44 lines
992 B
JavaScript
44 lines
992 B
JavaScript
import express from 'express'
|
|
import crypto from 'crypto'
|
|
import { writeFileSync } from 'fs'
|
|
|
|
const app = express()
|
|
const PORT = 4000
|
|
|
|
// Use raw body so HMAC matches exact bytes sent by Gitea
|
|
app.use(express.raw({ type: 'application/json' }))
|
|
|
|
const SECRET = 'somesecret'
|
|
|
|
app.post('/gitea/deploy', (req, res) => {
|
|
const signatureHeader = req.get('X-Hub-Signature-256')
|
|
|
|
if (!signatureHeader) {
|
|
return res.status(400).send('Missing signature')
|
|
}
|
|
|
|
//console.log(req.headers);
|
|
|
|
const expected = 'sha256=' + crypto
|
|
.createHmac('sha256', SECRET)
|
|
.update(req.body)
|
|
.digest('hex')
|
|
|
|
const sigBuf = Buffer.from(signatureHeader)
|
|
const expBuf = Buffer.from(expected)
|
|
|
|
//writeFileSync('last-payload.bin', req.body);
|
|
//console.log("Stored payload as last-payload.bin")
|
|
|
|
if (sigBuf.length !== expBuf.length || !crypto.timingSafeEqual(sigBuf, expBuf)) {
|
|
return res.sendStatus(401);
|
|
}
|
|
|
|
res.status(202).end();
|
|
|
|
})
|
|
|
|
app.listen(PORT, () => {
|
|
console.log(`Listening on port ${PORT}`)
|
|
})
|