projects / pharext / pharext.org / blob
? search:
summary | shortlog | log | commit | commitdiff | tree | github
history | raw | HEAD
2nd round
[pharext/pharext.org] / app / Controller / Github / Hook / Receive.php
1 <?php
2
3 namespace app\Controller\Github\Hook;
4
5 use app\Controller;
6 use app\Github\API;
7 use app\Model\Accounts;
8 use app\Web;
9 use http\Params;
10
11 class Receive implements Controller
12 {
13 private $app;
14 private $github;
15 private $accounts;
16
17 function __construct(Web $app, API $github, Accounts $accounts) {
18 $this->app = $app;
19 $this->github = $github;
20 $this->accounts = $accounts;
21 }
22
23 function __invoke(array $args = []) {
24 $request = $this->app->getRequest();
25 $response = $this->app->getResponse();
26
27 if (!($sig = $request->getHeader("X-Hub-Signature")) || !($evt = $request->getHeader("X-Github-Event"))) {
28 $response->setResponseCode(400);
29 $response->setContentType("message/http");
30 $response->getBody()->append($request);
31 } else {
32 $key = $this->github->getConfig()->client->secret;
33 foreach ((new Params($sig))->params as $algo => $mac) {
34 if ($mac["value"] !== hash_hmac($algo, $request->getBody(), $key)) {
35 $response->setResponseCode(403);
36 $response->getBody()->append("Invalid signature");
37 return;
38 }
39 }
40 }
41
42 switch ($evt) {
43 default:
44 $response->setResponseCode(202);
45 $response->getBody()->append("Not a configured event");
46 break;
47 case "ping";
48 $response->setResponseCode(204);
49 $response->setResponseStatus("PONG");
50 break;
51 case "create":
52 case "release":
53 if (($json = json_decode($request->getBody()))) {
54 $this->$evt($json)->done(function($result) use($response) {
55 list($created) = $result;
56 $response->setResponseCode(201);
57 $response->setHeader("Location", $created->url);
58 });
59 $this->github->drain();
60 } else {
61 $response->setResponseCode(415);
62 $response->setContentType($request->getHeader("Content-Type"));
63 $response->getBody()->append($request->getBody());
64 }
65 break;
66 }
67 }
68
69 private function setTokenForUser($login) {
70 $relations = [
71 $this->accounts->getTokens()->getRelation("accounts"),
72 $this->accounts->getOwners()->getRelation("accounts")
73 ];
74 $tokens = $this->accounts->getTokens()->with($relations, [
75 "login=" => $login,
76 "tokens.authority=" => "github",
77 ]);
78
79 if (count($tokens)) {
80 $this->github->setToken($tokens->current()->token->get());
81 }
82 }
83
84 private function release($release) {
85 $response = $this->app->getResponse();
86
87 if ($release->action !== "published") {
88 $response->setResponseCode(202);
89 $response->getBody()->append("Not published");
90 } elseif (!empty($release->release->assets)) {
91 foreach ($release->release->assets as $asset) {
92 if ($asset->content_type === "application/phar") {
93 /* we've already uploaded the asset when we created the release */
94 $response->setResponseCode(202);
95 $response->getBody()->append("Already published");
96 return;
97 }
98 }
99 }
100
101 $this->setTokenForUser($release->repository->owner->login);
102 return $this->github->uploadAssetForRelease(
103 $release->release,
104 $release->repository
105 );
106 }
107
108 private function create($create) {
109 $response = $this->app->getResponse();
110
111 if ($create->ref_type !== "tag") {
112 $response->setResponseCode(202);
113 $response->getBody()->append("Not a tag");
114 return;
115 }
116
117 $this->setTokenForUser($create->repository->owner->login);
118 return $this->github->createReleaseFromTag(
119 $create->repository,
120 $create->ref
121 );
122 }
123 }
pharext.org