webhooks.js icon indicating copy to clipboard operation
webhooks.js copied to clipboard

Published 20 hours ago verified publisher icon octokit

`webhooks.verifyAndParse` and standalone `verifyAndParse` method

Open gr2m opened this issue 4 years ago • 0 comments

What’s missing?

There is currently no simple way to parse and verify an incoming http request object at the same time. It's only possible as part of the event API of a webhooks instance, which might be overkill / not the best fit for a serverless/function environment

This would permit for code such as this:

export async function handler(event) {
  try {    
    const githubEvent = await verifyAndParse(secret, event)
    // handle valid event
    return { body: text, statusCode: 200 };
  } catch (error) {
    // handle errors
    return { body: 'oh noes!', statusCode: 500 }
  }
}

Why?

This is a follow up to https://github.com/octokit/webhooks.js/pull/372#issuecomment-739575379, see the discussion for more reasoning.

In a nutshell, @G-Rath's use case is to separate receiving and verifying the event request from running any event handlers to avoid AWS Lambda timeouts.

Alternatives you tried

export async function handler(event) {
  const webhooks = new Webhooks(options)

  webhooks.on(['check_run', 'code_scanning_alert', 'commit_comment'], async (event) => {
    // handle valid events
  })

  try {
    await webhooks.verifyAndReceive(awsEventToOctokitEvent(event))
    return { statusCode: 200 };
  } catch (error) {
    // handle error
    return { body: 'oh noes!', statusCode: 500 }
  }
}

gr2m avatar Dec 06 '20 22:12 gr2m