first commit

Author: clarkeash

.gitignore

@@ -0,0 +1,5 @@
+/vendor
+/.idea
+.DS_Store
+coverage.xml
+composer.lock

composer.json

@@ -0,0 +1,28 @@
+{
+    "name": "laravel-shield/github",
+    "description": "A github service for shield",
+    "type": "library",
+    "license": "MIT",
+    "authors": [
+        {
+            "name": "Ashley Clarke",
+            "email": "[email protected]"
+        }
+    ],
+    "require": {
+        "laravel-shield/shield": "^1.0"
+    },
+    "require-dev": {
+        "laravel-shield/testing": "^1.0"
+    },
+    "autoload": {
+        "psr-4": {
+            "Shield\\GitHub\\": "src/"
+        }
+    },
+    "autoload-dev": {
+        "psr-4": {
+            "Shield\\GitHub\\Test\\": "tests/"
+        }
+    }
+}

phpunit.xml

@@ -0,0 +1,32 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<phpunit backupGlobals="false"
+         backupStaticAttributes="false"
+         bootstrap="vendor/autoload.php"
+         colors="true"
+         convertErrorsToExceptions="true"
+         convertNoticesToExceptions="true"
+         convertWarningsToExceptions="true"
+         processIsolation="false"
+         stopOnFailure="false">
+    <testsuites>
+
+        <testsuite name="Unit Tests">
+            <directory suffix="Test.php">./tests/Unit</directory>
+        </testsuite>
+
+    </testsuites>
+    <filter>
+        <whitelist processUncoveredFilesFromWhitelist="true">
+            <directory suffix=".php">./src</directory>
+        </whitelist>
+    </filter>
+    <php>
+        <env name="APP_ENV" value="testing"/>
+        <env name="CACHE_DRIVER" value="array"/>
+        <env name="SESSION_DRIVER" value="array"/>
+        <env name="QUEUE_DRIVER" value="sync"/>
+    </php>
+    <logging>
+        <log type="coverage-clover" target="coverage.xml" showUncoveredFiles="true"/>
+    </logging>
+</phpunit>

src/GitHub.php

@@ -0,0 +1,27 @@
+<?php
+
+namespace Shield\GitHub;
+
+use Illuminate\Http\Request;
+use Illuminate\Support\Collection;
+use Shield\Shield\Contracts\Service;
+
+/**
+ * Class GitHub
+ *
+ * @package \Shield\GitHub
+ */
+class GitHub implements Service
+{
+    public function verify(Request $request, Collection $config): bool
+    {
+        $generated = 'sha1=' . hash_hmac('sha1', $request->getContent(), $config->get('token'));
+
+        return hash_equals($generated, $request->header('X-Hub-Signature'));
+    }
+
+    public function headers(): array
+    {
+        return ['X-Hub-Signature'];
+    }
+}

tests/Unit/ServiceTest.php

@@ -0,0 +1,78 @@
+<?php
+
+namespace Shield\GitHub\Test\Unit;
+
+use PHPUnit\Framework\Assert;
+use Shield\GitHub\GitHub;
+use Shield\Shield\Contracts\Service;
+use Shield\Testing\TestCase;
+
+/**
+ * Class ServiceTest
+ *
+ * @package \Shield\GitHub\Test
+ */
+class ServiceTest extends TestCase
+{
+    /**
+     * @var \Shield\GitHub\GitHub
+     */
+    private $service;
+
+    public function setUp()
+    {
+        parent::setUp();
+
+        $this->service = new GitHub;
+    }
+
+    /** @test */
+    public function it_is_a_service()
+    {
+        Assert::assertInstanceOf(Service::class, new GitHub);
+    }
+
+    /** @test */
+    public function it_can_verify_a_valid_request()
+    {
+        $token = 'raNd0mk3y';
+
+        $this->app['config']['shield.services.github.options.token'] = $token;
+
+        $content = 'sample content';
+
+        $request = $this->request($content);
+
+        $headers = [
+            'X-Hub-Signature' => 'sha1=' . hash_hmac('sha1', $content, $token)
+        ];
+
+        $request->headers->add($headers);
+
+        Assert::assertTrue($this->service->verify($request, collect($this->app['config']['shield.services.github.options'])));
+    }
+
+    /** @test */
+    public function it_will_not_verify_a_bad_request()
+    {
+        $this->app['config']['shield.services.github.token'] = 'good';
+
+        $content = 'sample content';
+
+        $request = $this->request($content);
+
+        $headers = [
+            'X-Hub-Signature' => 'sha1=' . hash_hmac('sha1', $content, 'bad')
+        ];
+
+        $request->headers->add($headers);
+
+        Assert::assertFalse($this->service->verify($request, collect($this->app['config']['shield.services.github.options'])));
+    }
+
+    /** @test */
+    public function it_has_correct_headers_required()
+    {
+        Assert::assertArraySubset(['X-Hub-Signature'], $this->service->headers());
+    }
+}