github-label-notifier/functions/lib/github_utils.dart - dart_ci - Git at Google

 // Copyright (c) 2019, the Dart project authors.  Please see the AUTHORS file
 // for details. All rights reserved. Use of this source code is governed by a
 // BSD-style license that can be found in the LICENSE file.

 /// Various utility methods for processing on GitHub events.
 library github_label_notifier.github_utils;

 import 'dart:convert';
 import 'dart:io';

 import 'package:crypto/crypto.dart';

 /// Computes the GitHub event signature for the given [body] using
 /// `GITHUB_SECRET` environment variable as a key.
 String signEvent(List<int> body) {
   final secret = Platform.environment['GITHUB_SECRET'];
   if (secret == null) {
     throw 'GITHUB_SECRET is missing';
   }
   final digest = Hmac(sha1, utf8.encode(secret)).convert(body);
   return 'sha1=$digest';
 }

 /// Validate that the given [body] and [signature] against `GITHUB_SECRET`
 /// environment variable.
 bool verifyEventSignature(dynamic body, String signature) {
   final expectedSignature = signEvent(utf8.encode(json.encode(body)));
   // Timing-safe compare
   final aUnits = signature.codeUnits;
   final bUnits = expectedSignature.codeUnits;
   var result = true;
   for (var i = 0; i < aUnits.length; i++) {
     if (aUnits[i] != bUnits[i]) result = false;
   }
   return result;
 }

 /// Validate that the given [body] and [signature] against `GITHUB_SECRET`
 /// environment variable.
 bool verifyEventSignatureRaw(List<int> body, String signature) {
   final expectedSignature = signEvent(body);
   // Timing-safe compare
   final aUnits = signature.codeUnits;
   final bUnits = expectedSignature.codeUnits;
   var result = true;
   for (var i = 0; i < aUnits.length; i++) {
     if (aUnits[i] != bUnits[i]) result = false;
   }
   return result;
 }
	// Copyright (c) 2019, the Dart project authors. Please see the AUTHORS file
	// for details. All rights reserved. Use of this source code is governed by a
	// BSD-style license that can be found in the LICENSE file.

	/// Various utility methods for processing on GitHub events.
	library github_label_notifier.github_utils;

	import 'dart:convert';
	import 'dart:io';

	import 'package:crypto/crypto.dart';

	/// Computes the GitHub event signature for the given [body] using
	/// `GITHUB_SECRET` environment variable as a key.
	String signEvent(List<int> body) {
	final secret = Platform.environment['GITHUB_SECRET'];
	if (secret == null) {
	throw 'GITHUB_SECRET is missing';
	}
	final digest = Hmac(sha1, utf8.encode(secret)).convert(body);
	return 'sha1=$digest';
	}

	/// Validate that the given [body] and [signature] against `GITHUB_SECRET`
	/// environment variable.
	bool verifyEventSignature(dynamic body, String signature) {
	final expectedSignature = signEvent(utf8.encode(json.encode(body)));
	// Timing-safe compare
	final aUnits = signature.codeUnits;
	final bUnits = expectedSignature.codeUnits;
	var result = true;
	for (var i = 0; i < aUnits.length; i++) {
	if (aUnits[i] != bUnits[i]) result = false;
	}
	return result;
	}

	/// Validate that the given [body] and [signature] against `GITHUB_SECRET`
	/// environment variable.
	bool verifyEventSignatureRaw(List<int> body, String signature) {
	final expectedSignature = signEvent(body);
	// Timing-safe compare
	final aUnits = signature.codeUnits;
	final bUnits = expectedSignature.codeUnits;
	var result = true;
	for (var i = 0; i < aUnits.length; i++) {
	if (aUnits[i] != bUnits[i]) result = false;
	}
	return result;
	}