New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Can't verify webhook signature #4233
Comments
Hi, does Can you provide:
So I can try to diagnose possible problems. |
Hi again ! Key used (don't worry it was only for test purposes)
Signature
Result of verify_webhookValue is false. Payload{
"ref": "refs/heads/master",
"before": "fd9375523bf5fac258594ddfa790c09b1af44951",
"after": "68885af8c4e894ea05889e854486f022b6cb3fb2",
"compare_url": "https://git.heavydev.fr/Treeminder/portal/compare/fd9375523bf5fac258594ddfa790c09b1af44951...68885af8c4e894ea05889e854486f022b6cb3fb2",
"commits": [
{
"id": "68885af8c4e894ea05889e854486f022b6cb3fb2",
"message": "User auth enabled\n",
"url": "https://git.heavydev.fr/Treeminder/portal/commit/68885af8c4e894ea05889e854486f022b6cb3fb2",
"author": {
"name": "Etienne Fachaux",
"email": "etienne@fachaux.fr",
"username": "etienne.fachaux"
},
"committer": {
"name": "Etienne Fachaux",
"email": "etienne@fachaux.fr",
"username": "etienne.fachaux"
},
"timestamp": "2017-03-03T21:20:26Z"
}
],
"repository": {
"id": 49,
"owner": {
"id": 29,
"login": "Treeminder",
"full_name": "Treeminder",
"email": "",
"avatar_url": "https://git.heavydev.fr/avatars/29",
"username": "Treeminder"
},
"name": "portal",
"full_name": "Treeminder/portal",
"description": "Portail captif permettant aux utilisateurs de Treeminder de s'authentifier sur les points d'accès wifi.",
"private": true,
"fork": false,
"html_url": "https://git.heavydev.fr/Treeminder/portal",
"ssh_url": "git@git.heavydev.fr:Treeminder/portal.git",
"clone_url": "https://git.heavydev.fr/Treeminder/portal.git",
"website": "",
"stars_count": 0,
"forks_count": 0,
"watchers_count": 2,
"open_issues_count": 0,
"default_branch": "master",
"created_at": "2017-03-01T19:41:25Z",
"updated_at": "2017-03-03T18:57:59Z"
},
"pusher": {
"id": 1,
"login": "etienne.fachaux",
"full_name": "Etienne Fachaux",
"email": "etienne@fachaux.fr",
"avatar_url": "https://git.heavydev.fr/avatars/1",
"username": "etienne.fachaux"
},
"sender": {
"id": 1,
"login": "etienne.fachaux",
"full_name": "Etienne Fachaux",
"email": "etienne@fachaux.fr",
"avatar_url": "https://git.heavydev.fr/avatars/1",
"username": "etienne.fachaux"
}
} MoreThanks for your feedback ! |
Hi, if I use http://beautifytools.com/hmac-generator.php to generate hex digest from given payload and secret, I get the same value as Gogs. And from its website's URL, I think it is also written in PHP? |
👍 good to find out the problem! |
[x]
):log/gogs.log
):Description
Sorry to create this issue but when I receive webhook on my php script I can't verify signature. It seems method used by Gogs to calculate signature is not the same has below. Could it be great to give more details/examples on documentation ?
Thank you for your help !
The text was updated successfully, but these errors were encountered: