...
Finishing the GitHub Provider
Updating the Match Script
We left our GitHub Provider script simply returning true. Its time to finish the script so it correctly matches GitHub messages. Navigate back to your GitHub Provider and update the script to the following:
| Code Block | ||||||
|---|---|---|---|---|---|---|
| ||||||
// perform checks and functions to ensure an incoming message is valid and matches this provider
LOG.fine("Evaluating GitHub for incoming message");
def match = false;
// validating based on GitHub secret
if (HTTP_HEADERS['user-agent'] && HTTP_HEADERS['user-agent'].toLowerCase().contains('github-hookshot'))
{
//generate hmac string, be sure to replace with your github secret
def HMAC_RESULT = HMAC.generateHmacSHA1(FLX_PRISTINE_PAYLOAD, 'abc123');
def RECEIVED_HMAC = HTTP_HEADERS['x-hub-signature'];
match = RECEIVED_HMAC && RECEIVED_HMAC.contains(HMAC_RESULT);
}
LOG.fine("GitHub provider is a match: ${match}");
return match; |
Setting the GitHub Secret
We are going to make use of GitHub's Secret which makes use of Hmac encryptions. As you can see from the script above I used secret 'abc123', but you can use whatever you wish.
| Info | ||
|---|---|---|
| ||
Providers also can also have secured properties associated with them. Normally this would be used instead of putting the secret in plain text in our script as seen here. |
Final Validation
Lastly lets push one more time and validate everything is still working.
...