问题描述
我的 GitHub 存储库中有一个网络挂钩,每次有推送事件时都会触发该挂钩。假设推送事件 JSON 如下所示:
{
"ref": "refs/heads/develop"
"repository": {
"id": 123456789,"name": "SweetSweetRepo"
}
}
我向 GitHub 网络钩子提供了一个秘密,GitHub 在请求头网络钩子 UI 中告诉我它创建了 abc123456 的 SHA256(例如)。
我正在尝试为 webhook 创建代理,但我无法自行创建此 SHA!我知道我的 SHA 函数有效,因为我在像“hello world”这样的示例字符串上测试了它,并检查了它们与在线转换器的对比。但我不明白我应该如何剥离、转义、字符串化或以其他方式格式化 GitHub JSON 有效负载,以便它为我提供所需的 SHA。
更新:
这是一个完整的例子。我创建了一个新的回购。这是网络钩子的链接,您可以自己查看。 https://github.com/fbomb111/webhook-test/settings/hooks/294937131
这里是 GitHub 头文件:
Request URL: http://example.com:
Request method: POST
Accept: */*
content-type: application/json
User-Agent: GitHub-Hookshot/5465ee1
X-GitHub-Delivery: 4ae55e0e-a9d6-11eb-87d7-8f44c61441ec
X-GitHub-Event: push
X-GitHub-Hook-ID: 294937131
X-GitHub-Hook-Installation-Target-ID: 363207517
X-GitHub-Hook-Installation-Target-Type: repository
X-Hub-Signature: sha1=9c62a9ab96bfe7a0f9b0b511dd9346a8f5ad7e69
X-Hub-Signature-256: sha256=aaaa0a8550aba58490572b65f998950a242ac61e20f2e295f1c839f58e6b3a23
这是有效载荷:
{
"ref": "refs/heads/main","before": "0000000000000000000000000000000000000000","after": "3f07cfffce2cf13559f33f11561dc8ec139a33a9","repository": {
"id": 363207517,"node_id": "MDEwOlJlcG9zaXRvcnkzNjMyMDc1MTc=","name": "webhook-test","full_name": "me/webhook-test","private": false,"owner": {
"name": "me","email": "[email protected]","login": "me","id": 482183,"node_id": "MDQ6VXNlcjQ4MjE4Mw==","avatar_url": "https://avatars.githubusercontent.com/u/482183?v=4","gravatar_id": "","url": "https://api.github.com/users/me","html_url": "https://github.com/me","followers_url": "https://api.github.com/users/me/followers","following_url": "https://api.github.com/users/me/following{/other_user}","gists_url": "https://api.github.com/users/me/gists{/gist_id}","starred_url": "https://api.github.com/users/me/starred{/owner}{/repo}","subscriptions_url": "https://api.github.com/users/me/subscriptions","organizations_url": "https://api.github.com/users/me/orgs","repos_url": "https://api.github.com/users/me/repos","events_url": "https://api.github.com/users/me/events{/privacy}","received_events_url": "https://api.github.com/users/me/received_events","type": "User","site_admin": false
},"html_url": "https://github.com/me/webhook-test","description": null,"fork": false,"url": "https://github.com/me/webhook-test","forks_url": "https://api.github.com/repos/me/webhook-test/forks","keys_url": "https://api.github.com/repos/me/webhook-test/keys{/key_id}","collaborators_url": "https://api.github.com/repos/me/webhook-test/collaborators{/collaborator}","teams_url": "https://api.github.com/repos/me/webhook-test/teams","hooks_url": "https://api.github.com/repos/me/webhook-test/hooks","issue_events_url": "https://api.github.com/repos/me/webhook-test/issues/events{/number}","events_url": "https://api.github.com/repos/me/webhook-test/events","assignees_url": "https://api.github.com/repos/me/webhook-test/assignees{/user}","branches_url": "https://api.github.com/repos/me/webhook-test/branches{/branch}","tags_url": "https://api.github.com/repos/me/webhook-test/tags","blobs_url": "https://api.github.com/repos/me/webhook-test/git/blobs{/sha}","git_tags_url": "https://api.github.com/repos/me/webhook-test/git/tags{/sha}","git_refs_url": "https://api.github.com/repos/me/webhook-test/git/refs{/sha}","trees_url": "https://api.github.com/repos/me/webhook-test/git/trees{/sha}","statuses_url": "https://api.github.com/repos/me/webhook-test/statuses/{sha}","languages_url": "https://api.github.com/repos/me/webhook-test/languages","stargazers_url": "https://api.github.com/repos/me/webhook-test/stargazers","contributors_url": "https://api.github.com/repos/me/webhook-test/contributors","subscribers_url": "https://api.github.com/repos/me/webhook-test/subscribers","subscription_url": "https://api.github.com/repos/me/webhook-test/subscription","commits_url": "https://api.github.com/repos/me/webhook-test/commits{/sha}","git_commits_url": "https://api.github.com/repos/me/webhook-test/git/commits{/sha}","comments_url": "https://api.github.com/repos/me/webhook-test/comments{/number}","issue_comment_url": "https://api.github.com/repos/me/webhook-test/issues/comments{/number}","contents_url": "https://api.github.com/repos/me/webhook-test/contents/{+path}","compare_url": "https://api.github.com/repos/me/webhook-test/compare/{base}...{head}","merges_url": "https://api.github.com/repos/me/webhook-test/merges","archive_url": "https://api.github.com/repos/me/webhook-test/{archive_format}{/ref}","downloads_url": "https://api.github.com/repos/me/webhook-test/downloads","issues_url": "https://api.github.com/repos/me/webhook-test/issues{/number}","pulls_url": "https://api.github.com/repos/me/webhook-test/pulls{/number}","milestones_url": "https://api.github.com/repos/me/webhook-test/milestones{/number}","notifications_url": "https://api.github.com/repos/me/webhook-test/notifications{?since,all,participating}","labels_url": "https://api.github.com/repos/me/webhook-test/labels{/name}","releases_url": "https://api.github.com/repos/me/webhook-test/releases{/id}","deployments_url": "https://api.github.com/repos/me/webhook-test/deployments","created_at": 1619802247,"updated_at": "2021-04-30T17:04:07Z","pushed_at": 1619802340,"git_url": "git://github.com/me/webhook-test.git","ssh_url": "[email protected]: me/webhook-test.git","clone_url": "https://github.com/me/webhook-test.git","svn_url": "https://github.com/me/webhook-test","homepage": null,"size": 0,"stargazers_count": 0,"watchers_count": 0,"language": null,"has_issues": true,"has_projects": true,"has_downloads": true,"has_wiki": true,"has_pages": false,"forks_count": 0,"mirror_url": null,"archived": false,"disabled": false,"open_issues_count": 0,"license": null,"forks": 0,"open_issues": 0,"watchers": 0,"default_branch": "main","stargazers": 0,"master_branch": "main"
},"pusher": {
"name": "me","email": "[email protected]"
},"sender": {
"login": "me","site_admin": false
},"created": true,"deleted": false,"forced": false,"base_ref": null,"compare": "https://github.com/me/webhook-test/commit/3f07cfffce2c","commits": [
{
"id": "3f07cfffce2cf13559f33f11561dc8ec139a33a9","tree_id": "782748b547b6e62d246487abfa7210775795d58f","distinct": true,"message": "Create Readme.md","timestamp": "2021-04-30T13:05:40-04:00","url": "https://github.com/me/webhook-test/commit/3f07cfffce2cf13559f33f11561dc8ec139a33a9","author": {
"name": "me","email": "me","username": "me"
},"committer": {
"name": "GitHub","email": "nor[email protected]","username": "web-flow"
},"added": [
"Readme.md"
],"removed": [
],"modified": [
]
}
],"head_commit": {
"id": "3f07cfffce2cf13559f33f11561dc8ec139a33a9","author": {
"name": "me","username": "me"
},"committer": {
"name": "GitHub","username": "web-flow"
},"added": [
"Readme.md"
],"removed": [
],"modified": [
]
}
}
这是秘密1234567890
注意标题中的 sha 值:X-Hub-Signature-256: sha256=aaaa0a8550aba58490572b65f998950a242ac61e20f2e295f1c839f58e6b3a23
现在转到在线转换器,例如 https://dinochiesa.github.io/hmachash/index.html
使用完全相同的负载和秘密。你不会得到相同的 sha256 值。
我的猜测是因为 GitHub 使用的不是漂亮打印的 json 来进行 sha 计算。但是我已经尝试了许多格式的变化,但没有运气。
解决方法
暂无找到可以解决该程序问题的有效方法,小编努力寻找整理中!
如果你已经找到好的解决方法,欢迎将解决方案带上本链接一起发送给小编。
小编邮箱:dio#foxmail.com (将#修改为@)