# flask-github-signature
[](https://github.com/pabluk/flask-github-signature/actions/workflows/python-package.yml)
[](https://pypi.org/project/flask-github-signature/)
A Flask view decorator to verify [Github's webhook signatures](https://docs.github.com/en/free-pro-team@latest/developers/webhooks-and-events/securing-your-webhooks).
# Installation
## Using pip
To get the latest version from pypi.org:
```console
pip install flask-github-signature
```
# Usage
```console
export GH_WEBHOOK_SECRET="xyz"
```
```python
# app.py
from flask import Flask
from flask_github_signature import verify_signature
app = Flask(__name__)
@app.route("/webhook", methods=["POST"])
@verify_signature
def webhook():
return "Payload signature verified."
```
run the previous Flask app with:
```console
flask run
```
and test it with:
```console
curl --request POST \
--header "X-Hub-Signature-256: sha256=eba50596a17c2c8fbdbc5c68223422fe41d5310bea51ffdc461430bce0386c54" \
--header "Content-Type: application/json" \
--data '{}' \
http://localhost:5000/webhook
```
## Signing a test payload
If you want to test with another payload you can generate a signature using:
```python
>>> import os
>>> from flask_github_signature import compute_signature
>>>
>>> secret = os.environ["GH_WEBHOOK_SECRET"]
>>> compute_signature(secret, b'{"message": "An example"}')
'04886433fda851ca66181cecbd9c283ba677468ba361b0a0a7ba57a867102b46'
>>>
```
when using a signature on a header don't forget to append `sha256=` to it.
# Testing
If you want to test, play or contribute to this repo:
```console
git clone git@github.com:pabluk/flask-github-signature.git
cd flask-github-signature/
pip install -r requirements.txt
pip install -r requirements-dev.txt
pytest -v
```
```console
black --line-length=127 tests/ flask_github_signature/
```
Raw data
{
"_id": null,
"home_page": "https://github.com/pabluk/flask-github-signature",
"name": "flask-github-signature",
"maintainer": "",
"docs_url": null,
"requires_python": "",
"maintainer_email": "",
"keywords": "flask,decorator,github,webhook",
"author": "Pablo Seminario",
"author_email": "pablo@seminar.io",
"download_url": "https://files.pythonhosted.org/packages/08/77/ca235051edcceb4a306c1475ee7de1bfd3d468a217fbacadab25cc696c25/flask-github-signature-0.1.1.tar.gz",
"platform": null,
"description": "# flask-github-signature\n\n[](https://github.com/pabluk/flask-github-signature/actions/workflows/python-package.yml)\n[](https://pypi.org/project/flask-github-signature/)\n\n\nA Flask view decorator to verify [Github's webhook signatures](https://docs.github.com/en/free-pro-team@latest/developers/webhooks-and-events/securing-your-webhooks).\n\n# Installation\n\n## Using pip\n\nTo get the latest version from pypi.org:\n\n```console\npip install flask-github-signature\n```\n\n# Usage\n\n```console\nexport GH_WEBHOOK_SECRET=\"xyz\"\n```\n\n```python\n# app.py\nfrom flask import Flask\nfrom flask_github_signature import verify_signature\n\napp = Flask(__name__)\n\n\n@app.route(\"/webhook\", methods=[\"POST\"])\n@verify_signature\ndef webhook():\n return \"Payload signature verified.\"\n```\n\nrun the previous Flask app with:\n\n```console\nflask run\n```\n\nand test it with:\n\n```console\ncurl --request POST \\\n --header \"X-Hub-Signature-256: sha256=eba50596a17c2c8fbdbc5c68223422fe41d5310bea51ffdc461430bce0386c54\" \\\n --header \"Content-Type: application/json\" \\\n --data '{}' \\\n http://localhost:5000/webhook\n```\n\n## Signing a test payload\n\nIf you want to test with another payload you can generate a signature using:\n```python\n>>> import os\n>>> from flask_github_signature import compute_signature\n>>> \n>>> secret = os.environ[\"GH_WEBHOOK_SECRET\"]\n>>> compute_signature(secret, b'{\"message\": \"An example\"}')\n'04886433fda851ca66181cecbd9c283ba677468ba361b0a0a7ba57a867102b46'\n>>> \n```\nwhen using a signature on a header don't forget to append `sha256=` to it.\n\n# Testing\n\nIf you want to test, play or contribute to this repo:\n\n```console\ngit clone git@github.com:pabluk/flask-github-signature.git\ncd flask-github-signature/\npip install -r requirements.txt\npip install -r requirements-dev.txt\npytest -v\n```\n\n```console\nblack --line-length=127 tests/ flask_github_signature/\n```\n",
"bugtrack_url": null,
"license": "GNU General Public License v3 (GPLv3)",
"summary": "A Flask view decorator to verify Github's webhook signatures",
"version": "0.1.1",
"split_keywords": [
"flask",
"decorator",
"github",
"webhook"
],
"urls": [
{
"comment_text": "",
"digests": {
"md5": "63a07038dc44316d76b9fc67ffb70808",
"sha256": "ffe3adab48f21c23a942c177787f94a8f6d1044a859d86e6c36fea675438886b"
},
"downloads": -1,
"filename": "flask_github_signature-0.1.1-py3-none-any.whl",
"has_sig": false,
"md5_digest": "63a07038dc44316d76b9fc67ffb70808",
"packagetype": "bdist_wheel",
"python_version": "py3",
"requires_python": null,
"size": 15732,
"upload_time": "2022-12-14T10:51:33",
"upload_time_iso_8601": "2022-12-14T10:51:33.760487Z",
"url": "https://files.pythonhosted.org/packages/a1/ba/34c8fed1b256283ab8b52d38e9b16f0eba7dfde4237fa6ebe9cf6f7bf285/flask_github_signature-0.1.1-py3-none-any.whl",
"yanked": false,
"yanked_reason": null
},
{
"comment_text": "",
"digests": {
"md5": "a413550935bf7764dcb12c6c674aec74",
"sha256": "c184643ba3aa72a220e6af8f153d04e220f0b9e437f4db78fb7a3e8a4e936aa6"
},
"downloads": -1,
"filename": "flask-github-signature-0.1.1.tar.gz",
"has_sig": false,
"md5_digest": "a413550935bf7764dcb12c6c674aec74",
"packagetype": "sdist",
"python_version": "source",
"requires_python": null,
"size": 15318,
"upload_time": "2022-12-14T10:51:35",
"upload_time_iso_8601": "2022-12-14T10:51:35.112906Z",
"url": "https://files.pythonhosted.org/packages/08/77/ca235051edcceb4a306c1475ee7de1bfd3d468a217fbacadab25cc696c25/flask-github-signature-0.1.1.tar.gz",
"yanked": false,
"yanked_reason": null
}
],
"upload_time": "2022-12-14 10:51:35",
"github": true,
"gitlab": false,
"bitbucket": false,
"github_user": "pabluk",
"github_project": "flask-github-signature",
"travis_ci": false,
"coveralls": false,
"github_actions": true,
"requirements": [],
"lcname": "flask-github-signature"
}
JSON
