tkizm1
commented
7 years ago Secret will be sent as SHA256 HMAC hex digest of payload via X-Gogs-Signature header Did it need decryption?
Closed ghost closed 7 years ago
tkizm1
commented
7 years ago Secret will be sent as SHA256 HMAC hex digest of payload via X-Gogs-Signature header Did it need decryption?
sanderv32
commented
7 years ago Look at code of Gogs line 497. It's not enough to just get the new header with value and pass this to the plugin. This will break authentication. Doing a pull request means you also test the feature you build in.
ghost
commented
7 years ago Doing a pull request means you also test the feature you build in.
No, a pull request is an issue with code attached. The goal is to get a discussion started.
sanderv32
commented
7 years ago Then instead of doing a PR create an issue and discuss it. Doing a PR means you add working code which you tested and participate in the project by creating a solution for an issue or even a new feature.
ghost
commented
7 years ago Apologies, difference in culture. Will refrain from doing so here in future.
sanderv32
commented
7 years ago No problem :-)
Falls back to pulling from JSON body if no header is sent.
My Java is probably a bit rusty, but I figured this was a good starting place for the discussion.
Regarding issue #14.