org.starchartlabs.calamari.core.webhook

Class WebhookVerifier

java.lang.Object

org.starchartlabs.calamari.core.webhook.WebhookVerifier

public class WebhookVerifier
extends java.lang.Object

Provides behavior to verify the source of a webhook event payload

Since:

0.1.0

Constructor Summary

Constructors

Constructor and Description
WebhookVerifier(java.util.function.Supplier<java.lang.String> secureTokenLookup)

Method Summary

Modifier and Type	Method and Description
boolean	isPayloadLegitimate(java.lang.String securityKey, java.lang.String payload) Determines if a payload was sent by GitHub via an agreed-upon token and hashing strategy

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

WebhookVerifier

public WebhookVerifier(java.util.function.Supplier<java.lang.String> secureTokenLookup)

Parameters:

secureTokenLookup - Supplier which provides an agreed-upon secret key for verifying GitHub payloads

Since:

0.1.0

Method Detail

isPayloadLegitimate

public boolean isPayloadLegitimate(@Nullable
                                   java.lang.String securityKey,
                                   java.lang.String payload)

Determines if a payload was sent by GitHub via an agreed-upon token and hashing strategy

Parameters:

securityKey - The header provided with the event with the hash to verify

payload - The payload that was sent with the header

Returns:

True if the payload was verified as sent by GitHub, false otherwise

Since:

0.1.0