buffer test
This commit is contained in:
@@ -68,10 +68,16 @@ app.post('/api', (req, res) => {
|
||||
if (!signature || !payload) {
|
||||
return res.status(400).send('Invalid payload or missing signature');
|
||||
}
|
||||
|
||||
|
||||
// Verify the secret
|
||||
const hmac = crypto.createHmac('sha256', GITEA_SECRET);
|
||||
const digest = `sha256=${hmac.update(payload).digest('hex')}`;
|
||||
|
||||
// Buffer lengths
|
||||
const bufferSignature = Buffer.from(signature);
|
||||
const bufferDigest = Buffer.from(digest);
|
||||
|
||||
console.log(bufferDigest, bufferSignature)
|
||||
|
||||
if (crypto.timingSafeEqual(Buffer.from(signature), Buffer.from(digest))) {
|
||||
// Secret is valid, update the repository
|
||||
|
||||
Reference in New Issue
Block a user