2

我的 GitHub 存储库中有一个网络钩子,每次有推送事件时都会触发它。假设推送事件 JSON 如下所示:

{
  "ref": "refs/heads/develop"
  "repository": {
    "id": 123456789,
    "name": "SweetSweetRepo"
  }
}

我向 GitHub webhook 提供了一个秘密,GitHub 在请求标头 web hook UI 中告诉我它创建了 abc123456 的 SHA256(例如)。

我正在尝试为 webhook 创建代理,但我无法自己创建此 SHA!我知道我的 SHA 函数有效,因为我在“hello world”等示例字符串上对其进行了测试,并检查了它们与在线转换器的对比。但我不明白我应该如何剥离、转义、字符串化或以其他方式格式化 GitHub JSON 有效负载,以便它为我提供所需的 SHA。

更新:

这是一个完整的例子。我创建了一个新的仓库。这是网络挂钩的链接,您可以自己查看。 https://github.com/fbomb111/webhook-test/settings/hooks/294937131

以下是 GitHub 标头:

Request URL: http://example.com:
Request method: POST
Accept: */*
content-type: application/json
User-Agent: GitHub-Hookshot/5465ee1
X-GitHub-Delivery: 4ae55e0e-a9d6-11eb-87d7-8f44c61441ec
X-GitHub-Event: push
X-GitHub-Hook-ID: 294937131
X-GitHub-Hook-Installation-Target-ID: 363207517
X-GitHub-Hook-Installation-Target-Type: repository
X-Hub-Signature: sha1=9c62a9ab96bfe7a0f9b0b511dd9346a8f5ad7e69
X-Hub-Signature-256: sha256=aaaa0a8550aba58490572b65f998950a242ac61e20f2e295f1c839f58e6b3a23

这是有效载荷:

{
  "ref": "refs/heads/main",
  "before": "0000000000000000000000000000000000000000",
  "after": "3f07cfffce2cf13559f33f11561dc8ec139a33a9",
  "repository": {
    "id": 363207517,
    "node_id": "MDEwOlJlcG9zaXRvcnkzNjMyMDc1MTc=",
    "name": "webhook-test",
    "full_name": "me/webhook-test",
    "private": false,
    "owner": {
      "name": "me",
      "email": "me@gmail.com",
      "login": "me",
      "id": 482183,
      "node_id": "MDQ6VXNlcjQ4MjE4Mw==",
      "avatar_url": "https://avatars.githubusercontent.com/u/482183?v=4",
      "gravatar_id": "",
      "url": "https://api.github.com/users/me",
      "html_url": "https://github.com/me",
      "followers_url": "https://api.github.com/users/me/followers",
      "following_url": "https://api.github.com/users/me/following{/other_user}",
      "gists_url": "https://api.github.com/users/me/gists{/gist_id}",
      "starred_url": "https://api.github.com/users/me/starred{/owner}{/repo}",
      "subscriptions_url": "https://api.github.com/users/me/subscriptions",
      "organizations_url": "https://api.github.com/users/me/orgs",
      "repos_url": "https://api.github.com/users/me/repos",
      "events_url": "https://api.github.com/users/me/events{/privacy}",
      "received_events_url": "https://api.github.com/users/me/received_events",
      "type": "User",
      "site_admin": false
    },
    "html_url": "https://github.com/me/webhook-test",
    "description": null,
    "fork": false,
    "url": "https://github.com/me/webhook-test",
    "forks_url": "https://api.github.com/repos/me/webhook-test/forks",
    "keys_url": "https://api.github.com/repos/me/webhook-test/keys{/key_id}",
    "collaborators_url": "https://api.github.com/repos/me/webhook-test/collaborators{/collaborator}",
    "teams_url": "https://api.github.com/repos/me/webhook-test/teams",
    "hooks_url": "https://api.github.com/repos/me/webhook-test/hooks",
    "issue_events_url": "https://api.github.com/repos/me/webhook-test/issues/events{/number}",
    "events_url": "https://api.github.com/repos/me/webhook-test/events",
    "assignees_url": "https://api.github.com/repos/me/webhook-test/assignees{/user}",
    "branches_url": "https://api.github.com/repos/me/webhook-test/branches{/branch}",
    "tags_url": "https://api.github.com/repos/me/webhook-test/tags",
    "blobs_url": "https://api.github.com/repos/me/webhook-test/git/blobs{/sha}",
    "git_tags_url": "https://api.github.com/repos/me/webhook-test/git/tags{/sha}",
    "git_refs_url": "https://api.github.com/repos/me/webhook-test/git/refs{/sha}",
    "trees_url": "https://api.github.com/repos/me/webhook-test/git/trees{/sha}",
    "statuses_url": "https://api.github.com/repos/me/webhook-test/statuses/{sha}",
    "languages_url": "https://api.github.com/repos/me/webhook-test/languages",
    "stargazers_url": "https://api.github.com/repos/me/webhook-test/stargazers",
    "contributors_url": "https://api.github.com/repos/me/webhook-test/contributors",
    "subscribers_url": "https://api.github.com/repos/me/webhook-test/subscribers",
    "subscription_url": "https://api.github.com/repos/me/webhook-test/subscription",
    "commits_url": "https://api.github.com/repos/me/webhook-test/commits{/sha}",
    "git_commits_url": "https://api.github.com/repos/me/webhook-test/git/commits{/sha}",
    "comments_url": "https://api.github.com/repos/me/webhook-test/comments{/number}",
    "issue_comment_url": "https://api.github.com/repos/me/webhook-test/issues/comments{/number}",
    "contents_url": "https://api.github.com/repos/me/webhook-test/contents/{+path}",
    "compare_url": "https://api.github.com/repos/me/webhook-test/compare/{base}...{head}",
    "merges_url": "https://api.github.com/repos/me/webhook-test/merges",
    "archive_url": "https://api.github.com/repos/me/webhook-test/{archive_format}{/ref}",
    "downloads_url": "https://api.github.com/repos/me/webhook-test/downloads",
    "issues_url": "https://api.github.com/repos/me/webhook-test/issues{/number}",
    "pulls_url": "https://api.github.com/repos/me/webhook-test/pulls{/number}",
    "milestones_url": "https://api.github.com/repos/me/webhook-test/milestones{/number}",
    "notifications_url": "https://api.github.com/repos/me/webhook-test/notifications{?since,all,participating}",
    "labels_url": "https://api.github.com/repos/me/webhook-test/labels{/name}",
    "releases_url": "https://api.github.com/repos/me/webhook-test/releases{/id}",
    "deployments_url": "https://api.github.com/repos/me/webhook-test/deployments",
    "created_at": 1619802247,
    "updated_at": "2021-04-30T17:04:07Z",
    "pushed_at": 1619802340,
    "git_url": "git://github.com/me/webhook-test.git",
    "ssh_url": "git@github.com: me/webhook-test.git",
    "clone_url": "https://github.com/me/webhook-test.git",
    "svn_url": "https://github.com/me/webhook-test",
    "homepage": null,
    "size": 0,
    "stargazers_count": 0,
    "watchers_count": 0,
    "language": null,
    "has_issues": true,
    "has_projects": true,
    "has_downloads": true,
    "has_wiki": true,
    "has_pages": false,
    "forks_count": 0,
    "mirror_url": null,
    "archived": false,
    "disabled": false,
    "open_issues_count": 0,
    "license": null,
    "forks": 0,
    "open_issues": 0,
    "watchers": 0,
    "default_branch": "main",
    "stargazers": 0,
    "master_branch": "main"
  },
  "pusher": {
    "name": "me",
    "email": "me@gmail.com"
  },
  "sender": {
    "login": "me",
    "id": 482183,
    "node_id": "MDQ6VXNlcjQ4MjE4Mw==",
    "avatar_url": "https://avatars.githubusercontent.com/u/482183?v=4",
    "gravatar_id": "",
    "url": "https://api.github.com/users/me",
    "html_url": "https://github.com/me",
    "followers_url": "https://api.github.com/users/me/followers",
    "following_url": "https://api.github.com/users/me/following{/other_user}",
    "gists_url": "https://api.github.com/users/me/gists{/gist_id}",
    "starred_url": "https://api.github.com/users/me/starred{/owner}{/repo}",
    "subscriptions_url": "https://api.github.com/users/me/subscriptions",
    "organizations_url": "https://api.github.com/users/me/orgs",
    "repos_url": "https://api.github.com/users/me/repos",
    "events_url": "https://api.github.com/users/me/events{/privacy}",
    "received_events_url": "https://api.github.com/users/me/received_events",
    "type": "User",
    "site_admin": false
  },
  "created": true,
  "deleted": false,
  "forced": false,
  "base_ref": null,
  "compare": "https://github.com/me/webhook-test/commit/3f07cfffce2c",
  "commits": [
    {
      "id": "3f07cfffce2cf13559f33f11561dc8ec139a33a9",
      "tree_id": "782748b547b6e62d246487abfa7210775795d58f",
      "distinct": true,
      "message": "Create Readme.md",
      "timestamp": "2021-04-30T13:05:40-04:00",
      "url": "https://github.com/me/webhook-test/commit/3f07cfffce2cf13559f33f11561dc8ec139a33a9",
      "author": {
        "name": "me",
        "email": "me",
        "username": "me"
      },
      "committer": {
        "name": "GitHub",
        "email": "noreply@github.com",
        "username": "web-flow"
      },
      "added": [
        "Readme.md"
      ],
      "removed": [

      ],
      "modified": [

      ]
    }
  ],
  "head_commit": {
    "id": "3f07cfffce2cf13559f33f11561dc8ec139a33a9",
    "tree_id": "782748b547b6e62d246487abfa7210775795d58f",
    "distinct": true,
    "message": "Create Readme.md",
    "timestamp": "2021-04-30T13:05:40-04:00",
    "url": "https://github.com/me/webhook-test/commit/3f07cfffce2cf13559f33f11561dc8ec139a33a9",
    "author": {
      "name": "me",
      "email": "me",
      "username": "me"
    },
    "committer": {
      "name": "GitHub",
      "email": "noreply@github.com",
      "username": "web-flow"
    },
    "added": [
      "Readme.md"
    ],
    "removed": [

    ],
    "modified": [

    ]
  }
}

这是秘密1234567890

注意标题中的 sha 值:X-Hub-Signature-256: sha256=aaaa0a8550aba58490572b65f998950a242ac61e20f2e295f1c839f58e6b3a23

现在去一个在线转换器,比如这个https://dinochiesa.github.io/hmachash/index.html

使用完全相同的有效负载和机密。你不会得到相同的 sha256 值。

我的猜测是因为 GitHub 使用的不是漂亮打印的 json 来进行 sha 计算。但是我已经尝试了许多这种格式可能没有运气的变体。

4

0 回答 0