internal

package

v0.0.0-...-5e4b488 Latest Latest Go to latest Published: Dec 25, 2025 License: MIT Imports: 28 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

codeberg.org/NaitLee/webhooker

Links

Open Source Insights

Documentation ¶

Index ¶

Constants
Variables
func CleanHookName(name string) string
func GenKey(masterkey, salt []byte) ([]byte, error)
func GenSig(key, msg []byte) []byte
func GetEventDeliveryFromHeaderIter(seq iter.Seq2[[]byte, []byte]) []byte
func GetEventTypeFromHeaderIter(seq iter.Seq2[[]byte, []byte]) []byte
func GetSigFromHeaderIter(seq iter.Seq2[[]byte, []byte]) []byte
func HookId(name string) string
func MatchJson(match, target any) bool
func ReadEnvFile(name string, env []string) ([]string, error)
func VerifySig(key, sig, msg []byte) bool
type ArgType
type Args
- func ParseArgs(argType ArgType) *Args
- func (a *Args) GetHooker() (*Hooker, error)
- func (a *Args) Wipe()
type Data
- func NewData(base any, secret []byte) (*Data, error)
- func (d *Data) Close() error
- func (d *Data) KeyForHook(name string) ([]byte, error)
- func (d *Data) MasterKey() []byte
- func (d *Data) RmSalt(name string) error
- func (d *Data) Salt(name string) ([]byte, error)
type Hook
- func (h *Hook) Do(ctx context.Context, msg []byte) (io.ReadCloser, error)
type Hooker
- func NewHooker(baseHooks fs.FS, baseData any, secret []byte) (*Hooker, error)
- func (h *Hooker) Close() error
- func (h *Hooker) Hook(ctx context.Context, name string, sig, msg []byte, extra map[string]string) (io.ReadCloser, error)

Constants ¶

View Source

const (
	PurposeHookKey = "webhooker hook key"
)

Purpose strings for HKDF. Shouldn't be changed.

Variables ¶

View Source

var (
	ErrBadSig       = errors.New("failed to verify signature of the messsage")
	ErrEmptyExec    = errors.New("hook exec field is empty")
	ErrHookNotFound = errors.New("hook not found")
)

Functions ¶

func CleanHookName ¶

func CleanHookName(name string) string

func GenKey ¶

func GenKey(masterkey, salt []byte) ([]byte, error)

Generate a secret key for a hook with its salt.

You may wipe the key, as you can generate it again.

func GenSig ¶

func GenSig(key, msg []byte) []byte

Generate signature for a message.

func GetEventDeliveryFromHeaderIter ¶

func GetEventDeliveryFromHeaderIter(seq iter.Seq2[[]byte, []byte]) []byte

func GetEventTypeFromHeaderIter ¶

func GetEventTypeFromHeaderIter(seq iter.Seq2[[]byte, []byte]) []byte

func GetSigFromHeaderIter ¶

func GetSigFromHeaderIter(seq iter.Seq2[[]byte, []byte]) []byte

func HookId ¶

func HookId(name string) string

func MatchJson ¶

func MatchJson(match, target any) bool

func ReadEnvFile ¶

func ReadEnvFile(name string, env []string) ([]string, error)

func VerifySig ¶

func VerifySig(key, sig, msg []byte) bool

https://pkg.go.dev/crypto/hmac

Types ¶

type ArgType ¶

type ArgType int

const (
	ArgTypeMain ArgType = iota
	ArgTypeGetSecret
)

type Args ¶

type Args struct {
	Addr     string
	Proto    string
	DataDir  string
	EnvFile  string
	HooksDir string
	HookName string
	// Read from env, wiped after use
	Secret    []byte
	Timeout   time.Duration
	RenewSalt bool
}

func ParseArgs ¶

func ParseArgs(argType ArgType) *Args

func (*Args) GetHooker ¶

func (a *Args) GetHooker() (*Hooker, error)

func (*Args) Wipe ¶

func (a *Args) Wipe()

type Data ¶

type Data struct {
	FS duckfs.FS
	// contains filtered or unexported fields
}

func NewData ¶

func NewData(base any, secret []byte) (*Data, error)

Make sure to call Data.Close to wipe master key on program exit.

func (*Data) Close ¶

func (d *Data) Close() error

Close the data. The Data shouldn't be used after this.

func (*Data) KeyForHook ¶

func (d *Data) KeyForHook(name string) ([]byte, error)

Should clean up name with CleanHookName before calling this.

func (*Data) MasterKey ¶

func (d *Data) MasterKey() []byte

Get the internal master key.

Don't wipe the returned key, as it's shared. Use Data.Close instead.

func (*Data) RmSalt ¶

func (d *Data) RmSalt(name string) error

Remove the salt file. The hook secret then becomes unusable.

The salt will be regenerated as needed, but will be different.

func (*Data) Salt ¶

func (d *Data) Salt(name string) ([]byte, error)

Get salt for a hook path.

If you rename or move the hook file, the salt (thus hook secret) changes too.

type Hook ¶

type Hook struct {
	Exec    []string       `json:"exec"`
	Match   []Hook         `json:"match"`
	Name    string         `json:"name"`
	Type    string         `json:"type"`
	Types   []string       `json:"types"`
	Body    map[string]any `json:"body"`
	Timeout int            `json:"timeout"`
	Env     []string
	Extra   map[string]string
}

func (*Hook) Do ¶

func (h *Hook) Do(ctx context.Context, msg []byte) (io.ReadCloser, error)

type Hooker ¶

type Hooker struct {
	EnvFile string
	FS      fs.FS
	Data    *Data
}

func NewHooker ¶

func NewHooker(baseHooks fs.FS, baseData any, secret []byte) (*Hooker, error)

func (*Hooker) Close ¶

func (h *Hooker) Close() error

Wipe master key from memory.

func (*Hooker) Hook ¶

func (h *Hooker) Hook(ctx context.Context, name string, sig, msg []byte, extra map[string]string) (io.ReadCloser, error)

name: hook name, usually path to the hook file

type_: hook type, found in request header

Returns stdout and stderr of the hook program.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL