|
1 | 1 | import type { NextFunction, Request, Response } from 'express' |
2 | 2 | import { Unauthorized } from '@shared/backend' |
3 | | -import { env } from '@/config/env' |
4 | 3 | import { createHmac } from 'crypto' |
| 4 | +import { Env } from '@/config/env' |
| 5 | +import { Logger } from 'winston' |
5 | 6 |
|
6 | 7 | const TOLERANCE_MILLISECONDS = 5000 |
7 | | -export const isGateHubSignedWebhook = async ( |
8 | | - req: Request, |
9 | | - res: Response, |
10 | | - next: NextFunction |
11 | | -): Promise<void> => { |
12 | | - try { |
13 | | - if (!req.body.timestamp) { |
14 | | - // Respond with 200 on initial setup call |
15 | | - res.status(200).json() |
16 | | - return |
17 | | - } |
18 | | - |
19 | | - const body = JSON.stringify(req.body) |
20 | | - const key = Buffer.from(env.GATEHUB_WEBHOOK_SECRET, 'hex') |
21 | | - const messageBuffer = Buffer.from(body, 'utf-8') |
22 | | - |
23 | | - const requestSignature = createHmac('sha256', key) |
24 | | - .update(messageBuffer) |
25 | | - .digest('hex') |
26 | | - |
27 | | - const timeDiffMilliseconds = |
28 | | - new Date().getTime() - parseFloat(req.body.timestamp) |
29 | 8 |
|
30 | | - // Check the difference of the received and current timestamp based on your tolerance |
31 | | - const timestampIsValid = timeDiffMilliseconds < TOLERANCE_MILLISECONDS |
32 | | - const signatureIsValid = |
33 | | - requestSignature === req.headers['x-gh-webhook-signature'] |
34 | | - |
35 | | - const isSignatureValid = timestampIsValid && signatureIsValid |
36 | | - |
37 | | - if (!isSignatureValid) { |
38 | | - throw new Unauthorized('Invalid signature header') |
| 9 | +export const isGateHubSignedWebhook = (env: Env, logger: Logger) => { |
| 10 | + const verify = async ( |
| 11 | + req: Request, |
| 12 | + res: Response, |
| 13 | + next: NextFunction |
| 14 | + ): Promise<void> => { |
| 15 | + try { |
| 16 | + if (!req.body.timestamp) { |
| 17 | + // Respond with 200 on initial setup call |
| 18 | + res.status(200).json() |
| 19 | + return |
| 20 | + } |
| 21 | + |
| 22 | + const body = JSON.stringify(req.body) |
| 23 | + const key = Buffer.from(env.GATEHUB_WEBHOOK_SECRET, 'hex') |
| 24 | + const messageBuffer = Buffer.from(body, 'utf-8') |
| 25 | + |
| 26 | + const requestSignature = createHmac('sha256', key) |
| 27 | + .update(messageBuffer) |
| 28 | + .digest('hex') |
| 29 | + |
| 30 | + const timeDiffMilliseconds = |
| 31 | + new Date().getTime() - parseFloat(req.body.timestamp) |
| 32 | + const webhookSignature = req.headers['x-gh-webhook-signature'] |
| 33 | + |
| 34 | + // Check the difference of the received and current timestamp based on your tolerance |
| 35 | + const timestampIsValid = timeDiffMilliseconds < TOLERANCE_MILLISECONDS |
| 36 | + const signatureIsValid = requestSignature === webhookSignature |
| 37 | + |
| 38 | + const isSignatureValid = timestampIsValid && signatureIsValid |
| 39 | + |
| 40 | + if (!isSignatureValid) { |
| 41 | + logger.warn('GateHub invalid signature', { |
| 42 | + timestampIsValid, |
| 43 | + signatureIsValid, |
| 44 | + body, |
| 45 | + webhookSignature |
| 46 | + }) |
| 47 | + throw new Unauthorized('Invalid signature header') |
| 48 | + } |
| 49 | + } catch (e) { |
| 50 | + next(e) |
39 | 51 | } |
40 | | - } catch (e) { |
41 | | - next(e) |
| 52 | + |
| 53 | + next() |
42 | 54 | } |
43 | 55 |
|
44 | | - next() |
| 56 | + return verify |
45 | 57 | } |
0 commit comments