swop/github-webhook-security-checker

This package is abandoned and no longer maintained. The author suggests using the swop/github-webhook package instead.

Library which deals with incoming GitHub web hooks requests (signature validation & payload parsing)

v3.1 2020-11-14 10:26 UTC

This package is not auto-updated.

Last update: 2022-02-01 13:03:03 UTC


README

Build Status

This library offers a set of tools which could become handy when dealing with GitHub web hook requests.

Installation

The recommended way to install this library is through Composer:

composer require "swop/github-webhook"

Usage

Payload signature checking

The SignatureValidator will verify if the incoming GitHub web hook request is correctly signed.

use Swop\GitHubWebHook\Security\SignatureValidator;

$validator = new SignatureValidator();

/** @var \Psr\Http\Message\ServerRequestInterface $request */
if ($validator->validate($request, 'secret')) {
    // Request is correctly signed
}

GitHub event object creation

The GitHubEventFactory can build GitHubEvent objects representing the GitHub event.

use Swop\GitHubWebHook\Event\GitHubEventFactory;

$factory = new GitHubEventFactory();

/** @var \Psr\Http\Message\ServerRequestInterface $request */
$gitHubEvent = $factory->buildFromRequest(RequestInterface $request);

$gitHubEvent->getType(); // Event type
$gitHubEvent->getPayload(); // Event deserialized payload

Contributing

See CONTRIBUTING file.

Original Credits

License

This library is released under the MIT license. See the complete license in the bundled LICENSE file.