The highest tagged major version is
Documentation
¶
Overview ¶
Package webhook verifies GitHub webhook deliveries.
GitHub signs each webhook delivery with HMAC-SHA256 over the raw request body using the secret configured on the webhook. This package verifies the X-Hub-Signature-256 header in constant time and exposes an http.Handler middleware for ergonomic integration.
See https://docs.github.com/en/webhooks/using-webhooks/validating-webhook-deliveries.
Index ¶
Constants ¶
const ( SignatureHeader = "X-Hub-Signature-256" EventHeader = "X-GitHub-Event" DeliveryHeader = "X-GitHub-Delivery" )
Header names GitHub sets on every webhook delivery.
const DefaultMaxPayloadSize int64 = 25 * 1024 * 1024
DefaultMaxPayloadSize matches GitHub's documented 25 MiB delivery cap.
Variables ¶
var ( ErrMissingSignature = errors.New("webhook: missing signature header") ErrInvalidSignatureFormat = errors.New("webhook: invalid signature format") ErrSignatureMismatch = errors.New("webhook: signature mismatch") )
Sentinel errors returned by Verify. Callers can branch with errors.Is.
Functions ¶
func Middleware ¶
Middleware returns net/http middleware that verifies the signature header against secret before invoking next. Failed verifications short-circuit with 401 Unauthorized; bodies larger than the configured cap return 413. The request body is restored for downstream handlers.
Types ¶
type MiddlewareOpt ¶
type MiddlewareOpt func(*middlewareConfig)
MiddlewareOpt configures Middleware.
func WithErrorHandler ¶
func WithErrorHandler(fn func(http.ResponseWriter, *http.Request, error)) MiddlewareOpt
WithErrorHandler overrides how verification failures are reported. The default writes 401 Unauthorized (or 413 for oversized bodies) with no body.
func WithMaxPayloadSize ¶
func WithMaxPayloadSize(n int64) MiddlewareOpt
WithMaxPayloadSize overrides the request body size cap. A non-positive value disables the cap, which is not recommended in production.
Source Files