Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More →
hapi-gitlab-webhooks
Advanced tools
hapi-gitlab-webhooks - npm Package Compare versions
Comparing version 1.0.2 to 1.1.0
@@ -5,2 +5,5 @@ # Change Log | ||
| ## 1.1.0 - 2018-01-31 | ||
| - Migrate hapi 16.x to 17.x | ||
| ## 1.0.2 - 2018-01-31 | ||
@@ -7,0 +10,0 @@ - Update peer dependencies |
@@ -17,21 +17,9 @@ 'use strict'; | ||
| /** | ||
| * Register plugin | ||
| * | ||
| * @param server | ||
| * @param options | ||
| * @param next | ||
| * @returns {*} | ||
| */ | ||
| var register = function register(server, options, next) { | ||
| server.auth.scheme('gitlabwebhook', internals.implementation); | ||
| next(); | ||
| exports.plugin = { | ||
| pkg: pkg, | ||
| register: function register(server, options) { | ||
| server.auth.scheme('gitlabwebhook', internals.implementation); | ||
| } | ||
| }; | ||
| register.attributes = { | ||
| pkg: pkg | ||
| }; | ||
| exports.register = register; | ||
| internals.implementation = function (server, options) { | ||
@@ -44,21 +32,21 @@ var optionsValidation = validators.options.validate(options); | ||
| return { | ||
| authenticate: function authenticate(request, reply) { | ||
| authenticate: function authenticate(request, h) { | ||
| if (!request.headers[WEBHOOK_SIGNATURE_HEADER]) { | ||
| return reply(invalidSignature); | ||
| return invalidSignature; | ||
| } | ||
| var headerValidation = joi.validate(request.headers[WEBHOOK_SIGNATURE_HEADER], validators.header); | ||
| if (headerValidation.error !== null) { | ||
| return reply(invalidSignature); | ||
| return invalidSignature; | ||
| } | ||
| reply.continue({ credentials: WEBHOOK_SIGNATURE_HEADER }); | ||
| return h.authenticated({ credentials: WEBHOOK_SIGNATURE_HEADER }); | ||
| }, | ||
| payload: function payload(request, reply) { | ||
| payload: function payload(request, h) { | ||
| var body = JSON.stringify(request.payload); | ||
| var valid = options.secret === request.headers[WEBHOOK_SIGNATURE_HEADER]; | ||
| if (valid) { | ||
| return reply.continue(); | ||
| return h.continue; | ||
| } | ||
| reply(invalidSignature); | ||
| return invalidSignature; | ||
| } | ||
| }; | ||
| }; |
@@ -6,41 +6,46 @@ const Hapi = require('hapi'); | ||
| const secret = process.env.SECRET || 'RandomSecretToken'; // Never Share This! | ||
| const server = new Hapi.Server(); | ||
| server.connection({ | ||
| host: host, | ||
| port: port | ||
| }); | ||
| async function example() { | ||
| const server = new Hapi.Server({ | ||
| host: host, | ||
| port: port | ||
| }); | ||
| try { | ||
| await server.register(hapiGitlabWebhook) | ||
| } catch (err) { | ||
| throw err; | ||
| } | ||
| server.register(hapiGitlabWebhook, function (err) { | ||
| if(err){ | ||
| console.log(err); | ||
| } | ||
| // see: http://hapijs.com/api#serverauthschemename-scheme | ||
| server.auth.strategy('gitlabwebhook', 'gitlabwebhook', { secret: secret}); | ||
| // see: http://hapijs.com/api#serverauthschemename-scheme | ||
| server.auth.strategy('gitlabwebhook', 'gitlabwebhook', { secret: secret }); | ||
| server.route([ | ||
| { | ||
| method: 'GET', path: '/', config: {}, | ||
| handler: function(request, reply) { | ||
| reply('ok'); | ||
| } | ||
| }, | ||
| { | ||
| method: 'POST', | ||
| path: '/webhooks/gitlab', | ||
| config: { | ||
| auth: { | ||
| strategies: ["gitlabwebhook"], | ||
| payload: 'required' | ||
| } | ||
| }, | ||
| handler: function(request, reply) { | ||
| reply(); | ||
| } | ||
| } | ||
| ]); | ||
| }); | ||
| server.route([ | ||
| { | ||
| method: 'GET', path: '/', config: {}, | ||
| handler: function(request, h) { | ||
| return 'ok'; | ||
| } | ||
| }, | ||
| { | ||
| method: 'POST', | ||
| path: '/webhooks/gitlab', | ||
| config: { | ||
| auth: { | ||
| strategies: ["gitlabwebhook"], | ||
| payload: 'required' | ||
| } | ||
| }, | ||
| handler: () => null | ||
| } | ||
| ]); | ||
| server.start(function () { | ||
| console.log('Server running at:', server.info.uri); | ||
| }); | ||
| try { | ||
| await server.start(); | ||
| } | ||
| catch (err) { | ||
| console.log(err); | ||
| } | ||
| console.log('Server running at:', server.info.uri); | ||
| } | ||
| example(); |
| { | ||
| "name": "hapi-gitlab-webhooks", | ||
| "version": "1.0.2", | ||
| "version": "1.1.0", | ||
| "description": "A Hapi plugin for receiving requests from the GitLab webhooks API.", | ||
@@ -31,3 +31,3 @@ "keywords": [ | ||
| "peerDependencies": { | ||
| "hapi": ">=16.x.x" | ||
| "hapi": ">=17.x.x" | ||
| }, | ||
@@ -38,3 +38,3 @@ "devDependencies": { | ||
| "chai": "4.1.2", | ||
| "hapi": "16.6.2", | ||
| "hapi": "17.2.0", | ||
| "mocha": "5.0.0" | ||
@@ -41,0 +41,0 @@ }, |
| # hapi-gitlab-webhooks | ||
| Github version here: [node-github-webhook](https://github.com/mhazy/hapi-github-webhooks). | ||
| Github version here: [hapi-github-webhooks](https://github.com/mhazy/hapi-github-webhooks). | ||
@@ -19,2 +19,7 @@ | ||
| ## Version | ||
| 1.1.X: compatible HAPI 17.x.x | ||
| 1.0.X: compatible HAPI 16.x.x | ||
| ## Usage | ||
@@ -25,5 +30,3 @@ ```javascript | ||
| var token = 'SomeUnsharedSecretToken'; | ||
| var server = new hapi.Server(); | ||
| server.connection({ | ||
| var server = new hapi.Server({ | ||
| host: host, | ||
@@ -33,23 +36,24 @@ port: port | ||
| server.register(gitlabWebhooksPlugin, function (err) { | ||
| // Register gitlab webhook auth strategy | ||
| server.auth.strategy('gitlabwebhook', 'gitlabwebhook', { secret: token}); | ||
| // Apply the strategy to the route that handles webhooks | ||
| server.route([ | ||
| { | ||
| method: 'POST', | ||
| path: '/webhooks/gitlab', | ||
| config: { | ||
| auth: { | ||
| strategies: ['gitlabwebhook'], | ||
| payload: 'required' | ||
| } | ||
| }, | ||
| handler: function(request, reply) { | ||
| // request.payload is the validated payload from Gitlab | ||
| reply(); | ||
| } | ||
| } | ||
| ]); | ||
| }); | ||
| try { | ||
| await server.register(hapiGitlabWebhook) | ||
| } catch (err) { | ||
| throw err; | ||
| } | ||
| // Register gitlab webhook auth strategy | ||
| server.auth.strategy('gitlabwebhook', 'gitlabwebhook', { secret: token }); | ||
| // Apply the strategy to the route that handles webhooks | ||
| server.route([ | ||
| { | ||
| method: 'POST', | ||
| path: '/webhooks/gitlab', | ||
| config: { | ||
| auth: { | ||
| strategies: ['gitlabwebhook'], | ||
| payload: 'required' | ||
| } | ||
| }, | ||
| handler: () => null | ||
| } | ||
| ]); | ||
| ``` | ||
@@ -56,0 +60,0 @@ |
@@ -10,28 +10,26 @@ const Hapi = require('hapi'); | ||
| */ | ||
| const createServer = (secret) => { | ||
| const createServer = async(secret) => { | ||
| const server = new Hapi.Server({ debug: false }); | ||
| server.connection(); | ||
| server.register(hapiGitlabWebhook, function (err) { | ||
| if (err) { | ||
| throw err; | ||
| try { | ||
| await server.register(hapiGitlabWebhook); | ||
| } catch (err) { | ||
| throw err; | ||
| } | ||
| // Add the scheme and apply it to the URL | ||
| server.auth.strategy('gitlabwebhook', 'gitlabwebhook', { secret: secret}); | ||
| server.route([ | ||
| { | ||
| method: 'POST', | ||
| path: '/webhooks/gitlab', | ||
| config: { | ||
| auth: { | ||
| strategies: ["gitlabwebhook"], | ||
| payload: 'required' | ||
| } | ||
| }, | ||
| handler: () => null | ||
| } | ||
| // Add the scheme and apply it to the URL | ||
| server.auth.strategy('gitlabwebhook', 'gitlabwebhook', { secret: secret}); | ||
| server.route([ | ||
| { | ||
| method: 'POST', | ||
| path: '/webhooks/gitlab', | ||
| config: { | ||
| auth: { | ||
| strategies: ["gitlabwebhook"], | ||
| payload: 'required' | ||
| } | ||
| }, | ||
| handler: function(request, reply) { | ||
| reply(); | ||
| } | ||
| } | ||
| ]); | ||
| }); | ||
| ]); | ||
@@ -38,0 +36,0 @@ return server; |
@@ -8,6 +8,6 @@ const expect = require('chai').expect; | ||
| describe('gitlab webhook handler', () => { | ||
| before(() => { | ||
| testServer = server.createServer(secret); | ||
| before(async() => { | ||
| testServer = await server.createServer(secret); | ||
| }); | ||
| it('should be unauthorized when signature header is missing', (done) => { | ||
| it('should be unauthorized when signature header is missing', async() => { | ||
| const options = { | ||
@@ -17,9 +17,9 @@ method: "POST", | ||
| }; | ||
| testServer.inject(options, function(response) { | ||
| expect(response.statusCode).to.equal(401, 'server responded with 401'); | ||
| expect(response.result.message).to.equal('Invalid signature'); | ||
| done(); | ||
| }); | ||
| const response = await testServer.inject(options); | ||
| expect(response.statusCode).to.equal(401, 'server responded with 401'); | ||
| expect(response.result.message).to.equal('Invalid signature'); | ||
| }); | ||
| it('should be unauthorized when signature is not valid', (done) => { | ||
| it('should be unauthorized when signature is not valid', async() => { | ||
| const options = { | ||
@@ -32,9 +32,8 @@ method: "POST", | ||
| }; | ||
| testServer.inject(options, function(response) { | ||
| expect(response.statusCode).to.equal(401, 'server responded with 401'); | ||
| expect(response.result.message).to.equal('Invalid signature'); | ||
| done(); | ||
| }); | ||
| const response = await testServer.inject(options); | ||
| expect(response.statusCode).to.equal(401, 'server responded with 401'); | ||
| expect(response.result.message).to.equal('Invalid signature'); | ||
| }); | ||
| it('should return a status of 200 if the signature is valid', (done) => { | ||
| it('should return a status of 200 if the signature is valid', async() => { | ||
| const payload = JSON.stringify({ | ||
@@ -53,7 +52,14 @@ message: 'This message is valid!' | ||
| testServer.inject(options, function(response) { | ||
| expect(response.statusCode).to.equal(200, 'server responded with non-200 response'); | ||
| done(); | ||
| }); | ||
| const response = await testServer.inject(options); | ||
| expect(response.statusCode).to.equal(200, 'server responded with non-200 response'); | ||
| }); | ||
| }); | ||
| function sleep(time, callback) { | ||
| var stop = new Date().getTime(); | ||
| while(new Date().getTime() < stop + time) { | ||
| ; | ||
| } | ||
| callback(); | ||
| } |
New alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Fixed alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Improved metrics
- Number of lines in readme file
- increased by6.25%
68
Worsened metrics
- Total package byte prevSize
- decreased by-2.6%
10733
- Lines of code
- decreased by-4.35%
176
No dependency changes