const https = require('https')
const crypto = require('crypto')
const config = require('./config');
/**
* Validate Bitbucket webhook source using User-Agent header
* @param {object} event
*/
module.exports.bitbucketWebhook = (event) => {
// Return a promise for the promise chain
return new Promise(
(resolve, reject) => {
// Ensure the body exists
if (!event.body) {
reject(new Error('Event has no body.'))
return
}
// Ensure the headers contain a User-Agent
if (!event.headers['User-Agent']) {
reject(new Error('Missing User-Agent header.'))
return
}
// Ensure webhook is coming from bitbucket
if (event.headers['User-Agent'].indexOf('Bitbucket-Webhooks') === 0) {
resolve(event)
} else {
reject(new Error('Invalid User-Agent header'))
}
}
)
}
/**
* Validate github webhooks
*/
module.exports.githubWebhook = (event) => {
// Return a promise for the promise chain
return new Promise(
(resolve, reject) => {
// Ensure the body exists
if (!event.body) {
reject(new Error('Event has no body.'))
return
}
// Ensure the headers contain a Signature
if (!event.headers['x-hub-signature'] && !event.headers['X-Hub-Signature']) {
reject(new Error('Missing signature header.'))
return;
}
const signatureHeader = event.headers['x-hub-signature'] || event.headers['X-Hub-Signature']
const signatureParts = signatureHeader.split('=')
if (signatureParts.length !== 2) {
reject(new Error('Unknown signature header format.'))
return
}
const signatureAlgorithm = signatureParts[0]
const signatureReceived = signatureParts[1]
const signatureComputed = crypto.createHmac(signatureAlgorithm, event.service.github.secret).update(event.body).digest('hex')
if (signatureComputed === signatureReceived) {
resolve(event)
} else {
reject(new Error('Invalid github signature.'))
}
}
)
}
/**
* Validate Slack slash command events
*/
module.exports.slackCommand = (event) => {
// Return a promise for the promise chain
return new Promise(
(resolve, reject) => {
// Ensure the body has been parsed
if (!event.parsed.body) {
reject(new Error('No body has been parsed.'))
return
}
// Ensure the parsed body contains a token
if (!event.parsed.body.token) {
reject(new Error('Missing token in parsed body.'))
return
}
// Compare the parsed body token to the token in the config
if (event.parsed.body.token === event.service.slack.token) {
// Resolve if tokens match!
resolve(event)
} else {
// Reject if tokens do not match
reject(new Error('Invalid slack verification token.'))
}
}
)
}
/**
* Validate Slack response events
*/
module.exports.slackResponse = (event) => {
// Return a promise for the promise chain
return new Promise(
(resolve, reject) => {
// Ensure the payload has been parsed
if (!event.parsed.payload) {
reject(new Error('No payload has been parsed.'))
return
}
// Ensure the parsed payload contains a token
if (!event.parsed.payload.token) {
reject(new Error('Missing token in parsed payload.'))
return
}
// Compare the parsed payload token to the token in the config
if (event.parsed.payload.token === event.service.slack.token) {
// Resolve if tokens match!
resolve(event)
} else {
// Reject if tokens do not match
reject(new Error('Invalid slack verification token.'))
}
}
)
}