go dep

Migrated from plain /vendor to go dep
2025-07-20 21:59:42 +02:00 · 2018-02-14 15:23:46 +00:00 · 2018-02-14 15:23:46 +00:00 · fd693f4ff4
commit fd693f4ff4
parent 0262763c95
957 changed files with 36866 additions and 177595 deletions
--- a/vendor/github.com/google/go-github/github/messages.go
+++ b/vendor/github.com/google/go-github/github/messages.go
@ -4,7 +4,7 @@
 // license that can be found in the LICENSE file.

 // This file provides functions for validating payloads from GitHub Webhooks.
-// GitHub docs: https://developer.github.com/webhooks/securing/#validating-payloads-from-github
+// GitHub API docs: https://developer.github.com/webhooks/securing/#validating-payloads-from-github

 package github

@ -14,11 +14,13 @@ import (
 	"crypto/sha256"
 	"crypto/sha512"
 	"encoding/hex"
+	"encoding/json"
 	"errors"
 	"fmt"
 	"hash"
 	"io/ioutil"
 	"net/http"
+	"net/url"
 	"strings"
 )

@ -30,6 +32,50 @@ const (
 	sha512Prefix = "sha512"
 	// signatureHeader is the GitHub header key used to pass the HMAC hexdigest.
 	signatureHeader = "X-Hub-Signature"
+	// eventTypeHeader is the GitHub header key used to pass the event type.
+	eventTypeHeader = "X-Github-Event"
+	// deliveryIDHeader is the GitHub header key used to pass the unique ID for the webhook event.
+	deliveryIDHeader = "X-Github-Delivery"
+)
+
+var (
+	// eventTypeMapping maps webhooks types to their corresponding go-github struct types.
+	eventTypeMapping = map[string]string{
+		"commit_comment":              "CommitCommentEvent",
+		"create":                      "CreateEvent",
+		"delete":                      "DeleteEvent",
+		"deployment":                  "DeploymentEvent",
+		"deployment_status":           "DeploymentStatusEvent",
+		"fork":                        "ForkEvent",
+		"gollum":                      "GollumEvent",
+		"installation":                "InstallationEvent",
+		"installation_repositories":   "InstallationRepositoriesEvent",
+		"issue_comment":               "IssueCommentEvent",
+		"issues":                      "IssuesEvent",
+		"label":                       "LabelEvent",
+		"marketplace_purchase":        "MarketplacePurchaseEvent",
+		"member":                      "MemberEvent",
+		"membership":                  "MembershipEvent",
+		"milestone":                   "MilestoneEvent",
+		"organization":                "OrganizationEvent",
+		"org_block":                   "OrgBlockEvent",
+		"page_build":                  "PageBuildEvent",
+		"ping":                        "PingEvent",
+		"project":                     "ProjectEvent",
+		"project_card":                "ProjectCardEvent",
+		"project_column":              "ProjectColumnEvent",
+		"public":                      "PublicEvent",
+		"pull_request_review":         "PullRequestReviewEvent",
+		"pull_request_review_comment": "PullRequestReviewCommentEvent",
+		"pull_request":                "PullRequestEvent",
+		"push":                        "PushEvent",
+		"repository":                  "RepositoryEvent",
+		"release":                     "ReleaseEvent",
+		"status":                      "StatusEvent",
+		"team":                        "TeamEvent",
+		"team_add":                    "TeamAddEvent",
+		"watch":                       "WatchEvent",
+	}
 )

 // genMAC generates the HMAC signature for a message provided the secret key
@ -78,6 +124,8 @@ func messageMAC(signature string) ([]byte, func() hash.Hash, error) {

 // ValidatePayload validates an incoming GitHub Webhook event request
 // and returns the (JSON) payload.
+// The Content-Type header of the payload can be "application/json" or "application/x-www-form-urlencoded".
+// If the Content-Type is neither then an error is returned.
 // secretKey is the GitHub Webhook secret message.
 //
 // Example usage:
@ -89,13 +137,43 @@ func messageMAC(signature string) ([]byte, func() hash.Hash, error) {
 //     }
 //
 func ValidatePayload(r *http.Request, secretKey []byte) (payload []byte, err error) {
-	payload, err = ioutil.ReadAll(r.Body)
-	if err != nil {
-		return nil, err
+	var body []byte // Raw body that GitHub uses to calculate the signature.
+
+	switch ct := r.Header.Get("Content-Type"); ct {
+	case "application/json":
+		var err error
+		if body, err = ioutil.ReadAll(r.Body); err != nil {
+			return nil, err
+		}
+
+		// If the content type is application/json,
+		// the JSON payload is just the original body.
+		payload = body
+
+	case "application/x-www-form-urlencoded":
+		// payloadFormParam is the name of the form parameter that the JSON payload
+		// will be in if a webhook has its content type set to application/x-www-form-urlencoded.
+		const payloadFormParam = "payload"
+
+		var err error
+		if body, err = ioutil.ReadAll(r.Body); err != nil {
+			return nil, err
+		}
+
+		// If the content type is application/x-www-form-urlencoded,
+		// the JSON payload will be under the "payload" form param.
+		form, err := url.ParseQuery(string(body))
+		if err != nil {
+			return nil, err
+		}
+		payload = []byte(form.Get(payloadFormParam))
+
+	default:
+		return nil, fmt.Errorf("Webhook request has unsupported Content-Type %q", ct)
 	}

 	sig := r.Header.Get(signatureHeader)
-	if err := validateSignature(sig, payload, secretKey); err != nil {
+	if err := validateSignature(sig, body, secretKey); err != nil {
 		return nil, err
 	}
 	return payload, nil
@ -106,7 +184,7 @@ func ValidatePayload(r *http.Request, secretKey []byte) (payload []byte, err err
 // payload is the JSON payload sent by GitHub Webhooks.
 // secretKey is the GitHub Webhook secret message.
 //
-// GitHub docs: https://developer.github.com/webhooks/securing/#validating-payloads-from-github
+// GitHub API docs: https://developer.github.com/webhooks/securing/#validating-payloads-from-github
 func validateSignature(signature string, payload, secretKey []byte) error {
 	messageMAC, hashFunc, err := messageMAC(signature)
 	if err != nil {
@ -117,3 +195,51 @@ func validateSignature(signature string, payload, secretKey []byte) error {
 	}
 	return nil
 }
+
+// WebHookType returns the event type of webhook request r.
+//
+// GitHub API docs: https://developer.github.com/v3/repos/hooks/#webhook-headers
+func WebHookType(r *http.Request) string {
+	return r.Header.Get(eventTypeHeader)
+}
+
+// DeliveryID returns the unique delivery ID of webhook request r.
+//
+// GitHub API docs: https://developer.github.com/v3/repos/hooks/#webhook-headers
+func DeliveryID(r *http.Request) string {
+	return r.Header.Get(deliveryIDHeader)
+}
+
+// ParseWebHook parses the event payload. For recognized event types, a
+// value of the corresponding struct type will be returned (as returned
+// by Event.ParsePayload()). An error will be returned for unrecognized event
+// types.
+//
+// Example usage:
+//
+//     func (s *GitHubEventMonitor) ServeHTTP(w http.ResponseWriter, r *http.Request) {
+//       payload, err := github.ValidatePayload(r, s.webhookSecretKey)
+//       if err != nil { ... }
+//       event, err := github.ParseWebHook(github.WebHookType(r), payload)
+//       if err != nil { ... }
+//       switch event := event.(type) {
+//       case *github.CommitCommentEvent:
+//           processCommitCommentEvent(event)
+//       case *github.CreateEvent:
+//           processCreateEvent(event)
+//       ...
+//       }
+//     }
+//
+func ParseWebHook(messageType string, payload []byte) (interface{}, error) {
+	eventType, ok := eventTypeMapping[messageType]
+	if !ok {
+		return nil, fmt.Errorf("unknown X-Github-Event in message: %v", messageType)
+	}
+
+	event := Event{
+		Type:       &eventType,
+		RawPayload: (*json.RawMessage)(&payload),
+	}
+	return event.ParsePayload()
+}