projects
/
kraftakt.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
|
inline
| side by side (parent:
d0e6c21
)
Re-enable signature checking.
author
Florian Forster
<ff@octo.it>
Wed, 7 Feb 2018 12:25:28 +0000
(13:25 +0100)
committer
Florian Forster
<ff@octo.it>
Wed, 7 Feb 2018 12:25:28 +0000
(13:25 +0100)
Reverts:
bb0ee5050d834e438b67306c8e98d810478b3a08
kraftakt.go
patch
|
blob
|
history
diff --git
a/kraftakt.go
b/kraftakt.go
index
40f0546
..
72389bd
100644
(file)
--- a/
kraftakt.go
+++ b/
kraftakt.go
@@
-258,13
+258,9
@@
func fitbitNotifyHandler(ctx context.Context, w http.ResponseWriter, r *http.Req
// Fitbit recommendation: "If signature verification fails, you should
// respond with a 404"
if !fitbit.CheckSignature(ctx, data, r.Header.Get("X-Fitbit-Signature")) {
// Fitbit recommendation: "If signature verification fails, you should
// respond with a 404"
if !fitbit.CheckSignature(ctx, data, r.Header.Get("X-Fitbit-Signature")) {
- /*
- log.Errorf(ctx, "signature mismatch")
- w.WriteHeader(http.StatusNotFound)
- return nil
- */
- } else {
- log.Warningf(ctx, "TODO(octo): re-enable signature checking, see https://community.fitbit.com/t5/Web-API-Development/Push-notification-signatures-are-currently-invalid/m-p/2496159")
+ log.Errorf(ctx, "signature mismatch")
+ w.WriteHeader(http.StatusNotFound)
+ return nil
}
if err := delayedHandleNotifications.Call(ctx, data); err != nil {
}
if err := delayedHandleNotifications.Call(ctx, data); err != nil {