | defmodule WebhookSignature.MixProject do
2 | use Mix.Project
3 |
4 | def project do
5 | [
6 | app: :webhook_signature,
7 | version: "0.1.0",
8 | elixir: "~> 1.7",
9 | elixirc_paths: elixirc_paths(Mix.env()),
10 | compilers: [:phoenix, :gettext] ++ Mix.compilers(),
11 | start_permanent: Mix.env() == :prod,
12 | aliases: aliases(),
13 | deps: deps()
14 | ]
15 | end
16 |
17 | # Configuration for the OTP application.
18 | #
19 | # Type `mix help compile.app` for more information.
20 | def application do
21 | [
22 | mod: {WebhookSignature.Application, []},
23 | extra_applications: [:logger, :runtime_tools]
24 | ]
25 | end
26 |
27 | # Specifies which paths to compile per environment.
28 | defp elixirc_paths(:test), do: ["lib", "test/support"]
29 | defp elixirc_paths(_), do: ["lib"]
30 |
31 | # Specifies your project dependencies.
32 | #
33 | # Type `mix help deps` for examples and options.
34 | defp deps do
35 | [
36 | {:phoenix, "~> 1.5.7"},
37 | {:phoenix_ecto, "~> 4.1"},
38 | {:ecto_sql, "~> 3.4"},
39 | {:postgrex, ">= 0.0.0"},
40 | {:phoenix_html, "~> 2.11"},
41 | {:phoenix_live_reload, "~> 1.2", only: :dev},
42 | {:phoenix_live_dashboard, "~> 0.4"},
43 | {:telemetry_metrics, "~> 0.4"},
44 | {:telemetry_poller, "~> 0.4"},
45 | {:gettext, "~> 0.11"},
46 | {:jason, "~> 1.0"},
47 | {:plug_cowboy, "~> 2.0"}
48 | ]
49 | end
50 |
51 | # Aliases are shortcuts or tasks specific to the current project.
52 | # For example, to install project dependencies and perform other setup tasks, run:
53 | #
54 | # $ mix setup
55 | #
56 | # See the documentation for `Mix` for more info on aliases.
57 | defp aliases do
58 | [
59 | setup: ["deps.get", "ecto.setup", "cmd npm install --prefix assets"],
60 | "ecto.setup": ["ecto.create", "ecto.migrate", "run priv/repo/seeds.exs"],
61 | "ecto.reset": ["ecto.drop", "ecto.setup"],
62 | test: ["ecto.create --quiet", "ecto.migrate --quiet", "test"]
63 | ]
64 | end
65 | end
66 |
--------------------------------------------------------------------------------
/mix.lock:
--------------------------------------------------------------------------------
1 | %{
2 | "connection": {:hex, :connection, "1.1.0", "ff2a49c4b75b6fb3e674bfc5536451607270aac754ffd1bdfe175abe4a6d7a68", [:mix], [], "hexpm", "722c1eb0a418fbe91ba7bd59a47e28008a189d47e37e0e7bb85585a016b2869c"},
3 | "cowboy": {:hex, :cowboy, "2.9.0", "865dd8b6607e14cf03282e10e934023a1bd8be6f6bacf921a7e2a96d800cd452", [:make, :rebar3], [{:cowlib, "2.11.0", [hex: :cowlib, repo: "hexpm", optional: false]}, {:ranch, "1.8.0", [hex: :ranch, repo: "hexpm", optional: false]}], "hexpm", "2c729f934b4e1aa149aff882f57c6372c15399a20d54f65c8d67bef583021bde"},
4 | "cowboy_telemetry": {:hex, :cowboy_telemetry, "0.3.1", "ebd1a1d7aff97f27c66654e78ece187abdc646992714164380d8a041eda16754", [:rebar3], [{:cowboy, "~> 2.7", [hex: :cowboy, repo: "hexpm", optional: false]}, {:telemetry, "~> 0.4", [hex: :telemetry, repo: "hexpm", optional: false]}], "hexpm", "3a6efd3366130eab84ca372cbd4a7d3c3a97bdfcfb4911233b035d117063f0af"},
5 | "cowlib": {:hex, :cowlib, "2.11.0", "0b9ff9c346629256c42ebe1eeb769a83c6cb771a6ee5960bd110ab0b9b872063", [:make, :rebar3], [], "hexpm", "2b3e9da0b21c4565751a6d4901c20d1b4cc25cbb7fd50d91d2ab6dd287bc86a9"},
6 | "db_connection": {:hex, :db_connection, "2.4.0", "d04b1b73795dae60cead94189f1b8a51cc9e1f911c234cc23074017c43c031e5", [:mix], [{:connection, "~> 1.0", [hex: :connection, repo: "hexpm", optional: false]}, {:telemetry, "~> 0.4 or ~> 1.0", [hex: :telemetry, repo: "hexpm", optional: false]}], "hexpm", "ad416c21ad9f61b3103d254a71b63696ecadb6a917b36f563921e0de00d7d7c8"},
7 | "decimal": {:hex, :decimal, "2.0.0", "a78296e617b0f5dd4c6caf57c714431347912ffb1d0842e998e9792b5642d697", [:mix], [], "hexpm", "34666e9c55dea81013e77d9d87370fe6cb6291d1ef32f46a1600230b1d44f577"},
8 | "ecto": {:hex, :ecto, "3.6.2", "efdf52acfc4ce29249bab5417415bd50abd62db7b0603b8bab0d7b996548c2bc", [:mix], [{:decimal, "~> 1.6 or ~> 2.0", [hex: :decimal, repo: "hexpm", optional: false]}, {:jason, "~> 1.0", [hex: :jason, repo: "hexpm", optional: true]}, {:telemetry, "~> 0.4", [hex: :telemetry, repo: "hexpm", optional: false]}], "hexpm", "efad6dfb04e6f986b8a3047822b0f826d9affe8e4ebdd2aeedbfcb14fd48884e"},
9 | "ecto_sql": {:hex, :ecto_sql, "3.6.2", "9526b5f691701a5181427634c30655ac33d11e17e4069eff3ae1176c764e0ba3", [:mix], [{:db_connection, "~> 2.2", [hex: :db_connection, repo: "hexpm", optional: false]}, {:ecto, "~> 3.6.2", [hex: :ecto, repo: "hexpm", optional: false]}, {:myxql, "~> 0.4.0 or ~> 0.5.0", [hex: :myxql, repo: "hexpm", optional: true]}, {:postgrex, "~> 0.15.0 or ~> 1.0", [hex: :postgrex, repo: "hexpm", optional: true]}, {:tds, "~> 2.1.1", [hex: :tds, repo: "hexpm", optional: true]}, {:telemetry, "~> 0.4.0", [hex: :telemetry, repo: "hexpm", optional: false]}], "hexpm", "5ec9d7e6f742ea39b63aceaea9ac1d1773d574ea40df5a53ef8afbd9242fdb6b"},
10 | "file_system": {:hex, :file_system, "0.2.10", "fb082005a9cd1711c05b5248710f8826b02d7d1784e7c3451f9c1231d4fc162d", [:mix], [], "hexpm", "41195edbfb562a593726eda3b3e8b103a309b733ad25f3d642ba49696bf715dc"},
11 | "gettext": {:hex, :gettext, "0.18.2", "7df3ea191bb56c0309c00a783334b288d08a879f53a7014341284635850a6e55", [:mix], [], "hexpm", "f9f537b13d4fdd30f3039d33cb80144c3aa1f8d9698e47d7bcbcc8df93b1f5c5"},
12 | "jason": {:hex, :jason, "1.2.2", "ba43e3f2709fd1aa1dce90aaabfd039d000469c05c56f0b8e31978e03fa39052", [:mix], [{:decimal, "~> 1.0 or ~> 2.0", [hex: :decimal, repo: "hexpm", optional: true]}], "hexpm", "18a228f5f0058ee183f29f9eae0805c6e59d61c3b006760668d8d18ff0d12179"},
13 | "mime": {:hex, :mime, "1.6.0", "dabde576a497cef4bbdd60aceee8160e02a6c89250d6c0b29e56c0dfb00db3d2", [:mix], [], "hexpm", "31a1a8613f8321143dde1dafc36006a17d28d02bdfecb9e95a880fa7aabd19a7"},
14 | "phoenix": {:hex, :phoenix, "1.5.9", "a6368d36cfd59d917b37c44386e01315bc89f7609a10a45a22f47c007edf2597", [:mix], [{:jason, "~> 1.0", [hex: :jason, repo: "hexpm", optional: true]}, {:phoenix_html, "~> 2.13 or ~> 3.0", [hex: :phoenix_html, repo: "hexpm", optional: true]}, {:phoenix_pubsub, "~> 2.0", [hex: :phoenix_pubsub, repo: "hexpm", optional: false]}, {:plug, "~> 1.10", [hex: :plug, repo: "hexpm", optional: false]}, {:plug_cowboy, "~> 1.0 or ~> 2.2", [hex: :plug_cowboy, repo: "hexpm", optional: true]}, {:plug_crypto, "~> 1.1.2 or ~> 1.2", [hex: :plug_crypto, repo: "hexpm", optional: false]}, {:telemetry, "~> 0.4", [hex: :telemetry, repo: "hexpm", optional: false]}], "hexpm", "7e4bce20a67c012f1fbb0af90e5da49fa7bf0d34e3a067795703b74aef75427d"},
15 | "phoenix_ecto": {:hex, :phoenix_ecto, "4.3.0", "2c69a452c2e0ee8c93345ae1cdc1696ef4877ff9cbb15c305def41960c3c4ebf", [:mix], [{:ecto, "~> 3.0", [hex: :ecto, repo: "hexpm", optional: false]}, {:phoenix_html, "~> 2.14.2 or ~> 3.0", [hex: :phoenix_html, repo: "hexpm", optional: true]}, {:plug, "~> 1.0", [hex: :plug, repo: "hexpm", optional: false]}], "hexpm", "0ac491924217550c8f42c81c1f390b5d81517d12ceaf9abf3e701156760a848e"},
16 | "phoenix_html": {:hex, :phoenix_html, "2.14.3", "51f720d0d543e4e157ff06b65de38e13303d5778a7919bcc696599e5934271b8", [:mix], [{:plug, "~> 1.5", [hex: :plug, repo: "hexpm", optional: false]}], "hexpm", "efd697a7fff35a13eeeb6b43db884705cba353a1a41d127d118fda5f90c8e80f"},
17 | "phoenix_live_dashboard": {:hex, :phoenix_live_dashboard, "0.4.0", "87990e68b60213d7487e65814046f9a2bed4a67886c943270125913499b3e5c3", [:mix], [{:ecto_psql_extras, "~> 0.4.1 or ~> 0.5", [hex: :ecto_psql_extras, repo: "hexpm", optional: true]}, {:phoenix_html, "~> 2.14.1 or ~> 2.15", [hex: :phoenix_html, repo: "hexpm", optional: false]}, {:phoenix_live_view, "~> 0.15.0", [hex: :phoenix_live_view, repo: "hexpm", optional: false]}, {:telemetry_metrics, "~> 0.4.0 or ~> 0.5.0 or ~> 0.6.0", [hex: :telemetry_metrics, repo: "hexpm", optional: false]}], "hexpm", "8d52149e58188e9e4497cc0d8900ab94d9b66f96998ec38c47c7a4f8f4f50e57"},
18 | "phoenix_live_reload": {:hex, :phoenix_live_reload, "1.3.3", "3a53772a6118d5679bf50fc1670505a290e32a1d195df9e069d8c53ab040c054", [:mix], [{:file_system, "~> 0.2.1 or ~> 0.3", [hex: :file_system, repo: "hexpm", optional: false]}, {:phoenix, "~> 1.4", [hex: :phoenix, repo: "hexpm", optional: false]}], "hexpm", "766796676e5f558dbae5d1bdb066849673e956005e3730dfd5affd7a6da4abac"},
19 | "phoenix_live_view": {:hex, :phoenix_live_view, "0.15.7", "09720b8e5151b3ca8ef739cd7626d4feb987c69ba0b509c9bbdb861d5a365881", [:mix], [{:jason, "~> 1.0", [hex: :jason, repo: "hexpm", optional: true]}, {:phoenix, "~> 1.5.7", [hex: :phoenix, repo: "hexpm", optional: false]}, {:phoenix_html, "~> 2.14", [hex: :phoenix_html, repo: "hexpm", optional: false]}, {:telemetry, "~> 0.4.2 or ~> 0.5", [hex: :telemetry, repo: "hexpm", optional: false]}], "hexpm", "3a756cf662420272d0f1b3b908cce5222163b5a95aa9bab404f9d29aff53276e"},
20 | "phoenix_pubsub": {:hex, :phoenix_pubsub, "2.0.0", "a1ae76717bb168cdeb10ec9d92d1480fec99e3080f011402c0a2d68d47395ffb", [:mix], [], "hexpm", "c52d948c4f261577b9c6fa804be91884b381a7f8f18450c5045975435350f771"},
21 | "plug": {:hex, :plug, "1.12.0", "39dc7f1ef8c46bb1bf6dd8f6a49f526c45b4b92ce553687fd885b559a46d0230", [:mix], [{:mime, "~> 1.0 or ~> 2.0", [hex: :mime, repo: "hexpm", optional: false]}, {:plug_crypto, "~> 1.1.1 or ~> 1.2", [hex: :plug_crypto, repo: "hexpm", optional: false]}, {:telemetry, "~> 0.4 or ~> 1.0", [hex: :telemetry, repo: "hexpm", optional: false]}], "hexpm", "5282c76e89efdf43f2e04bd268ca99d738039f9518137f02ff468cee3ba78096"},
22 | "plug_cowboy": {:hex, :plug_cowboy, "2.5.1", "7cc96ff645158a94cf3ec9744464414f02287f832d6847079adfe0b58761cbd0", [:mix], [{:cowboy, "~> 2.7", [hex: :cowboy, repo: "hexpm", optional: false]}, {:cowboy_telemetry, "~> 0.3", [hex: :cowboy_telemetry, repo: "hexpm", optional: false]}, {:plug, "~> 1.7", [hex: :plug, repo: "hexpm", optional: false]}, {:telemetry, "~> 0.4 or ~> 1.0", [hex: :telemetry, repo: "hexpm", optional: false]}], "hexpm", "107d0a5865fa92bcb48e631cc0729ae9ccfa0a9f9a1bd8f01acb513abf1c2d64"},
23 | "plug_crypto": {:hex, :plug_crypto, "1.2.2", "05654514ac717ff3a1843204b424477d9e60c143406aa94daf2274fdd280794d", [:mix], [], "hexpm", "87631c7ad914a5a445f0a3809f99b079113ae4ed4b867348dd9eec288cecb6db"},
24 | "postgrex": {:hex, :postgrex, "0.15.10", "2809dee1b1d76f7cbabe570b2a9285c2e7b41be60cf792f5f2804a54b838a067", [:mix], [{:connection, "~> 1.0", [hex: :connection, repo: "hexpm", optional: false]}, {:db_connection, "~> 2.1", [hex: :db_connection, repo: "hexpm", optional: false]}, {:decimal, "~> 1.5 or ~> 2.0", [hex: :decimal, repo: "hexpm", optional: false]}, {:jason, "~> 1.0", [hex: :jason, repo: "hexpm", optional: true]}], "hexpm", "1560ca427542f6b213f8e281633ae1a3b31cdbcd84ebd7f50628765b8f6132be"},
25 | "ranch": {:hex, :ranch, "1.8.0", "8c7a100a139fd57f17327b6413e4167ac559fbc04ca7448e9be9057311597a1d", [:make, :rebar3], [], "hexpm", "49fbcfd3682fab1f5d109351b61257676da1a2fdbe295904176d5e521a2ddfe5"},
26 | "telemetry": {:hex, :telemetry, "0.4.3", "a06428a514bdbc63293cd9a6263aad00ddeb66f608163bdec7c8995784080818", [:rebar3], [], "hexpm", "eb72b8365ffda5bed68a620d1da88525e326cb82a75ee61354fc24b844768041"},
27 | "telemetry_metrics": {:hex, :telemetry_metrics, "0.6.1", "315d9163a1d4660aedc3fee73f33f1d355dcc76c5c3ab3d59e76e3edf80eef1f", [:mix], [{:telemetry, "~> 0.4 or ~> 1.0", [hex: :telemetry, repo: "hexpm", optional: false]}], "hexpm", "7be9e0871c41732c233be71e4be11b96e56177bf15dde64a8ac9ce72ac9834c6"},
28 | "telemetry_poller": {:hex, :telemetry_poller, "0.5.1", "21071cc2e536810bac5628b935521ff3e28f0303e770951158c73eaaa01e962a", [:rebar3], [{:telemetry, "~> 0.4", [hex: :telemetry, repo: "hexpm", optional: false]}], "hexpm", "4cab72069210bc6e7a080cec9afffad1b33370149ed5d379b81c7c5f0c663fd4"},
29 | }
30 |
--------------------------------------------------------------------------------
/priv/gettext/en/LC_MESSAGES/errors.po:
--------------------------------------------------------------------------------
1 | ## `msgid`s in this file come from POT (.pot) files.
2 | ##
3 | ## Do not add, change, or remove `msgid`s manually here as
4 | ## they're tied to the ones in the corresponding POT file
5 | ## (with the same domain).
6 | ##
7 | ## Use `mix gettext.extract --merge` or `mix gettext.merge`
8 | ## to merge POT files into PO files.
9 | msgid ""
10 | msgstr ""
11 | "Language: en\n"
12 |
13 | ## From Ecto.Changeset.cast/4
14 | msgid "can't be blank"
15 | msgstr ""
16 |
17 | ## From Ecto.Changeset.unique_constraint/3
18 | msgid "has already been taken"
19 | msgstr ""
20 |
21 | ## From Ecto.Changeset.put_change/3
22 | msgid "is invalid"
23 | msgstr ""
24 |
25 | ## From Ecto.Changeset.validate_acceptance/3
26 | msgid "must be accepted"
27 | msgstr ""
28 |
29 | ## From Ecto.Changeset.validate_format/3
30 | msgid "has invalid format"
31 | msgstr ""
32 |
33 | ## From Ecto.Changeset.validate_subset/3
34 | msgid "has an invalid entry"
35 | msgstr ""
36 |
37 | ## From Ecto.Changeset.validate_exclusion/3
38 | msgid "is reserved"
39 | msgstr ""
40 |
41 | ## From Ecto.Changeset.validate_confirmation/3
42 | msgid "does not match confirmation"
43 | msgstr ""
44 |
45 | ## From Ecto.Changeset.no_assoc_constraint/3
46 | msgid "is still associated with this entry"
47 | msgstr ""
48 |
49 | msgid "are still associated with this entry"
50 | msgstr ""
51 |
52 | ## From Ecto.Changeset.validate_length/3
53 | msgid "should be %{count} character(s)"
54 | msgid_plural "should be %{count} character(s)"
55 | msgstr[0] ""
56 | msgstr[1] ""
57 |
58 | msgid "should have %{count} item(s)"
59 | msgid_plural "should have %{count} item(s)"
60 | msgstr[0] ""
61 | msgstr[1] ""
62 |
63 | msgid "should be at least %{count} character(s)"
64 | msgid_plural "should be at least %{count} character(s)"
65 | msgstr[0] ""
66 | msgstr[1] ""
67 |
68 | msgid "should have at least %{count} item(s)"
69 | msgid_plural "should have at least %{count} item(s)"
70 | msgstr[0] ""
71 | msgstr[1] ""
72 |
73 | msgid "should be at most %{count} character(s)"
74 | msgid_plural "should be at most %{count} character(s)"
75 | msgstr[0] ""
76 | msgstr[1] ""
77 |
78 | msgid "should have at most %{count} item(s)"
79 | msgid_plural "should have at most %{count} item(s)"
80 | msgstr[0] ""
81 | msgstr[1] ""
82 |
83 | ## From Ecto.Changeset.validate_number/3
84 | msgid "must be less than %{number}"
85 | msgstr ""
86 |
87 | msgid "must be greater than %{number}"
88 | msgstr ""
89 |
90 | msgid "must be less than or equal to %{number}"
91 | msgstr ""
92 |
93 | msgid "must be greater than or equal to %{number}"
94 | msgstr ""
95 |
96 | msgid "must be equal to %{number}"
97 | msgstr ""
98 |
--------------------------------------------------------------------------------
/priv/gettext/errors.pot:
--------------------------------------------------------------------------------
1 | ## This is a PO Template file.
2 | ##
3 | ## `msgid`s here are often extracted from source code.
4 | ## Add new translations manually only if they're dynamic
5 | ## translations that can't be statically extracted.
6 | ##
7 | ## Run `mix gettext.extract` to bring this file up to
8 | ## date. Leave `msgstr`s empty as changing them here has no
9 | ## effect: edit them in PO (`.po`) files instead.
10 |
11 | ## From Ecto.Changeset.cast/4
12 | msgid "can't be blank"
13 | msgstr ""
14 |
15 | ## From Ecto.Changeset.unique_constraint/3
16 | msgid "has already been taken"
17 | msgstr ""
18 |
19 | ## From Ecto.Changeset.put_change/3
20 | msgid "is invalid"
21 | msgstr ""
22 |
23 | ## From Ecto.Changeset.validate_acceptance/3
24 | msgid "must be accepted"
25 | msgstr ""
26 |
27 | ## From Ecto.Changeset.validate_format/3
28 | msgid "has invalid format"
29 | msgstr ""
30 |
31 | ## From Ecto.Changeset.validate_subset/3
32 | msgid "has an invalid entry"
33 | msgstr ""
34 |
35 | ## From Ecto.Changeset.validate_exclusion/3
36 | msgid "is reserved"
37 | msgstr ""
38 |
39 | ## From Ecto.Changeset.validate_confirmation/3
40 | msgid "does not match confirmation"
41 | msgstr ""
42 |
43 | ## From Ecto.Changeset.no_assoc_constraint/3
44 | msgid "is still associated with this entry"
45 | msgstr ""
46 |
47 | msgid "are still associated with this entry"
48 | msgstr ""
49 |
50 | ## From Ecto.Changeset.validate_length/3
51 | msgid "should be %{count} character(s)"
52 | msgid_plural "should be %{count} character(s)"
53 | msgstr[0] ""
54 | msgstr[1] ""
55 |
56 | msgid "should have %{count} item(s)"
57 | msgid_plural "should have %{count} item(s)"
58 | msgstr[0] ""
59 | msgstr[1] ""
60 |
61 | msgid "should be at least %{count} character(s)"
62 | msgid_plural "should be at least %{count} character(s)"
63 | msgstr[0] ""
64 | msgstr[1] ""
65 |
66 | msgid "should have at least %{count} item(s)"
67 | msgid_plural "should have at least %{count} item(s)"
68 | msgstr[0] ""
69 | msgstr[1] ""
70 |
71 | msgid "should be at most %{count} character(s)"
72 | msgid_plural "should be at most %{count} character(s)"
73 | msgstr[0] ""
74 | msgstr[1] ""
75 |
76 | msgid "should have at most %{count} item(s)"
77 | msgid_plural "should have at most %{count} item(s)"
78 | msgstr[0] ""
79 | msgstr[1] ""
80 |
81 | ## From Ecto.Changeset.validate_number/3
82 | msgid "must be less than %{number}"
83 | msgstr ""
84 |
85 | msgid "must be greater than %{number}"
86 | msgstr ""
87 |
88 | msgid "must be less than or equal to %{number}"
89 | msgstr ""
90 |
91 | msgid "must be greater than or equal to %{number}"
92 | msgstr ""
93 |
94 | msgid "must be equal to %{number}"
95 | msgstr ""
96 |
--------------------------------------------------------------------------------
/priv/repo/migrations/.formatter.exs:
--------------------------------------------------------------------------------
1 | [
2 | import_deps: [:ecto_sql],
3 | inputs: ["*.exs"]
4 | ]
5 |
--------------------------------------------------------------------------------
/priv/repo/seeds.exs:
--------------------------------------------------------------------------------
1 | # Script for populating the database. You can run it as:
2 | #
3 | # mix run priv/repo/seeds.exs
4 | #
5 | # Inside the script, you can read and write to any of your
6 | # repositories directly:
7 | #
8 | # WebhookSignature.Repo.insert!(%WebhookSignature.SomeSchema{})
9 | #
10 | # We recommend using the bang functions (`insert!`, `update!`
11 | # and so on) as they will fail if something goes wrong.
12 |
--------------------------------------------------------------------------------
/test/support/channel_case.ex:
--------------------------------------------------------------------------------
1 | defmodule WebhookSignatureWeb.ChannelCase do
2 | @moduledoc """
3 | This module defines the test case to be used by
4 | channel tests.
5 |
6 | Such tests rely on `Phoenix.ChannelTest` and also
7 | import other functionality to make it easier
8 | to build common data structures and query the data layer.
9 |
10 | Finally, if the test case interacts with the database,
11 | we enable the SQL sandbox, so changes done to the database
12 | are reverted at the end of every test. If you are using
13 | PostgreSQL, you can even run database tests asynchronously
14 | by setting `use WebhookSignatureWeb.ChannelCase, async: true`, although
15 | this option is not recommended for other databases.
16 | """
17 |
18 | use ExUnit.CaseTemplate
19 |
20 | using do
21 | quote do
22 | # Import conveniences for testing with channels
23 | import Phoenix.ChannelTest
24 | import WebhookSignatureWeb.ChannelCase
25 |
26 | # The default endpoint for testing
27 | @endpoint WebhookSignatureWeb.Endpoint
28 | end
29 | end
30 |
31 | setup tags do
32 | :ok = Ecto.Adapters.SQL.Sandbox.checkout(WebhookSignature.Repo)
33 |
34 | unless tags[:async] do
35 | Ecto.Adapters.SQL.Sandbox.mode(WebhookSignature.Repo, {:shared, self()})
36 | end
37 |
38 | :ok
39 | end
40 | end
41 |
--------------------------------------------------------------------------------
/test/support/conn_case.ex:
--------------------------------------------------------------------------------
1 | defmodule WebhookSignatureWeb.ConnCase do
2 | @moduledoc """
3 | This module defines the test case to be used by
4 | tests that require setting up a connection.
5 |
6 | Such tests rely on `Phoenix.ConnTest` and also
7 | import other functionality to make it easier
8 | to build common data structures and query the data layer.
9 |
10 | Finally, if the test case interacts with the database,
11 | we enable the SQL sandbox, so changes done to the database
12 | are reverted at the end of every test. If you are using
13 | PostgreSQL, you can even run database tests asynchronously
14 | by setting `use WebhookSignatureWeb.ConnCase, async: true`, although
15 | this option is not recommended for other databases.
16 | """
17 |
18 | use ExUnit.CaseTemplate
19 |
20 | using do
21 | quote do
22 | # Import conveniences for testing with connections
23 | import Plug.Conn
24 | import Phoenix.ConnTest
25 | import WebhookSignatureWeb.ConnCase
26 |
27 | alias WebhookSignatureWeb.Router.Helpers, as: Routes
28 |
29 | # The default endpoint for testing
30 | @endpoint WebhookSignatureWeb.Endpoint
31 | end
32 | end
33 |
34 | setup tags do
35 | :ok = Ecto.Adapters.SQL.Sandbox.checkout(WebhookSignature.Repo)
36 |
37 | unless tags[:async] do
38 | Ecto.Adapters.SQL.Sandbox.mode(WebhookSignature.Repo, {:shared, self()})
39 | end
40 |
41 | {:ok, conn: Phoenix.ConnTest.build_conn()}
42 | end
43 | end
44 |
--------------------------------------------------------------------------------
/test/support/data_case.ex:
--------------------------------------------------------------------------------
1 | defmodule WebhookSignature.DataCase do
2 | @moduledoc """
3 | This module defines the setup for tests requiring
4 | access to the application's data layer.
5 |
6 | You may define functions here to be used as helpers in
7 | your tests.
8 |
9 | Finally, if the test case interacts with the database,
10 | we enable the SQL sandbox, so changes done to the database
11 | are reverted at the end of every test. If you are using
12 | PostgreSQL, you can even run database tests asynchronously
13 | by setting `use WebhookSignature.DataCase, async: true`, although
14 | this option is not recommended for other databases.
15 | """
16 |
17 | use ExUnit.CaseTemplate
18 |
19 | using do
20 | quote do
21 | alias WebhookSignature.Repo
22 |
23 | import Ecto
24 | import Ecto.Changeset
25 | import Ecto.Query
26 | import WebhookSignature.DataCase
27 | end
28 | end
29 |
30 | setup tags do
31 | :ok = Ecto.Adapters.SQL.Sandbox.checkout(WebhookSignature.Repo)
32 |
33 | unless tags[:async] do
34 | Ecto.Adapters.SQL.Sandbox.mode(WebhookSignature.Repo, {:shared, self()})
35 | end
36 |
37 | :ok
38 | end
39 |
40 | @doc """
41 | A helper that transforms changeset errors into a map of messages.
42 |
43 | assert {:error, changeset} = Accounts.create_user(%{password: "short"})
44 | assert "password is too short" in errors_on(changeset).password
45 | assert %{password: ["password is too short"]} = errors_on(changeset)
46 |
47 | """
48 | def errors_on(changeset) do
49 | Ecto.Changeset.traverse_errors(changeset, fn {message, opts} ->
50 | Regex.replace(~r"%{(\w+)}", message, fn _, key ->
51 | opts |> Keyword.get(String.to_existing_atom(key), key) |> to_string()
52 | end)
53 | end)
54 | end
55 | end
56 |
--------------------------------------------------------------------------------
/test/test_helper.exs:
--------------------------------------------------------------------------------
1 | ExUnit.start()
2 | Ecto.Adapters.SQL.Sandbox.mode(WebhookSignature.Repo, :manual)
3 |
--------------------------------------------------------------------------------
/test/webhook_signature/payload_validator_test.exs:
--------------------------------------------------------------------------------
1 | defmodule WebhookSignature.PayloadValidatorTest do
2 | use ExUnit.Case
3 |
4 | alias WebhookSignature.PayloadValidator
5 | alias Plug.Conn
6 |
7 | describe "is_authentic_payload?/2" do
8 | setup do
9 | # `is_authentic_payload?/2` relies on an application configuration of
10 | # `webhook_secret` and thus we need to prepare that application state
11 | # before each test.
12 | :ok = Application.put_env(:webhook_signature, :github, webhook_secret: "secretstuff")
13 |
14 | on_exit(fn ->
15 | :ok = Application.put_env(:webhook_signature, :github, webhook_secret: nil)
16 | end)
17 | end
18 |
19 | test "returns true when header signature matches payload" do
20 | payload = ~s({"hello":"world"})
21 |
22 | conn = %Conn{
23 | req_headers: [
24 | {"x-hub-signature",
25 | "sha256=83f6ac8a267da03ba43b9a87b5b665fa8e303bd493dc6c90d44e07a19bf7cb8c"}
26 | ]
27 | }
28 |
29 | assert PayloadValidator.is_authentic_payload?(conn, payload)
30 | end
31 |
32 | test "returns false when header signature does not match payload" do
33 | payload = ~s({"hello":"world"})
34 |
35 | conn = %Conn{
36 | req_headers: [{"x-hub-signature", "sha256=BOGUS33+nZCLDWT6sg+LMELxmyG7Qv+0PkOFJYCTSXU="}]
37 | }
38 |
39 | refute PayloadValidator.is_authentic_payload?(conn, payload)
40 | end
41 |
42 | test "returns false when header signature is missing" do
43 | payload = ~s({"hello":"world"})
44 |
45 | conn = %Conn{
46 | req_headers: []
47 | }
48 |
49 | refute PayloadValidator.is_authentic_payload?(conn, payload)
50 | end
51 | end
52 |
53 | describe "generate_payload_signature/2" do
54 | test "can successfully generate payload signature" do
55 | payload = ~s({"hello":"world"})
56 | app_secret = "secretstuff"
57 |
58 | assert {:ok, "83f6ac8a267da03ba43b9a87b5b665fa8e303bd493dc6c90d44e07a19bf7cb8c"} =
59 | PayloadValidator.generate_payload_signature(payload, app_secret)
60 | end
61 |
62 | test "fails to generate payload signature when webhook_secret is missing" do
63 | payload = ~s({"hello":"world"})
64 | app_secret = nil
65 |
66 | assert {:error, :missing_app_secret} =
67 | PayloadValidator.generate_payload_signature(payload, app_secret)
68 | end
69 | end
70 | end
71 |
--------------------------------------------------------------------------------
/test/webhook_signature_web/controllers/github_webhook_controller_test.exs:
--------------------------------------------------------------------------------
1 | defmodule WebhookSignatureWeb.GitHubWebhookControllerTest do
2 | use WebhookSignatureWeb.ConnCase
3 |
4 | alias Plug.Conn
5 | alias WebhookSignature.PayloadValidator
6 |
7 | # POST /github/webhook
8 | describe "webhook/2" do
9 | setup %{conn: conn} do
10 | json_conn = Plug.Conn.put_req_header(conn, "content-type", "application/json")
11 |
12 | webhook_secret = "secretsarefun"
13 | :ok = Application.put_env(:webhook_signature, :github, webhook_secret: webhook_secret)
14 |
15 | on_exit(fn ->
16 | :ok = Application.put_env(:webhook_signature, :github, webhook_secret: nil)
17 | end)
18 |
19 | %{conn: json_conn, webhook_secret: webhook_secret}
20 | end
21 |
22 | test "returns a 200 ok response when the signature and payload match", %{
23 | conn: conn,
24 | webhook_secret: webhook_secret
25 | } do
26 | payload = sample_github_payload()
27 | {:ok, signature} = PayloadValidator.generate_payload_signature(payload, webhook_secret)
28 |
29 | conn
30 | |> Conn.put_req_header("x-hub-signature", "sha256=#{signature}")
31 | |> post(Routes.git_hub_webhook_path(conn, :webhook), payload)
32 | |> json_response(:ok)
33 | end
34 |
35 | test "returns a 403 forbidden response when the signature and payload do not match, unexpected signature",
36 | %{conn: conn} do
37 | payload = sample_github_payload()
38 |
39 | response =
40 | conn
41 | |> Conn.put_req_header(
42 | "x-hub-signature",
43 | "sha256=BOGUS33+nZCLDWT6sg+LMELxmyG7Qv+0PkOFJYCTSXU="
44 | )
45 | |> post(Routes.git_hub_webhook_path(conn, :webhook), payload)
46 | |> json_response(403)
47 |
48 | assert %{
49 | "error" => "PAYLOAD SIGNATURE FAILED"
50 | } = response
51 | end
52 |
53 | test "returns a 403 forbidden response when the signature and payload do not match, unexpected payload",
54 | %{
55 | conn: conn,
56 | webhook_secret: webhook_secret
57 | } do
58 | payload = sample_github_payload()
59 | {:ok, signature} = PayloadValidator.generate_payload_signature(payload, webhook_secret)
60 |
61 | hacked_payload = ~s({"hacked":"payload"})
62 |
63 | response =
64 | conn
65 | |> Conn.put_req_header(
66 | "x-hub-signature",
67 | "sha256=#{signature}"
68 | )
69 | |> post(Routes.git_hub_webhook_path(conn, :webhook), hacked_payload)
70 | |> json_response(403)
71 |
72 | assert %{
73 | "error" => "PAYLOAD SIGNATURE FAILED"
74 | } = response
75 | end
76 | end
77 |
78 | defp sample_github_payload do
79 | """
80 | {
81 | "action": "created",
82 | "check_run": {
83 | "id": 128620228,
84 | "node_id": "MDg6Q2hlY2tSdW4xMjg2MjAyMjg=",
85 | "head_sha": "ec26c3e57ca3a959ca5aad62de7213c562f8c821",
86 | "external_id": "",
87 | "url": "https://api.github.com/repos/Codertocat/Hello-World/check-runs/128620228",
88 | "html_url": "https://github.com/Codertocat/Hello-World/runs/128620228",
89 | "details_url": "https://octocoders.io",
90 | "status": "queued",
91 | "conclusion": null,
92 | "started_at": "2019-05-15T15:21:12Z",
93 | "completed_at": null,
94 | "output": {
95 | "title": null,
96 | "summary": null,
97 | "text": null,
98 | "annotations_count": 0,
99 | "annotations_url": "https://api.github.com/repos/Codertocat/Hello-World/check-runs/128620228/annotations"
100 | },
101 | "name": "Octocoders-linter",
102 | "check_suite": {
103 | "id": 118578147,
104 | "node_id": "MDEwOkNoZWNrU3VpdGUxMTg1NzgxNDc=",
105 | "head_branch": "changes",
106 | "head_sha": "ec26c3e57ca3a959ca5aad62de7213c562f8c821",
107 | "status": "queued",
108 | "conclusion": null,
109 | "url": "https://api.github.com/repos/Codertocat/Hello-World/check-suites/118578147",
110 | "before": "6113728f27ae82c7b1a177c8d03f9e96e0adf246",
111 | "after": "ec26c3e57ca3a959ca5aad62de7213c562f8c821",
112 | "pull_requests": [
113 | {
114 | "url": "https://api.github.com/repos/Codertocat/Hello-World/pulls/2",
115 | "id": 279147437,
116 | "number": 2,
117 | "head": {
118 | "ref": "changes",
119 | "sha": "ec26c3e57ca3a959ca5aad62de7213c562f8c821",
120 | "repo": {
121 | "id": 186853002,
122 | "url": "https://api.github.com/repos/Codertocat/Hello-World",
123 | "name": "Hello-World"
124 | }
125 | },
126 | "base": {
127 | "ref": "master",
128 | "sha": "f95f852bd8fca8fcc58a9a2d6c842781e32a215e",
129 | "repo": {
130 | "id": 186853002,
131 | "url": "https://api.github.com/repos/Codertocat/Hello-World",
132 | "name": "Hello-World"
133 | }
134 | }
135 | }
136 | ],
137 | "app": {
138 | "id": 29310,
139 | "node_id": "MDM6QXBwMjkzMTA=",
140 | "owner": {
141 | "login": "Octocoders",
142 | "id": 38302899,
143 | "node_id": "MDEyOk9yZ2FuaXphdGlvbjM4MzAyODk5",
144 | "avatar_url": "https://avatars1.githubusercontent.com/u/38302899?v=4",
145 | "gravatar_id": "",
146 | "url": "https://api.github.com/users/Octocoders",
147 | "html_url": "https://github.com/Octocoders",
148 | "followers_url": "https://api.github.com/users/Octocoders/followers",
149 | "following_url": "https://api.github.com/users/Octocoders/following{/other_user}",
150 | "gists_url": "https://api.github.com/users/Octocoders/gists{/gist_id}",
151 | "starred_url": "https://api.github.com/users/Octocoders/starred{/owner}{/repo}",
152 | "subscriptions_url": "https://api.github.com/users/Octocoders/subscriptions",
153 | "organizations_url": "https://api.github.com/users/Octocoders/orgs",
154 | "repos_url": "https://api.github.com/users/Octocoders/repos",
155 | "events_url": "https://api.github.com/users/Octocoders/events{/privacy}",
156 | "received_events_url": "https://api.github.com/users/Octocoders/received_events",
157 | "type": "Organization",
158 | "site_admin": false
159 | },
160 | "name": "octocoders-linter",
161 | "description": "",
162 | "external_url": "https://octocoders.io",
163 | "html_url": "https://github.com/apps/octocoders-linter",
164 | "created_at": "2019-04-19T19:36:24Z",
165 | "updated_at": "2019-04-19T19:36:56Z",
166 | "permissions": {
167 | "administration": "write",
168 | "checks": "write",
169 | "contents": "write",
170 | "deployments": "write",
171 | "issues": "write",
172 | "members": "write",
173 | "metadata": "read",
174 | "organization_administration": "write",
175 | "organization_hooks": "write",
176 | "organization_plan": "read",
177 | "organization_projects": "write",
178 | "organization_user_blocking": "write",
179 | "pages": "write",
180 | "pull_requests": "write",
181 | "repository_hooks": "write",
182 | "repository_projects": "write",
183 | "statuses": "write",
184 | "team_discussions": "write",
185 | "vulnerability_alerts": "read"
186 | },
187 | "events": []
188 | },
189 | "created_at": "2019-05-15T15:20:31Z",
190 | "updated_at": "2019-05-15T15:20:31Z"
191 | },
192 | "app": {
193 | "id": 29310,
194 | "node_id": "MDM6QXBwMjkzMTA=",
195 | "owner": {
196 | "login": "Octocoders",
197 | "id": 38302899,
198 | "node_id": "MDEyOk9yZ2FuaXphdGlvbjM4MzAyODk5",
199 | "avatar_url": "https://avatars1.githubusercontent.com/u/38302899?v=4",
200 | "gravatar_id": "",
201 | "url": "https://api.github.com/users/Octocoders",
202 | "html_url": "https://github.com/Octocoders",
203 | "followers_url": "https://api.github.com/users/Octocoders/followers",
204 | "following_url": "https://api.github.com/users/Octocoders/following{/other_user}",
205 | "gists_url": "https://api.github.com/users/Octocoders/gists{/gist_id}",
206 | "starred_url": "https://api.github.com/users/Octocoders/starred{/owner}{/repo}",
207 | "subscriptions_url": "https://api.github.com/users/Octocoders/subscriptions",
208 | "organizations_url": "https://api.github.com/users/Octocoders/orgs",
209 | "repos_url": "https://api.github.com/users/Octocoders/repos",
210 | "events_url": "https://api.github.com/users/Octocoders/events{/privacy}",
211 | "received_events_url": "https://api.github.com/users/Octocoders/received_events",
212 | "type": "Organization",
213 | "site_admin": false
214 | },
215 | "name": "octocoders-linter",
216 | "description": "",
217 | "external_url": "https://octocoders.io",
218 | "html_url": "https://github.com/apps/octocoders-linter",
219 | "created_at": "2019-04-19T19:36:24Z",
220 | "updated_at": "2019-04-19T19:36:56Z",
221 | "permissions": {
222 | "administration": "write",
223 | "checks": "write",
224 | "contents": "write",
225 | "deployments": "write",
226 | "issues": "write",
227 | "members": "write",
228 | "metadata": "read",
229 | "organization_administration": "write",
230 | "organization_hooks": "write",
231 | "organization_plan": "read",
232 | "organization_projects": "write",
233 | "organization_user_blocking": "write",
234 | "pages": "write",
235 | "pull_requests": "write",
236 | "repository_hooks": "write",
237 | "repository_projects": "write",
238 | "statuses": "write",
239 | "team_discussions": "write",
240 | "vulnerability_alerts": "read"
241 | },
242 | "events": []
243 | },
244 | "pull_requests": [
245 | {
246 | "url": "https://api.github.com/repos/Codertocat/Hello-World/pulls/2",
247 | "id": 279147437,
248 | "number": 2,
249 | "head": {
250 | "ref": "changes",
251 | "sha": "ec26c3e57ca3a959ca5aad62de7213c562f8c821",
252 | "repo": {
253 | "id": 186853002,
254 | "url": "https://api.github.com/repos/Codertocat/Hello-World",
255 | "name": "Hello-World"
256 | }
257 | },
258 | "base": {
259 | "ref": "master",
260 | "sha": "f95f852bd8fca8fcc58a9a2d6c842781e32a215e",
261 | "repo": {
262 | "id": 186853002,
263 | "url": "https://api.github.com/repos/Codertocat/Hello-World",
264 | "name": "Hello-World"
265 | }
266 | }
267 | }
268 | ]
269 | },
270 | "repository": {
271 | "id": 186853002,
272 | "node_id": "MDEwOlJlcG9zaXRvcnkxODY4NTMwMDI=",
273 | "name": "Hello-World",
274 | "full_name": "Codertocat/Hello-World",
275 | "private": false,
276 | "owner": {
277 | "login": "Codertocat",
278 | "id": 21031067,
279 | "node_id": "MDQ6VXNlcjIxMDMxMDY3",
280 | "avatar_url": "https://avatars1.githubusercontent.com/u/21031067?v=4",
281 | "gravatar_id": "",
282 | "url": "https://api.github.com/users/Codertocat",
283 | "html_url": "https://github.com/Codertocat",
284 | "followers_url": "https://api.github.com/users/Codertocat/followers",
285 | "following_url": "https://api.github.com/users/Codertocat/following{/other_user}",
286 | "gists_url": "https://api.github.com/users/Codertocat/gists{/gist_id}",
287 | "starred_url": "https://api.github.com/users/Codertocat/starred{/owner}{/repo}",
288 | "subscriptions_url": "https://api.github.com/users/Codertocat/subscriptions",
289 | "organizations_url": "https://api.github.com/users/Codertocat/orgs",
290 | "repos_url": "https://api.github.com/users/Codertocat/repos",
291 | "events_url": "https://api.github.com/users/Codertocat/events{/privacy}",
292 | "received_events_url": "https://api.github.com/users/Codertocat/received_events",
293 | "type": "User",
294 | "site_admin": false
295 | },
296 | "html_url": "https://github.com/Codertocat/Hello-World",
297 | "description": null,
298 | "fork": false,
299 | "url": "https://api.github.com/repos/Codertocat/Hello-World",
300 | "forks_url": "https://api.github.com/repos/Codertocat/Hello-World/forks",
301 | "keys_url": "https://api.github.com/repos/Codertocat/Hello-World/keys{/key_id}",
302 | "collaborators_url": "https://api.github.com/repos/Codertocat/Hello-World/collaborators{/collaborator}",
303 | "teams_url": "https://api.github.com/repos/Codertocat/Hello-World/teams",
304 | "hooks_url": "https://api.github.com/repos/Codertocat/Hello-World/hooks",
305 | "issue_events_url": "https://api.github.com/repos/Codertocat/Hello-World/issues/events{/number}",
306 | "events_url": "https://api.github.com/repos/Codertocat/Hello-World/events",
307 | "assignees_url": "https://api.github.com/repos/Codertocat/Hello-World/assignees{/user}",
308 | "branches_url": "https://api.github.com/repos/Codertocat/Hello-World/branches{/branch}",
309 | "tags_url": "https://api.github.com/repos/Codertocat/Hello-World/tags",
310 | "blobs_url": "https://api.github.com/repos/Codertocat/Hello-World/git/blobs{/sha}",
311 | "git_tags_url": "https://api.github.com/repos/Codertocat/Hello-World/git/tags{/sha}",
312 | "git_refs_url": "https://api.github.com/repos/Codertocat/Hello-World/git/refs{/sha}",
313 | "trees_url": "https://api.github.com/repos/Codertocat/Hello-World/git/trees{/sha}",
314 | "statuses_url": "https://api.github.com/repos/Codertocat/Hello-World/statuses/{sha}",
315 | "languages_url": "https://api.github.com/repos/Codertocat/Hello-World/languages",
316 | "stargazers_url": "https://api.github.com/repos/Codertocat/Hello-World/stargazers",
317 | "contributors_url": "https://api.github.com/repos/Codertocat/Hello-World/contributors",
318 | "subscribers_url": "https://api.github.com/repos/Codertocat/Hello-World/subscribers",
319 | "subscription_url": "https://api.github.com/repos/Codertocat/Hello-World/subscription",
320 | "commits_url": "https://api.github.com/repos/Codertocat/Hello-World/commits{/sha}",
321 | "git_commits_url": "https://api.github.com/repos/Codertocat/Hello-World/git/commits{/sha}",
322 | "comments_url": "https://api.github.com/repos/Codertocat/Hello-World/comments{/number}",
323 | "issue_comment_url": "https://api.github.com/repos/Codertocat/Hello-World/issues/comments{/number}",
324 | "contents_url": "https://api.github.com/repos/Codertocat/Hello-World/contents/{+path}",
325 | "compare_url": "https://api.github.com/repos/Codertocat/Hello-World/compare/{base}...{head}",
326 | "merges_url": "https://api.github.com/repos/Codertocat/Hello-World/merges",
327 | "archive_url": "https://api.github.com/repos/Codertocat/Hello-World/{archive_format}{/ref}",
328 | "downloads_url": "https://api.github.com/repos/Codertocat/Hello-World/downloads",
329 | "issues_url": "https://api.github.com/repos/Codertocat/Hello-World/issues{/number}",
330 | "pulls_url": "https://api.github.com/repos/Codertocat/Hello-World/pulls{/number}",
331 | "milestones_url": "https://api.github.com/repos/Codertocat/Hello-World/milestones{/number}",
332 | "notifications_url": "https://api.github.com/repos/Codertocat/Hello-World/notifications{?since,all,participating}",
333 | "labels_url": "https://api.github.com/repos/Codertocat/Hello-World/labels{/name}",
334 | "releases_url": "https://api.github.com/repos/Codertocat/Hello-World/releases{/id}",
335 | "deployments_url": "https://api.github.com/repos/Codertocat/Hello-World/deployments",
336 | "created_at": "2019-05-15T15:19:25Z",
337 | "updated_at": "2019-05-15T15:21:03Z",
338 | "pushed_at": "2019-05-15T15:20:57Z",
339 | "git_url": "git://github.com/Codertocat/Hello-World.git",
340 | "ssh_url": "git@github.com:Codertocat/Hello-World.git",
341 | "clone_url": "https://github.com/Codertocat/Hello-World.git",
342 | "svn_url": "https://github.com/Codertocat/Hello-World",
343 | "homepage": null,
344 | "size": 0,
345 | "stargazers_count": 0,
346 | "watchers_count": 0,
347 | "language": "Ruby",
348 | "has_issues": true,
349 | "has_projects": true,
350 | "has_downloads": true,
351 | "has_wiki": true,
352 | "has_pages": true,
353 | "forks_count": 1,
354 | "mirror_url": null,
355 | "archived": false,
356 | "disabled": false,
357 | "open_issues_count": 2,
358 | "license": null,
359 | "forks": 1,
360 | "open_issues": 2,
361 | "watchers": 0,
362 | "default_branch": "master"
363 | },
364 | "sender": {
365 | "login": "Codertocat",
366 | "id": 21031067,
367 | "node_id": "MDQ6VXNlcjIxMDMxMDY3",
368 | "avatar_url": "https://avatars1.githubusercontent.com/u/21031067?v=4",
369 | "gravatar_id": "",
370 | "url": "https://api.github.com/users/Codertocat",
371 | "html_url": "https://github.com/Codertocat",
372 | "followers_url": "https://api.github.com/users/Codertocat/followers",
373 | "following_url": "https://api.github.com/users/Codertocat/following{/other_user}",
374 | "gists_url": "https://api.github.com/users/Codertocat/gists{/gist_id}",
375 | "starred_url": "https://api.github.com/users/Codertocat/starred{/owner}{/repo}",
376 | "subscriptions_url": "https://api.github.com/users/Codertocat/subscriptions",
377 | "organizations_url": "https://api.github.com/users/Codertocat/orgs",
378 | "repos_url": "https://api.github.com/users/Codertocat/repos",
379 | "events_url": "https://api.github.com/users/Codertocat/events{/privacy}",
380 | "received_events_url": "https://api.github.com/users/Codertocat/received_events",
381 | "type": "User",
382 | "site_admin": false
383 | }
384 | }
385 | """
386 | end
387 | end
388 |
--------------------------------------------------------------------------------
/test/webhook_signature_web/controllers/page_controller_test.exs:
--------------------------------------------------------------------------------
1 | defmodule WebhookSignatureWeb.PageControllerTest do
2 | use WebhookSignatureWeb.ConnCase
3 |
4 | test "GET /", %{conn: conn} do
5 | conn = get(conn, "/")
6 | assert html_response(conn, 200) =~ "Welcome to Phoenix!"
7 | end
8 | end
9 |
--------------------------------------------------------------------------------
/test/webhook_signature_web/views/error_view_test.exs:
--------------------------------------------------------------------------------
1 | defmodule WebhookSignatureWeb.ErrorViewTest do
2 | use WebhookSignatureWeb.ConnCase, async: true
3 |
4 | # Bring render/3 and render_to_string/3 for testing custom views
5 | import Phoenix.View
6 |
7 | test "renders 404.html" do
8 | assert render_to_string(WebhookSignatureWeb.ErrorView, "404.html", []) == "Not Found"
9 | end
10 |
11 | test "renders 500.html" do
12 | assert render_to_string(WebhookSignatureWeb.ErrorView, "500.html", []) == "Internal Server Error"
13 | end
14 | end
15 |
--------------------------------------------------------------------------------
/test/webhook_signature_web/views/layout_view_test.exs:
--------------------------------------------------------------------------------
1 | defmodule WebhookSignatureWeb.LayoutViewTest do
2 | use WebhookSignatureWeb.ConnCase, async: true
3 |
4 | # When testing helpers, you may want to import Phoenix.HTML and
5 | # use functions such as safe_to_string() to convert the helper
6 | # result into an HTML string.
7 | # import Phoenix.HTML
8 | end
9 |
--------------------------------------------------------------------------------
/test/webhook_signature_web/views/page_view_test.exs:
--------------------------------------------------------------------------------
1 | defmodule WebhookSignatureWeb.PageViewTest do
2 | use WebhookSignatureWeb.ConnCase, async: true
3 | end
4 |
--------------------------------------------------------------------------------