Greenlight-Driver-Training
diff --git a/‎Dockerfile‎
Lines changed: 4 additions & 4 deletions b/‎Dockerfile‎
Lines changed: 4 additions & 4 deletions
diff --git a/‎README.md‎
Lines changed: 3 additions & 4 deletions b/‎README.md‎
Lines changed: 3 additions & 4 deletions
diff --git a/‎main.js‎
Lines changed: 29 additions & 41 deletions b/‎main.js‎
Lines changed: 29 additions & 41 deletions
@@ -1,9 +1,9 @@
 FROM node:12.10.0-alpine
 
-LABEL "version"="0.1.0"
-LABEL "repository"="https://github.com/Ybrin/secure-actions-webhook"
-LABEL "homepage"="https://github.com/Ybrin/secure-actions-webhook"
-LABEL "maintainer"="Koray Koska <[email protected]>"
+LABEL "version"="0.1.3"
+LABEL "repository"="https://github.com/Greenlight-Simulation/secure-actions-webhook"
+LABEL "homepage"="https://github.com/Greenlight-Simulation/secure-actions-webhook"
+LABEL "maintainer"="Dan Marcucci <[email protected]>"
 LABEL "com.github.actions.name"="Secure Actions Webhook"
 LABEL "com.github.actions.description"="Post data and an hmac signature to an endpoint"
 LABEL "com.github.actions.icon"="message-square"
 
@@ -8,7 +8,7 @@ Sending a string:
 
 ```yaml
 - name: Webhook
-  uses: ybrin/[email protected].2
+  uses: Greenlight-Simulation/[email protected].3
   env:
     REQUEST_URI: ${{ secrets.REQUEST_URI }}
     REQUEST_DATA: "something_interesting"
@@ -19,13 +19,12 @@ Sending a json string:
 
 ```yaml
 - name: Webhook
-  uses: ybrin/[email protected].2
+  uses: Greenlight-Simulation/[email protected].3
   env:
     REQUEST_URI: ${{ secrets.REQUEST_URI }}
     REQUEST_DATA: '{ "something": "interesting" }'
     HMAC_SECRET: "secret_used_to_generate_signature"
 ```
 
-The request will include the header `X-Hub-Signature`, which is the hmac signature of the raw body just like in Github webhooks
-(sha1=<hmac_signature>).    
+The request will include the header `X-Request-Signature`, which is the HMAC signature of the raw body (SHA256, Base64).
 Verify it on your endpoint for integrity.
@@ -1,64 +1,52 @@
 const request = require("request");
-const crypto = require("crypto");
+const CryptoJS = require("crypto-js");
 
 const hmacSecret = process.env.HMAC_SECRET;
 if (!hmacSecret || hmacSecret === "" || hmacSecret.trim() === "") {
-  console.warn(
-    "The hmac secret seems empty. This doesn't seem like what you want."
-  );
+    console.warn("The hmac secret seems empty. This doesn't seem like what you want.");
 }
 if (hmacSecret.length < 32) {
-  console.warn(
-    "The hmac secret seems week. You should use at least 32 secure random hex chars."
-  );
+    console.warn("The hmac secret seems week. You should use at least 32 secure random hex chars.");
 }
 
 const createHmacSignature = body => {
-  const hmac = crypto.createHmac("sha1", hmacSecret);
-  const bodySignature = hmac.update(JSON.stringify(body)).digest("hex");
-
-  return `sha1=${bodySignature}`;
+    return CryptoJS.enc.Base64.stringify(CryptoJS.HmacSHA256(JSON.stringify(body), hmacSecret));
 };
 
 function isJsonString(str) {
-  try {
-    const json = JSON.parse(str);
-    return typeof json === "object";
-  } catch (e) {
-    return false;
-  }
+    try {
+        const json = JSON.parse(str);
+        return typeof json === "object";
+    } catch (e) {
+        return false;
+    }
 }
 
 const uri = process.env.REQUEST_URI;
 const data = {
-  data: isJsonString(process.env.REQUEST_DATA)
-    ? JSON.parse(process.env.REQUEST_DATA)
-    : process.env.REQUEST_DATA
+    data: isJsonString(process.env.REQUEST_DATA) ? JSON.parse(process.env.REQUEST_DATA) : process.env.REQUEST_DATA
 };
 
 const signature = createHmacSignature(data);
 
 request(
-  {
-    method: "POST",
-    uri: uri,
-
-    json: true,
-    body: data,
-    headers: {
-      "X-Hub-Signature": signature
-    }
-  },
-  (error, response, body) => {
-    if (error || response.statusCode < 200 || response.statusCode > 299) {
-      // Something went wrong
-      console.error(`Request failed with status code ${response.statusCode}!`);
-      console.error(response.body);
-
-      process.exit(1);
-    } else {
-      // Success
-      process.exit();
+    {
+        method: `${process.env.METHOD ? process.env.METHOD : 'POST'}`,
+        uri: uri,
+        json: true,
+        body: data,
+        headers: { "X-Request-Signature": signature }
+    },
+    (error, response, body) => {
+        if (error || response.statusCode < 200 || response.statusCode > 299) {
+            // Something went wrong
+            console.error(`Request failed with status code ${response.statusCode}!`);
+            console.error(response.body);
+
+            process.exit(1);
+        } else {
+            // Success
+            process.exit();
+        }
     }
-  }
 );