A middleware that will check that a valid X-Hub-Signature header is sent for POST requests.
This module lets you secure webhook HTTP requests from GitHub in your Go Programming Language applications.
go get github.com/StefanKjartansson/ghwebhookauth
You can use ghwebhookauth
with default net/http
as follows.
// main.go
package main
import (
"net/http"
"os"
"github.com/StefanKjartansson/ghwebhookauth"
)
var webhookHandler = http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
// normal handler code
})
func main() {
secretKey := os.Getenv("GITHUB_SECRET_KEY")
gh := ghwebhookauth.New(secretKey)
app := gh.Handler(http.HandlerFunc(webhookHandler))
http.ListenAndServe("0.0.0.0:3000", app)
}
You can also use it with Negroni as follows:
// main.go
package main
import (
"net/http"
"os"
"github.com/StefanKjartansson/ghwebhookauth"
"github.com/codegangsta/negroni"
"github.com/gorilla/mux"
)
var webhookHandler = http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
// normal handler code
})
func main() {
secretKey := os.Getenv("GITHUB_SECRET_KEY")
gh := ghwebhookauth.New(secretKey)
r := mux.NewRouter()
r.Handle("/myhook", negroni.New(
negroni.HandlerFunc(gh.HandlerWithNext),
negroni.Wrap(webhookHandler),
))
http.Handle("/", r)
http.ListenAndServe(":3001", nil)
}