mirror of
https://github.com/Luzifer/twitch-manager.git
synced 2024-12-20 20:01:18 +00:00
Make webhook secret configurable
Signed-off-by: Knut Ahlers <knut@ahlers.me>
This commit is contained in:
parent
e4800c921f
commit
fb116bb29a
2 changed files with 8 additions and 4 deletions
8
main.go
8
main.go
|
@ -28,11 +28,11 @@ var (
|
|||
TwitchToken string `flag:"twitch-token" default:"" description:"OAuth token valid for client"`
|
||||
UpdateFromAPIInterval time.Duration `flag:"update-from-api-interval" default:"10m" description:"How often to ask the API for real values"`
|
||||
VersionAndExit bool `flag:"version" default:"false" description:"Prints current version and exits"`
|
||||
WebHookSecret string `flag:"webhook-secret" default:"" description:"Secret to use for HMAC hashing of webhook payload"`
|
||||
WebHookTimeout time.Duration `flag:"webhook-timeout" default:"15m" description:"When to re-register the webhooks"`
|
||||
}{}
|
||||
|
||||
store *storage
|
||||
webhookSecret = uuid.Must(uuid.NewV4()).String()
|
||||
store *storage
|
||||
|
||||
version = "dev"
|
||||
)
|
||||
|
@ -53,6 +53,10 @@ func init() {
|
|||
} else {
|
||||
log.SetLevel(l)
|
||||
}
|
||||
|
||||
if cfg.WebHookSecret == "" {
|
||||
cfg.WebHookSecret = uuid.Must(uuid.NewV4()).String()
|
||||
}
|
||||
}
|
||||
|
||||
func main() {
|
||||
|
|
|
@ -54,7 +54,7 @@ func handleWebHookPush(w http.ResponseWriter, r *http.Request) {
|
|||
return
|
||||
}
|
||||
|
||||
mac := hmac.New(sha256.New, []byte(webhookSecret))
|
||||
mac := hmac.New(sha256.New, []byte(cfg.WebHookSecret))
|
||||
mac.Write(body.Bytes())
|
||||
if cSig := fmt.Sprintf("sha256=%x", mac.Sum(nil)); cSig != signature {
|
||||
log.Errorf("Got message signature %s, expected %s", signature, cSig)
|
||||
|
@ -173,7 +173,7 @@ func registerWebHooks() error {
|
|||
"hub.mode": "subscribe",
|
||||
"hub.topic": topic,
|
||||
"hub.lease_seconds": int64((cfg.WebHookTimeout + twitchRequestTimeout) / time.Second),
|
||||
"hub.secret": webhookSecret,
|
||||
"hub.secret": cfg.WebHookSecret,
|
||||
}); err != nil {
|
||||
return errors.Wrap(err, "assemble subscribe payload")
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue