https://github.com/donatj/hmacsig

HMAC Signature Validation Middleware (e.g. for GitHub Webhooks)
https://github.com/donatj/hmacsig

go-middleware hmac-authentication middleware

Last synced: about 1 year ago
JSON representation

HMAC Signature Validation Middleware (e.g. for GitHub Webhooks)

• Host: GitHub
• URL: https://github.com/donatj/hmacsig
• Owner: donatj
• License: mit
• Created: 2018-07-20T21:36:09.000Z (almost 8 years ago)
• Default Branch: master
• Last Pushed: 2024-07-31T21:58:42.000Z (almost 2 years ago)
• Last Synced: 2025-03-29T23:11:55.257Z (about 1 year ago)
• Topics: go-middleware, hmac-authentication, middleware
• Language: Go
• Homepage:
• Size: 62.5 KB
• Stars: 3
• Watchers: 2
• Forks: 0
• Open Issues: 0
• Metadata Files:
  • Readme: README.md
  • License: LICENSE.md

Awesome Lists containing this project

README

          
# hmacsig

[![GoDoc](https://godoc.org/github.com/donatj/hmacsig?status.svg)](https://godoc.org/github.com/donatj/hmacsig)

[![Go Report Card](https://goreportcard.com/badge/github.com/donatj/hmacsig)](https://goreportcard.com/report/github.com/donatj/hmacsig)

![CI](https://github.com/donatj/hmacsig/workflows/CI/badge.svg)

HMAC Signature Validation Middleware (like GitHub Webhooks Uses)

Supports SHA-1 validation via `hmacsig.Handler` and SHA-256 validation via `hmacsig.Handler256`

GitHub now recommends SHA-256 over SHA-1 - read more:

https://docs.github.com/en/free-pro-team@latest/developers/webhooks-and-events/securing-your-webhooks

## Example

```golang

package main

import (

	"log"

	"net/http"

	"github.com/donatj/hmacsig"

)

func main() {

	h := http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {

		w.Write([]byte("success"))

	})

	s := hmacsig.Handler256(h, "supersecret")

	err := http.ListenAndServe(":8080", s)

	if err != nil {

		log.Fatal(err)

	}

}

```