A clone of Servant's ReqBody combinator, except that it will also verify the signature provided by GitHub in the X-Hub-Signature header by computing the SHA1 HMAC of the request body and comparing.

The use of this combinator will require that the router context contain an appropriate GitHubKey' entry. Specifically, the type parameter of GitHubKey' must correspond with Demote k where k is the kind of the index key used here. Consequently, it will be necessary to use serveWithContext instead of serve.

Other routes are not tried upon the failure of this combinator, and a 401 response is generated.

Use of this datatype directly is discouraged, since the choice of the index key determines its kind k and hence proxy, which is . Instead, use GitHubSignedReqBody', which computes the proxy argument given just key. The proxy argument is necessary to avoid UndecidableInstances for the implementation of the HasServer instance for the datatype.

Convenient synonym for GitHubSignedReqBody'' that computes its first type argument given just the second one.

Use this type synonym if you are creating a webhook server to handle webhooks from multiple repositories, with different secret keys.

A convenient alias for a trivial key index.

USe this type synonym if you are creating a webhook server to handle only webhooks from a single repository, or for mutliple repositories using the same secret key.

A routing combinator that succeeds only for a webhook request that matches one of the given RepoWebhookEvent given in the type-level list events.

If the list contains WebhookWildcardEvent, then all events will be matched.

The combinator will require that its associated handler take a RepoWebhookEvent parameter, and the matched event will be passed to the handler. This allows the handler to determine which event triggered it from the list.

Other routes are tried if there is a mismatch.

A wrapper for an IO strategy to obtain the signing key for the webhook as configured in GitHub. The strategy is executed each time the GitHubSignedReqBody's routing logic is executed.

We allow the use of IO here so that you can fetch the key from a cache or a database. If the key is a constant or read only once, just use pure.

The type key used here must correspond with Demote k where k is the kind whose types are used as indices in GitHubSignedReqBody'.

If you don't care about indices and just want to write a webhook using a global key, see GitHubKey' which fixes key to () and use gitHubKey, which fills the newtype with a constant function.

A synonym for strategies producing so-called global keys, in which the key index is simply ().

Smart constructor for GitHubKey', for a so-called global key.

dynamicKey keyLookup keyIdLookup acquires the key identifier, such as repository or user name, from the result then uses keyLookup to acquire the key (or Nothing).

Dynamic keys allow servers to specify per-user repository keys. This limits the impact of compromized keys and allows the server to acquire the key from external sources, such as a live configuration or per-user rows in a database.

The HasRepository class helps extract the full (unique) "name/repo" of a repository, allowing easy lookup of a per-repository key or, using takeWhile (=''), lookup of per user keys.

For use with 'github-webhooks' package types. Routes would look like:

     api = "github-webevent" :>
         :> GitHubSignedReqBody '[JSON] (EventWithHookRepo IssuesEvent)
         :> Post '[JSON] ()

And the handler would unwrap the event:

handler :: EventWithHookRepo IssuesEvent -> Handler ()
handler (eventOf -> e) = -- ... expr handling e :: IssuesEvent ...

See https://developer.github.com/webhooks/#events.

A concrete, promotable proxy type, for use at the kind level There are no instances for this because it is intended at the kind level only

Convient alias for Demote' that allows us to avoid using KProxy explicitly.

Type function that reflects a kind to a type.

Class of types that can be reflected to values.

Helper that parses a header using a FromHttpApiData instance and discards the parse error message if any.

Determines whether a given webhook event matches a given raw representation of one. The result is Nothing if there is no match. This function accounts for the WebhookWildcardEvent matching everything, so it returns the result of parsing the raw representation when trying to match against the wildcard.