go-gitea · oatakan · Jun 8, 2021 · Jun 9, 2021 · Jun 9, 2021 · Jun 9, 2021
diff --git a/models/webhook.go b/models/webhook.go
@@ -127,6 +127,7 @@ type Webhook struct {
 	IsSystemWebhook bool
 	URL             string `xorm:"url TEXT"`
 	Signature       string `xorm:"TEXT"`
+	SignatureGitub  string `xorm:"TEXT"`
 	HTTPMethod      string `xorm:"http_method"`
 	ContentType     HookContentType
 	Secret          string `xorm:"TEXT"`
@@ -654,6 +655,7 @@ type HookTask struct {
 	Typ             HookTaskType `xorm:"VARCHAR(16) index"`
 	URL             string       `xorm:"TEXT"`
 	Signature       string       `xorm:"TEXT"`
+	SignatureGithub string       `xorm:"TEXT"`
 	api.Payloader   `xorm:"-"`
 	PayloadContent  string `xorm:"TEXT"`
 	HTTPMethod      string `xorm:"http_method"`

diff --git a/services/webhook/deliver.go b/services/webhook/deliver.go
@@ -97,6 +97,7 @@ func Deliver(t *models.HookTask) error {
 	req.Header.Add("X-Gogs-Delivery", t.UUID)
 	req.Header.Add("X-Gogs-Event", t.EventType.Event())
 	req.Header.Add("X-Gogs-Signature", t.Signature)
+	req.Header.Add("X-Hub-Signature", t.SignatureGithub)
-	req.Header.Add("X-Hub-Signature", t.SignatureGithub)
+	req.Header.Add("X-Hub-Signature-256", "sha256="+t.Signature)
-	req.Header.Add("X-Hub-Signature", t.SignatureGithub)
+	req.Header.Add("X-Hub-Signature-256", "sha256="+t.Signature)
 	req.Header["X-GitHub-Delivery"] = []string{t.UUID}
 	req.Header["X-GitHub-Event"] = []string{t.EventType.Event()}
 

diff --git a/services/webhook/webhook.go b/services/webhook/webhook.go
@@ -6,6 +6,7 @@ package webhook
 
 import (
 	"crypto/hmac"
+	"crypto/sha1"
 	"crypto/sha256"
 	"encoding/hex"
 	"fmt"
@@ -179,17 +180,32 @@ func prepareWebhook(w *models.Webhook, repo *models.Repository, event models.Hoo
 		signature = hex.EncodeToString(sig.Sum(nil))
 	}
 
+	var signaturegithub string
+	if len(w.Secret) > 0 {
+		data, err := payloader.JSONPayload()
+		if err != nil {
+			log.Error("prepareWebhooks.JSONPayload: %v", err)
+		}
+		sig := hmac.New(sha1.New, []byte(w.Secret))
+		_, err = sig.Write(data)
+		if err != nil {
+			log.Error("prepareWebhooks.sigWrite: %v", err)
+		}
+		signaturegithub = "sha1=" + hex.EncodeToString(sig.Sum(nil))
+	}
+
 	if err = models.CreateHookTask(&models.HookTask{
-		RepoID:      repo.ID,
-		HookID:      w.ID,
-		Typ:         w.Type,
-		URL:         w.URL,
-		Signature:   signature,
-		Payloader:   payloader,
-		HTTPMethod:  w.HTTPMethod,
-		ContentType: w.ContentType,
-		EventType:   event,
-		IsSSL:       w.IsSSL,
+		RepoID:      			repo.ID,
+		HookID:      			w.ID,
+		Typ:         			w.Type,
+		URL:         			w.URL,
+		Signature:   			signature,
+		SignatureGithub: 	signaturegithub,
+		Payloader:   			payloader,
+		HTTPMethod:  			w.HTTPMethod,
+		ContentType: 			w.ContentType,
+		EventType:   			event,
+		IsSSL:       			w.IsSSL,
 	}); err != nil {
 		return fmt.Errorf("CreateHookTask: %v", err)
 	}