A Flask view decorator to verify Github's webhook signatures
Project description
flask-github-signature
A Flask view decorator to verify Github's webhook signatures.
Installation
Using pip
To get the latest version from pypi.org:
pip install flask-github-signature
Usage
export GH_WEBHOOK_SECRET="xyz"
# app.py
from flask import Flask
from flask_github_signature import verify_signature
app = Flask(__name__)
@app.route("/webhook", methods=["POST"])
@verify_signature
def webhook():
return "Payload signature verified."
run the previous Flask app with:
flask run
and test it with:
curl --request POST \
--header "X-Hub-Signature-256: sha256=eba50596a17c2c8fbdbc5c68223422fe41d5310bea51ffdc461430bce0386c54" \
--header "Content-Type: application/json" \
--data '{}' \
http://localhost:5000/webhook
Signing a test payload
If you want to test with another payload you can generate a signature using:
>>> import os
>>> from flask_github_signature import compute_signature
>>>
>>> secret = os.environ["GH_WEBHOOK_SECRET"]
>>> compute_signature(secret, b'{"message": "An example"}')
'04886433fda851ca66181cecbd9c283ba677468ba361b0a0a7ba57a867102b46'
>>>
when using a signature on a header don't forget to append sha256=
to it.
Testing
If you want to test, play or contribute to this repo:
git clone git@github.com:pabluk/flask-github-signature.git
cd flask-github-signature/
pip install -r requirements.txt
pip install -r requirements-dev.txt
pytest -v
black --line-length=127 tests/ flask_github_signature/
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Close
Hashes for flask-github-signature-0.1.1.tar.gz
Algorithm | Hash digest | |
---|---|---|
SHA256 | c184643ba3aa72a220e6af8f153d04e220f0b9e437f4db78fb7a3e8a4e936aa6 |
|
MD5 | a413550935bf7764dcb12c6c674aec74 |
|
BLAKE2b-256 | 0877ca235051edcceb4a306c1475ee7de1bfd3d468a217fbacadab25cc696c25 |
Close
Hashes for flask_github_signature-0.1.1-py3-none-any.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | ffe3adab48f21c23a942c177787f94a8f6d1044a859d86e6c36fea675438886b |
|
MD5 | 63a07038dc44316d76b9fc67ffb70808 |
|
BLAKE2b-256 | a1ba34c8fed1b256283ab8b52d38e9b16f0eba7dfde4237fa6ebe9cf6f7bf285 |