projects / pharext / pharext.org / blob
? search:


3dc519a36290716b9ad0993a68f90775bd7d3dc6
[pharext/pharext.org] / app / Controller / Github / Hook / Receive.php
1 <?php
2
3 namespace app\Controller\Github\Hook;
4
5 use app\Controller;
6 use app\Github\API;
7 use app\Model\Accounts;
8 use app\Web;
9 use http\Params;
10
11 class Receive implements Controller
12 {
13 private $app;
14 private $github;
15 private $accounts;
16
17 function __construct(Web $app, API $github, Accounts $accounts) {
18 $this->app = $app;
19 $this->github = $github;
20 $this->accounts = $accounts;
21 }
22
23 function __invoke(array $args = []) {
24 $request = $this->app->getRequest();
25 $response = $this->app->getResponse();
26
27 if (!($sig = $request->getHeader("X-Hub-Signature")) || !($evt = $request->getHeader("X-Github-Event"))) {
28 $response->setResponseCode(400);
29 $response->setContentType("message/http");
30 $response->getBody()->append($request);
31 } else {
32 $key = $this->github->getConfig()->client->secret;
33 foreach ((new Params($sig))->params as $algo => $mac) {
34 if ($mac["value"] !== hash_hmac($algo, $request->getBody(), $key)) {
35 $response->setResponseCode(403);
36 $response->getBody()->append("Invalid signature");
37 return;
38 }
39 }
40 }
41
42 switch ($evt) {
43 default:
44 $response->setResponseCode(202);
45 $response->getBody()->append("Not a configured event");
46 break;
47 case "ping";
48 $response->setResponseCode(204);
49 $response->setResponseStatus("PONG");
50 break;
51 case "create":
52 case "release":
53 if (($json = json_decode($request->getBody()))) {
54 $this->$evt($json);
55 } else {
56 $response->setResponseCode(415);
57 $response->setContentType($request->getHeader("Content-Type"));
58 $response->getBody()->append($request->getBody());
59 }
60 break;
61 }
62 }
63
64 private function setTokenForUser($login) {
65 $relations = [
66 $this->accounts->getTokens()->getRelation("accounts"),
67 $this->accounts->getOwners()->getRelation("accounts")
68 ];
69 $tokens = $this->accounts->getTokens()->with($relations, [
70 "login=" => $login,
71 "tokens.authority=" => "github",
72 ]);
73
74 if (count($tokens)) {
75 $this->github->setToken($tokens->current()->token->get());
76 }
77 }
78
79 private function release($release) {
80 $response = $this->app->getResponse();
81
82 if ($release->action !== "published") {
83 $response->setResponseCode(202);
84 $response->getBody()->append("Not published");
85 } elseif (!empty($release->release->assets)) {
86 foreach ($release->release->assets as $asset) {
87 if ($asset->content_type === "application/phar") {
88 /* we've already uploaded the asset when we created the release */
89 $response->setResponseCode(202);
90 $response->getBody()->append("Already published");
91 return;
92 }
93 }
94 }
95
96 $this->setTokenForUser($release->repository->owner->login);
97 $this->github->uploadAssetForRelease(
98 $release->release,
99 $release->repository
100 )->done(function($result) use($response) {
101 list($created) = $result;
102 $response->setResponseCode(201);
103 $response->setHeader("Location", $created->url);
104 });
105 $this->github->drain();
106 }
107
108 private function create($create) {
109 $response = $this->app->getResponse();
110
111 if ($create->ref_type !== "tag") {
112 $response->setResponseCode(202);
113 $response->getBody()->append("Not a tag");
114 return;
115 }
116
117 $this->setTokenForUser($create->repository->owner->login);
118 $this->github->createReleaseFromTag(
119 $create->repository,
120 $create->ref
121 )->done(function($result) use($response) {
122 list($created) = $result;
123 $response->setResponseCode(201);
124 $response->setHeader("Location", $created->url);
125 });
126 $this->github->drain();
127 }
128 }
pharext.org