Breaks up public API (#6)

rjz · rjz · commit 424280528717 · 2016-08-04T19:33:28.000-07:00
Separating `Parse` into separate `New` and `SignedBy` methods will allow
consumers to provisionally extract hook content from an HTTP request
(via `New`) before verifyingt that the hook signature meets
expectations.
diff --git a/githubhook.go b/githubhook.go
@@ -10,37 +10,38 @@ import (
 	"strings"
 )
 
+// Hook describes an inbound github webhook
 type Hook struct {
 	Signature string
 	Event     string
 	Id        string
 	Payload   []byte
 }
 
+const signaturePrefix = "sha1="
+const signatureLength = 45 // len(SignaturePrefix) + len(hex(sha1))
+
 func signBody(secret, body []byte) []byte {
 	computed := hmac.New(sha1.New, secret)
 	computed.Write(body)
 	return []byte(computed.Sum(nil))
 }
 
-func verifySignature(secret []byte, signature string, body []byte) bool {
-
-	const signaturePrefix = "sha1="
-	const signatureLength = 45 // len(SignaturePrefix) + len(hex(sha1))
-
-	if len(signature) != signatureLength || !strings.HasPrefix(signature, signaturePrefix) {
+// SignedBy checks that the provided secret matches the hook Signature
+func (h *Hook) SignedBy(secret []byte) bool {
+	if len(h.Signature) != signatureLength || !strings.HasPrefix(h.Signature, signaturePrefix) {
 		return false
 	}
 
 	actual := make([]byte, 20)
-	hex.Decode(actual, []byte(signature[5:]))
+	hex.Decode(actual, []byte(h.Signature[5:]))
 
-	return hmac.Equal(signBody(secret, body), actual)
+	return hmac.Equal(signBody(secret, h.Payload), actual)
 }
 
-func Parse(secret []byte, req *http.Request) (*Hook, error) {
-	hook := Hook{}
-
+// New extracts a Hook from an incoming http.Request
+func New(req *http.Request) (hook *Hook, err error) {
+	hook = new(Hook)
 	if !strings.EqualFold(req.Method, "POST") {
 		return nil, errors.New("Unknown method!")
 	}
@@ -57,17 +58,15 @@ func Parse(secret []byte, req *http.Request) (*Hook, error) {
 		return nil, errors.New("No event Id!")
 	}
 
-	body, err := ioutil.ReadAll(req.Body)
-
-	if err != nil {
-		return nil, err
-	}
+	hook.Payload, err = ioutil.ReadAll(req.Body)
+	return
+}
 
-	if !verifySignature(secret, hook.Signature, body) {
-		return nil, errors.New("Invalid signature")
+// Parse extracts and verifies a hook against a secret
+func Parse(secret []byte, req *http.Request) (hook *Hook, err error) {
+	hook, err = New(req)
+	if err == nil && !hook.SignedBy(secret) {
+		err = errors.New("Invalid signature")
 	}
-
-	hook.Payload = body
-
-	return &hook, nil
+	return
 }
diff --git a/githubhook_test.go b/githubhook_test.go
@@ -18,6 +18,11 @@ func expectErrorMessage(t *testing.T, msg string, err error) {
 	}
 }
 
+func expectNewError(t *testing.T, msg string, r *http.Request) {
+	_, err := New(r)
+	expectErrorMessage(t, msg, err)
+}
+
 func expectParseError(t *testing.T, msg string, r *http.Request) {
 	_, err := Parse([]byte(testSecret), r)
 	expectErrorMessage(t, msg, err)
@@ -33,25 +38,25 @@ func signature(body string) string {
 
 func TestNonPost(t *testing.T) {
 	r, _ := http.NewRequest("GET", "/path", nil)
-	expectParseError(t, "Unknown method!", r)
+	expectNewError(t, "Unknown method!", r)
 }
 
 func TestMissingSignature(t *testing.T) {
 	r, _ := http.NewRequest("POST", "/path", nil)
-	expectParseError(t, "No signature!", r)
+	expectNewError(t, "No signature!", r)
 }
 
 func TestMissingEvent(t *testing.T) {
 	r, _ := http.NewRequest("POST", "/path", nil)
 	r.Header.Add("x-hub-signature", "bogus signature")
-	expectParseError(t, "No event!", r)
+	expectNewError(t, "No event!", r)
 }
 
 func TestMissingEventId(t *testing.T) {
 	r, _ := http.NewRequest("POST", "/path", nil)
 	r.Header.Add("x-hub-signature", "bogus signature")
 	r.Header.Add("x-github-event", "bogus event")
-	expectParseError(t, "No event Id!", r)
+	expectNewError(t, "No event Id!", r)
 }
 
 func TestInvalidSignature(t *testing.T) {
