swop / github-webhook-security-checker
This package is abandoned and no longer maintained.
The author suggests using the swop/github-webhook package instead.
Library which deals with incoming GitHub web hooks requests (signature validation & payload parsing)
v3.1
2020-11-14 10:26 UTC
Requires
- php: ^7.2|^8.0
- ext-json: *
- psr/http-message: ^1.0
Requires (Dev)
- laminas/laminas-diactoros: ^2.4
- phpunit/phpunit: ^8.0
This package is not auto-updated.
Last update: 2022-02-01 13:03:03 UTC
README
This library offers a set of tools which could become handy when dealing with GitHub web hook requests.
Installation
The recommended way to install this library is through Composer:
composer require "swop/github-webhook"
Usage
Payload signature checking
The SignatureValidator
will verify if the incoming GitHub web hook request is correctly signed.
use Swop\GitHubWebHook\Security\SignatureValidator; $validator = new SignatureValidator(); /** @var \Psr\Http\Message\ServerRequestInterface $request */ if ($validator->validate($request, 'secret')) { // Request is correctly signed }
GitHub event object creation
The GitHubEventFactory
can build GitHubEvent objects representing the GitHub event.
use Swop\GitHubWebHook\Event\GitHubEventFactory; $factory = new GitHubEventFactory(); /** @var \Psr\Http\Message\ServerRequestInterface $request */ $gitHubEvent = $factory->buildFromRequest(RequestInterface $request); $gitHubEvent->getType(); // Event type $gitHubEvent->getPayload(); // Event deserialized payload
Contributing
See CONTRIBUTING file.
Original Credits
- Sylvain MAUDUIT (@Swop) as main author.
License
This library is released under the MIT license. See the complete license in the bundled LICENSE file.