Skip to content

Instantly share code, notes, and snippets.

@morph027
Last active May 2, 2020 07:17
Show Gist options
  • Save morph027/ef6323ad8f22c744c8261811ab209159 to your computer and use it in GitHub Desktop.
Save morph027/ef6323ad8f22c744c8261811ab209159 to your computer and use it in GitHub Desktop.
#!/usr/bin/env python3
# pip install sanic
import codecs
import hashlib
import hmac
import os
import sys
from sanic import Sanic
from sanic.response import HTTPResponse
from sanic.log import logger
from ujson import dumps
app = Sanic(name='newreleases_hook')
@app.route('/', methods=['GET', 'POST'])
async def newreleases_hook(request):
if (request.body and request.headers.get('x-newreleases-signature')
and request.headers.get('x-newreleases-timestamp')):
msg = request.headers.get(
'x-newreleases-timestamp').encode() + b'.' + request.body
sig_computed = hmac.new(
config.get('newreleases', {}).get('secret').encode(),
msg=msg,
digestmod=hashlib.sha256).digest()
sig_received = codecs.decode(
request.headers.get('x-newreleases-signature'), 'hex')
if hmac.compare_digest(sig_received, sig_computed):
# alright, signature verified
# add your stuff right here
# and don't forget to return a sane response
return HTTPResponse(dumps({'success': True}),
status=200,
content_type='application/json')
return HTTPResponse(
dumps({'success': False}),
status=500,
content_type='application/json')
if __name__ == '__main__':
secret = os.environ.get('NEWRELEASES_IO_WEBHOOK_SECRET')
if not secret:
logger.error('NEWRELEASES_IO_WEBHOOK_SECRET unset')
sys.exit(1)
app.run(host='0.0.0.0', port=8000)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment