From e3d834e2cd992f115c859b6aff9f4a608bdeea9a Mon Sep 17 00:00:00 2001
From: "Kelvin Ly (on the cloud)" <kelvin.ly1618+cloud@gmail.com>
Date: Sun, 27 Jan 2019 04:47:22 +0000
Subject: [PATCH] Working webhook
---
main.go | 14 ++++++++++----
1 file changed, 10 insertions(+), 4 deletions(-)
diff --git a/main.go b/main.go
index 330b12a..b94fbea 100644
--- a/main.go
+++ b/main.go
@@ -195,13 +195,17 @@ func readWebhookKey() []byte {
log.Printf("[ERR] webhook key not found, webhook updates will not work!")
return nil
}
+ /*
ret := make([]byte, hex.DecodedLen(len(b)))
- rl, err2 := hex.Decode(ret, b)
+ // skip the ending 0x0a
+ rl, err2 := hex.Decode(ret, b[:len(b)-1])
if err2 != nil {
+ log.Printf("[ERR] unable to decode webhook key! %v %s", b, err2)
return nil
}
+ */
- return ret[:rl]
+ return b[:len(b)-1]
}
func startServer(srv *http.Server) {
@@ -216,6 +220,7 @@ func startServer(srv *http.Server) {
serveMux.Handle("/resume/", http.StripPrefix("/resume", http.FileServer(http.Dir("resume/"))))
serveMux.HandleFunc("/main.css", func(w http.ResponseWriter, r *http.Request) { http.ServeFile(w, r, "main.css") })
if webhookKey != nil {
+ log.Print("web hook found")
serveMux.HandleFunc("/update", func(w http.ResponseWriter, r *http.Request) {
if r.Method != "POST" {
w.WriteHeader(403)
@@ -241,7 +246,8 @@ func startServer(srv *http.Server) {
expected := mac.Sum(nil)
signatureDec := make([]byte, hex.DecodedLen(len(signature)))
- sdl, e2 := hex.Decode(signatureDec, []byte(signature))
+ // skip the "sha1=" part
+ sdl, e2 := hex.Decode(signatureDec, []byte(signature)[5:])
if e2 != nil {
w.WriteHeader(403)
w.Write([]byte("unable to read signature"))
@@ -250,7 +256,7 @@ func startServer(srv *http.Server) {
signatureDec = signatureDec[:sdl]
if !hmac.Equal(expected, signatureDec) {
- log.Print("webhook hmac match failed; expected %v found %v", expected, signature)
+ log.Print("webhook hmac match failed; expected %v found %v", expected, signatureDec)
w.WriteHeader(403)
w.Write([]byte("invalid request"))
return