Skip to content

Instantly share code, notes, and snippets.

@athoune
Last active Jun 2, 2020
Embed
What would you like to do?
aiohttp webhook for github
async def github_webhook(secret :str, request :web.Request) -> dict:
assert request.content_length < 1000000, "Request content too fat" # 1M
digest, signature = request.headers['X-HUB-SIGNATURE'].split("=", 1)
assert digest == "sha1", "Digest must be sha1" # use a whitelist
body = await request.content.read()
h = hmac.HMAC(bytes(secret, "UTF8"), msg=body, digestmod=digest)
assert h.hexdigest() == signature, "Bad signature"
return json.loads(body.decode('UTF8'))
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment