@travi/hapi-github-webhooks NPM

hapi-github-webhooks

Description

An authentication strategy plugin for hapi for validating webhook requests from GitHub. This strategy validates the payload with the hmac-sha1 signature sent with the request.

This strategy is compatible with application/json webhook payloads.

The 'githubwebhook' scheme takes the following options:

secret - (required) the token configured for the webhook (never share or commit this to your project!)

Compatibility

>= v17: Use 2.x
<= v16: Use 1.x

Version 1.0

Example

There is an example server located in example/server.js. You can run this server with npm run example.

Usage

var hapi = require("hapi");
var githubWebhooksPlugin = require("hapi-github-webhooks");
var token = "SomeUnsharedSecretToken";
var server = new hapi.Server();

server.connection({
  host: host,
  port: port
});

server.register(githubWebhooksPlugin, function(err) {
  // Register github webhook auth strategy
  server.auth.strategy("githubwebhook", "githubwebhook", { secret: token });
  // Apply the strategy to the route that handles webhooks
  server.route([
    {
      method: "POST",
      path: "/webhooks/github",
      config: {
        auth: {
          strategies: ["githubwebhook"],
          payload: "required"
        }
      },
      handler: function(request, reply) {
        // request.payload is the validated payload from GitHub
        reply();
      }
    }
  ]);
});

hapi github api webhooks

boom buffer-equal-constant-time joi

@everything-registry/sub-chunk-931

4 years ago

5 years ago

6 years ago

6 years ago

6 years ago