line |
stmt |
bran |
cond |
sub |
pod |
time |
code |
1
|
|
|
|
|
|
|
package Plack::Middleware::HubSignature; |
2
|
2
|
|
|
2
|
|
39875
|
use 5.008001; |
|
2
|
|
|
|
|
5
|
|
|
2
|
|
|
|
|
67
|
|
3
|
2
|
|
|
2
|
|
8
|
use strict; |
|
2
|
|
|
|
|
3
|
|
|
2
|
|
|
|
|
60
|
|
4
|
2
|
|
|
2
|
|
17
|
use warnings; |
|
2
|
|
|
|
|
3
|
|
|
2
|
|
|
|
|
76
|
|
5
|
|
|
|
|
|
|
|
6
|
|
|
|
|
|
|
our $VERSION = "0.02"; |
7
|
|
|
|
|
|
|
|
8
|
2
|
|
|
2
|
|
553
|
use parent 'Plack::Middleware'; |
|
2
|
|
|
|
|
313
|
|
|
2
|
|
|
|
|
10
|
|
9
|
2
|
|
|
2
|
|
24980
|
use Plack::Util; |
|
2
|
|
|
|
|
4
|
|
|
2
|
|
|
|
|
43
|
|
10
|
2
|
|
|
2
|
|
9
|
use Plack::Util::Accessor qw/secret/; |
|
2
|
|
|
|
|
612
|
|
|
2
|
|
|
|
|
11
|
|
11
|
2
|
|
|
2
|
|
988
|
use Plack::Request; |
|
2
|
|
|
|
|
96392
|
|
|
2
|
|
|
|
|
67
|
|
12
|
|
|
|
|
|
|
|
13
|
2
|
|
|
2
|
|
1204
|
use Digest::SHA; |
|
2
|
|
|
|
|
7055
|
|
|
2
|
|
|
|
|
115
|
|
14
|
2
|
|
|
2
|
|
1003
|
use String::Compare::ConstantTime; |
|
2
|
|
|
|
|
862
|
|
|
2
|
|
|
|
|
268
|
|
15
|
|
|
|
|
|
|
|
16
|
|
|
|
|
|
|
sub call { |
17
|
3
|
|
|
3
|
1
|
56484
|
my ($self, $env) = @_; |
18
|
|
|
|
|
|
|
|
19
|
3
|
|
|
|
|
29
|
my $req = Plack::Request->new($env); |
20
|
3
|
|
|
|
|
31
|
my $expected = 'sha1=' . Digest::SHA::hmac_sha1_hex($req->content, $self->secret); |
21
|
3
|
|
100
|
|
|
1271
|
my $actual = $req->header('X-Hub-Signature') || ''; |
22
|
3
|
100
|
|
|
|
588
|
if (!String::Compare::ConstantTime::equals($expected, $actual)) { |
23
|
2
|
|
|
|
|
21
|
return [403, ['Content-Type' => 'text/plain', 'Content-Length' => 9], ['Forbidden'] ]; |
24
|
|
|
|
|
|
|
} |
25
|
|
|
|
|
|
|
|
26
|
1
|
|
|
|
|
8
|
$self->app->($env); |
27
|
|
|
|
|
|
|
} |
28
|
|
|
|
|
|
|
|
29
|
|
|
|
|
|
|
1; |
30
|
|
|
|
|
|
|
__END__ |