tower_github_webhook/
service.rs

1use crate::future::Future;
2use bytes::Bytes;
3use hmac::{Hmac, Mac};
4use http::{Request, Response};
5use http_body::Body;
6use http_body_util::{Either, Empty, Full};
7use sha2::Sha256;
8use std::task::{Context, Poll};
9use tower_service::Service;
10
11/// Middleware that authorizes all requests using the X-Hub-Signature-256 header.
12#[derive(Clone)]
13pub struct ValidateGitHubWebhook<S> {
14    inner: S,
15    hmac: Hmac<Sha256>,
16}
17
18impl<S> ValidateGitHubWebhook<S> {
19    pub fn new(webhook_secret: impl AsRef<[u8]>, inner: S) -> Self {
20        let hmac = Hmac::<Sha256>::new_from_slice(webhook_secret.as_ref())
21            .expect("Failed to parse webhook_secret");
22        Self { inner, hmac }
23    }
24}
25
26impl<S, ReqBody, ResBody> Service<Request<ReqBody>> for ValidateGitHubWebhook<S>
27where
28    S: Service<Request<Full<Bytes>>, Response = Response<ResBody>> + Clone,
29    ReqBody: Body,
30{
31    type Response = Response<Either<ResBody, Empty<Bytes>>>;
32    type Error = S::Error;
33    type Future = Future<S, ReqBody, ResBody>;
34
35    fn poll_ready(&mut self, cx: &mut Context<'_>) -> Poll<Result<(), S::Error>> {
36        self.inner.poll_ready(cx)
37    }
38
39    fn call(&mut self, req: Request<ReqBody>) -> Self::Future {
40        let inner = self.inner.clone();
41        let hmac = self.hmac.clone();
42        Future::new(req, hmac, inner)
43    }
44}
tower_github_webhook/service.rs

tower_github_webhook/
service.rs
