Skip to content

Instantly share code, notes, and snippets.

@johandahlberg
Created June 23, 2016 17:16
Show Gist options
  • Save johandahlberg/2c5b947249d57c89c380f5ca29704d23 to your computer and use it in GitHub Desktop.
Save johandahlberg/2c5b947249d57c89c380f5ca29704d23 to your computer and use it in GitHub Desktop.
val verificationService = new SHA1VerificationService()
def withVerifiedPayload[A](action: Action[RawBuffer])= Action.async(parse.raw) { request =>
val xHubSignatureOption = request.headers.get("X-Hub-Signature")
Logger.debug("Attempting to verify payload signature.")
val verified =
for {
signature <- xHubSignatureOption
rawBody <- request.body.asBytes()
} yield {
val bodyBytes = rawBody.utf8String.getBytes
val incomingHash = signature.split("=").last
verificationService.verifyPayload(bodyBytes, incomingHash)
}
if(verified.getOrElse(false)) {
Logger.debug("Succeeded in verifying payload!")
action(request)
}
else {
Logger.warn("Could not verify the payload signature!")
Future { BadRequest("Bad signature!") }
}
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment