Skip to content

Instantly share code, notes, and snippets.

@tknv
Forked from megawac/twisted-webhooks.py
Created February 8, 2020 02:24
Show Gist options
  • Save tknv/47172ade8e14ea5f3557741896aa043f to your computer and use it in GitHub Desktop.
Save tknv/47172ade8e14ea5f3557741896aa043f to your computer and use it in GitHub Desktop.
from twisted.internet import reactor
from twisted.web.server import Site
from twisted.web.resource import Resource
import json, hmac
from hashlib import sha1
from blinker import signal
class WebhookServer(Resource):
isLeaf = True
def __init__(self, secret=None):
"""
:param str secret: (optional) A value used to compute the `X-Hub-Signature` header
"""
self.secret = secret
def render_POST(self, request):
"""
Process the contents of a request (i.e. a post from GitHub's webhook service)
"""
content = request.content.read()
# The value of the `X-Hub-Signature` header of the request
# used to verify the identity and intent of the request.
signature = request.getHeader("X-Hub-Signature")
event = request.getHeader("X-GitHub-Event")
# Validate the signature if provided, following these guidelines:
# http://pubsubhubbub.googlecode.com/svn/trunk/pubsubhubbub-core-0.3.html#authednotify
if self.secret is not None:
hash = hmac.new(self.secret, content, sha1)
if hash.digest().encode("hex") != signature[5:]:
# TODO this should return a 200 response, regardless of failure to validate (by spec)
raise AuthenticationError("Could not identify the request's signature")
data = json.loads(content)
# Call listeners listening for the Webhook in a different thread
reactor.callInThread(signal(event), data)
return ""
def start(self, port):
factory = Site(self, resource)
reactor.listenTCP(port, factory)
reactor.run()
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment