node.jsgithubwebhookshmaccryptojs
trying to mock github webhook request, get: "X-Hub-Signature does not match blob signature"
Here is a little proxy server setup to handle github webhooks:
require('dotenv').config();
var http = require('http');
var createHandler = require('github-webhook-handler');
var handler = createHandler({
path: '/webhook',
secret: process.env.GIT_WEBHOOK_SECRET
});
http
.createServer(function(req, res) {
handler(req, res, function(err) {
res.statusCode = 404;
res.end('no such location');
});
})
.listen(8080);
handler.on('error', function(err) {
console.error('Error:', err.message);
});
handler.on('push', function(event) {
console.log(
'Received a push event for %s to %s',
event.payload.repository.name,
event.payload.ref
);
});
handler.on('issues', function(event) {
console.log(
'Received an issue event for %s action=%s: #%d %s',
event.payload.repository.name,
event.payload.action,
event.payload.issue.number,
event.payload.issue.title
);
});
In postman, I have these headers set:
The raw body is here: https://developer.github.com/v3/activity/events/types/#pullrequestreviewevent
Here is my pre-request script:
var payload = request.data;
console.log("Using payload as " + payload)
var hash = CryptoJS.HmacSHA1(payload, environment.secret).toString(CryptoJS.enc.Hex)
postman.setGlobalVariable("signature", hash);
I can confirm that the GIT_WEBHOOK_SECRET in .env is the same as what is set in secret in my Postman environment settings.
Solution
You need to set content of X-Hub-Signature as parameters with sha1 field :
var payload = request.data;
console.log("Using payload as " + payload)
var hash = CryptoJS.HmacSHA1(payload, environment.secret).toString(CryptoJS.enc.Hex)
postman.setGlobalVariable("signature", "sha1=" + hash);
From validating payloads from Github :
No matter which implementation you use, the hash signature starts with sha1=, using the key of your secret token and your payload body.
- I want to install the "n" package and I get an error
- n <version> command does not activate specified version
- Change n install location
- How to install a specific version of Node on Ubuntu/Debian?
- Different node version for different projects, is there a way of telling node which version to use?
- Install Node.js to install n to install Node.js?
- How to select the latest node.js v6 version using n?
- n-install: ERROR: GNU Make not found, which is required for operation
- How to downgrade Node version with n
- how switch to previous version in n (Node version manager)?
- Automatically use the right version of Node for a package
- internal/modules/cjs/loader.js:905 -> throw err;
- Why doesn't "n" downgrade my node version on a Mac?
- Node version manager
- n failed to install/switch node in Linux?
- vue command not found on Mac
- How to uninstall n and all node versions installed by n
- Angular CLI on HTTPS - can't install CI as root
- n (node version manager): cannot create directory
- npm module n emits errors
- How to update npm permanently?
- Cannot change nodejs version using n
- upgrade nodejs to stable version
- How should I install and use multiple versions of Node on the same production machine?