harryfinbow
commented
1 month ago I am not familiar with FastAPI at all so if there is a better way of getting the request body without having to add async that you know of I am happy to change it :)
Closed harryfinbow closed 1 month ago
harryfinbow
commented
1 month ago I am not familiar with FastAPI at all so if there is a better way of getting the request body without having to add async that you know of I am happy to change it :)
Fixes an issue which allowed webhooks to be processed with an incorrect webhook secret.
This adds a case to return a
401when theverifyfunction returns false. Theverifyfunction also always returns false as it is being passed in JSON from aWorkflowJobwebhook object instead of the request body (which is how GitHub generates it's signitures) meaning the signatures will never match (see https://github.com/yanyongyu/githubkit?tab=readme-ov-file#webhook-verification).