-
Notifications
You must be signed in to change notification settings - Fork 82
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[FEAT]: Facilitate webhook secret rotation #770
Comments
I think your use case is valid, we could support setting the But I would not permit it to be mutable. That would be a different feature, and if we were to decide to support it, I'd make it explicit with a callback function instead of a mutable array. |
Oh, yes, sorry, I hadn't meant to suggest a dynamic list of secrets. While I can see it being useful... selfishly, my use case has the WebHook listeners as single-shot Azure Function Apps, so it should suffice to change the secrets registered with those to ensure that all subsequent calls are checked against updated values. |
there is now a |
Yes, sorry; that was always supposed to be the next step after octokit/webhooks-methods.js#134 landed, but I have been transferred internally and my prior projects are being held on minimal life support. |
no worries at all, I just wanted to add the context so folks know about it |
Describe the need
The current
verifyAndReceive
function assumes that there is exactly one secret in use at any time:webhooks.js/src/verify-and-receive.ts
Lines 10 to 11 in d6286fa
which frustrates secret rotation, which can be a requirement in organizational settings. In particular, the current design essentially forces either programmer suffering (maintaining multiple webhook objects) or a window in which the sender and receiver will disagree about the (singular) secret value.
It would be ideal if, instead,
verifyAndReceive
accepted a list of secrets and attempted verification against each one. Then key rotation is straightforward:SDK Version
No response
API Version
No response
Relevant log output
No response
Code of Conduct
The text was updated successfully, but these errors were encountered: