GHWebhookSignature (GitHub plugin 1.38.0 API)

java.lang.Object

org.jenkinsci.plugins.github.webhook.GHWebhookSignature

public class GHWebhookSignature extends Object

Utility class for dealing with signatures of incoming requests.

Since:

1.21.0

See Also:

API documentation

Field Summary

Fields

Modifier and Type

Field

Description

static final String

INVALID_SIGNATURE
Method Summary

Modifier and Type

Method

Description

boolean

matches(String digest)

String

sha1()

Computes a RFC 2104-compliant HMAC digest using SHA1 of a payloadFrom with a given key (secret).

static GHWebhookSignature

webhookSignature(String payload, Secret secret)

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Details
- INVALID_SIGNATURE
  
  public static final String INVALID_SIGNATURE
  See Also:
  
  Constant Field Values
Method Details
- webhookSignature
  
  public static GHWebhookSignature webhookSignature(String payload, Secret secret)
  
  Parameters:
  
  payload - Clear-text to create signature of.
  
  secret - Key to sign with.
- sha1
  
  public String sha1()
  
  Computes a RFC 2104-compliant HMAC digest using SHA1 of a payloadFrom with a given key (secret).
  
  Returns:
  
  HMAC digest of payloadFrom using secret as key. Will return COMPUTED_INVALID_SIGNATURE on any exception during computation.
- matches
  
  public boolean matches(String digest)
  
  Parameters:
  
  digest - computed signature from external place (GitHub)
  
  Returns:
  
  true if computed and provided signatures identical