Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

GitHub POST to webhook receives 403 "Invalid signature" response #1

Open
exarkun opened this issue Oct 22, 2019 · 0 comments
Open

GitHub POST to webhook receives 403 "Invalid signature" response #1

exarkun opened this issue Oct 22, 2019 · 0 comments

Comments

@exarkun
Copy link

exarkun commented Oct 22, 2019

Expected Behavior

I expected GitHub to be able to sent events to codebot so codebot could announce them on IRC.

Actual Behavior

Codebot rejected GitHub's event with this response:

Connection: Keep-Alive
Content-Length: 17
Content-Type: text/html;charset=utf-8
Date: Tue, 22 Oct 2019 16:42:17 GMT
Server: WEBrick/1.3.1 (Ruby/2.3.1/2016-04-26)
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Xss-Protection: 1; mode=block

Invalid signature

and codebot posted nothing to IRC.

Steps to Reproduce

I set up a new bot using the README for guidance. Essentially like this:

codebot network create freenode --host chat.freenode.net --nick lafs-gh --secure
codebot network update freenode --sasl-username lafs-gh --sasl-password .... --disable-nickserv
codebot integration create tahoe-lafs -c freenode/#tahoe-lafs

I took the endpoint and secret from the integration create output and plugged them in to GitHub. After some fiddling to get codebot to bind to the right address, I clicked the redeliver button on the GitHub webhook page.

It says it sent this request:

Request URL: http:https://tahoe-lafs.org:4567/2d3eb4c6-352e-4248-910b-67be65135997
Request method: POST
content-type: application/x-www-form-urlencoded
Expect: 
User-Agent: GitHub-Hookshot/795f661
X-GitHub-Delivery: 5492af00-f4e8-11e9-8612-cfdd4bb694a6
X-GitHub-Event: ping
X-Hub-Signature: sha1=74417aef889550452a96b878dee85f744355ca59

{
  "zen": "Non-blocking is better than blocking.",
  "hook_id": 151245967,
  "hook": {
    "type": "Repository",
    "id": 151245967,
    "name": "web",
    "active": true,
    "events": [
      "*"
    ],
    "config": {
      "content_type": "form",
      "insecure_ssl": "0",
      "secret": "********",
      "url": "http:https://tahoe-lafs.org:4567/REDACTED_ENDPOINT"
    },
    "updated_at": "2019-10-22T16:23:50Z",
    "created_at": "2019-10-22T16:23:50Z",
    "url": "https://api.github.com/repos/tahoe-lafs/tahoe-lafs/hooks/151245967",
    "test_url": "https://api.github.com/repos/tahoe-lafs/tahoe-lafs/hooks/151245967/test",
    "ping_url": "https://api.github.com/repos/tahoe-lafs/tahoe-lafs/hooks/151245967/pings",
    "last_response": {
      "code": null,
      "status": "unused",
      "message": null
    }
  },
  "repository": {
    "id": 3007569,
    "node_id": "MDEwOlJlcG9zaXRvcnkzMDA3NTY5",
    "name": "tahoe-lafs",
    "full_name": "tahoe-lafs/tahoe-lafs",
    "private": false,
    "owner": {
      "login": "tahoe-lafs",
      "id": 1156454,
      "node_id": "MDEyOk9yZ2FuaXphdGlvbjExNTY0NTQ=",
      "avatar_url": "https://avatars1.githubusercontent.com/u/1156454?v=4",
      "gravatar_id": "",
      "url": "https://api.github.com/users/tahoe-lafs",
      "html_url": "https://github.com/tahoe-lafs",
      "followers_url": "https://api.github.com/users/tahoe-lafs/followers",
      "following_url": "https://api.github.com/users/tahoe-lafs/following{/other_user}",
      "gists_url": "https://api.github.com/users/tahoe-lafs/gists{/gist_id}",
      "starred_url": "https://api.github.com/users/tahoe-lafs/starred{/owner}{/repo}",
      "subscriptions_url": "https://api.github.com/users/tahoe-lafs/subscriptions",
      "organizations_url": "https://api.github.com/users/tahoe-lafs/orgs",
      "repos_url": "https://api.github.com/users/tahoe-lafs/repos",
      "events_url": "https://api.github.com/users/tahoe-lafs/events{/privacy}",
      "received_events_url": "https://api.github.com/users/tahoe-lafs/received_events",
      "type": "Organization",
      "site_admin": false
    },
    "html_url": "https://github.com/tahoe-lafs/tahoe-lafs",
    "description": "The Tahoe-LAFS decentralized secure filesystem.",
    "fork": false,
    "url": "https://api.github.com/repos/tahoe-lafs/tahoe-lafs",
    "forks_url": "https://api.github.com/repos/tahoe-lafs/tahoe-lafs/forks",
    "keys_url": "https://api.github.com/repos/tahoe-lafs/tahoe-lafs/keys{/key_id}",
    "collaborators_url": "https://api.github.com/repos/tahoe-lafs/tahoe-lafs/collaborators{/collaborator}",
    "teams_url": "https://api.github.com/repos/tahoe-lafs/tahoe-lafs/teams",
    "hooks_url": "https://api.github.com/repos/tahoe-lafs/tahoe-lafs/hooks",
    "issue_events_url": "https://api.github.com/repos/tahoe-lafs/tahoe-lafs/issues/events{/number}",
    "events_url": "https://api.github.com/repos/tahoe-lafs/tahoe-lafs/events",
    "assignees_url": "https://api.github.com/repos/tahoe-lafs/tahoe-lafs/assignees{/user}",
    "branches_url": "https://api.github.com/repos/tahoe-lafs/tahoe-lafs/branches{/branch}",
    "tags_url": "https://api.github.com/repos/tahoe-lafs/tahoe-lafs/tags",
    "blobs_url": "https://api.github.com/repos/tahoe-lafs/tahoe-lafs/git/blobs{/sha}",
    "git_tags_url": "https://api.github.com/repos/tahoe-lafs/tahoe-lafs/git/tags{/sha}",
    "git_refs_url": "https://api.github.com/repos/tahoe-lafs/tahoe-lafs/git/refs{/sha}",
    "trees_url": "https://api.github.com/repos/tahoe-lafs/tahoe-lafs/git/trees{/sha}",
    "statuses_url": "https://api.github.com/repos/tahoe-lafs/tahoe-lafs/statuses/{sha}",
    "languages_url": "https://api.github.com/repos/tahoe-lafs/tahoe-lafs/languages",
    "stargazers_url": "https://api.github.com/repos/tahoe-lafs/tahoe-lafs/stargazers",
    "contributors_url": "https://api.github.com/repos/tahoe-lafs/tahoe-lafs/contributors",
    "subscribers_url": "https://api.github.com/repos/tahoe-lafs/tahoe-lafs/subscribers",
    "subscription_url": "https://api.github.com/repos/tahoe-lafs/tahoe-lafs/subscription",
    "commits_url": "https://api.github.com/repos/tahoe-lafs/tahoe-lafs/commits{/sha}",
    "git_commits_url": "https://api.github.com/repos/tahoe-lafs/tahoe-lafs/git/commits{/sha}",
    "comments_url": "https://api.github.com/repos/tahoe-lafs/tahoe-lafs/comments{/number}",
    "issue_comment_url": "https://api.github.com/repos/tahoe-lafs/tahoe-lafs/issues/comments{/number}",
    "contents_url": "https://api.github.com/repos/tahoe-lafs/tahoe-lafs/contents/{+path}",
    "compare_url": "https://api.github.com/repos/tahoe-lafs/tahoe-lafs/compare/{base}...{head}",
    "merges_url": "https://api.github.com/repos/tahoe-lafs/tahoe-lafs/merges",
    "archive_url": "https://api.github.com/repos/tahoe-lafs/tahoe-lafs/{archive_format}{/ref}",
    "downloads_url": "https://api.github.com/repos/tahoe-lafs/tahoe-lafs/downloads",
    "issues_url": "https://api.github.com/repos/tahoe-lafs/tahoe-lafs/issues{/number}",
    "pulls_url": "https://api.github.com/repos/tahoe-lafs/tahoe-lafs/pulls{/number}",
    "milestones_url": "https://api.github.com/repos/tahoe-lafs/tahoe-lafs/milestones{/number}",
    "notifications_url": "https://api.github.com/repos/tahoe-lafs/tahoe-lafs/notifications{?since,all,participating}",
    "labels_url": "https://api.github.com/repos/tahoe-lafs/tahoe-lafs/labels{/name}",
    "releases_url": "https://api.github.com/repos/tahoe-lafs/tahoe-lafs/releases{/id}",
    "deployments_url": "https://api.github.com/repos/tahoe-lafs/tahoe-lafs/deployments",
    "created_at": "2011-12-18T19:33:55Z",
    "updated_at": "2019-10-22T15:00:34Z",
    "pushed_at": "2019-10-21T13:24:30Z",
    "git_url": "git:https://github.com/tahoe-lafs/tahoe-lafs.git",
    "ssh_url": "[email protected]:tahoe-lafs/tahoe-lafs.git",
    "clone_url": "https://github.com/tahoe-lafs/tahoe-lafs.git",
    "svn_url": "https://github.com/tahoe-lafs/tahoe-lafs",
    "homepage": "https://tahoe-lafs.org/",
    "size": 70991,
    "stargazers_count": 919,
    "watchers_count": 919,
    "language": "Python",
    "has_issues": false,
    "has_projects": false,
    "has_downloads": true,
    "has_wiki": false,
    "has_pages": false,
    "forks_count": 215,
    "mirror_url": null,
    "archived": false,
    "disabled": false,
    "open_issues_count": 18,
    "license": {
      "key": "other",
      "name": "Other",
      "spdx_id": "NOASSERTION",
      "url": null,
      "node_id": "MDc6TGljZW5zZTA="
    },
    "forks": 215,
    "open_issues": 18,
    "watchers": 919,
    "default_branch": "master"
  },
  "sender": {
    "login": "exarkun",
    "id": 254565,
    "node_id": "MDQ6VXNlcjI1NDU2NQ==",
    "avatar_url": "https://avatars1.githubusercontent.com/u/254565?v=4",
    "gravatar_id": "",
    "url": "https://api.github.com/users/exarkun",
    "html_url": "https://github.com/exarkun",
    "followers_url": "https://api.github.com/users/exarkun/followers",
    "following_url": "https://api.github.com/users/exarkun/following{/other_user}",
    "gists_url": "https://api.github.com/users/exarkun/gists{/gist_id}",
    "starred_url": "https://api.github.com/users/exarkun/starred{/owner}{/repo}",
    "subscriptions_url": "https://api.github.com/users/exarkun/subscriptions",
    "organizations_url": "https://api.github.com/users/exarkun/orgs",
    "repos_url": "https://api.github.com/users/exarkun/repos",
    "events_url": "https://api.github.com/users/exarkun/events{/privacy}",
    "received_events_url": "https://api.github.com/users/exarkun/received_events",
    "type": "User",
    "site_admin": false
  }
}

Ruby Version

ruby 2.3.1p112 (2016-04-26) [i386-linux-gnu]
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@exarkun