In order to allow or deny sources of requests the possibility to
configure a list of allowed or denied IP addresses was added as
described by the readme.
Closes#3
For better readability, correctness and maintainability the
body (which is still rather large, though) was restructured.
Regarding the signature, to be able to configure different fields in
the HTTP header the configuration parameter signature was added.
Instead of looking for a "secret" field hmac is used. Therefore the
raw payload is hashed with all secrets consecutively in order to
validate its content. If the content is certified the established
behaviour is pursued..
To create a minimalistic parser, nom is used to identify and replace
parameters given in the command field.
For clarity the `action` field for hooks was renamed to `command`.
In order to validate requests a field called `secret` has to be sent
containing a secret key which validates the request. A hook will be
executed only if the secret sent with the request matches the hook's
secret.
All dependencies were updated.
An example configuration file `config.yml` is added to show the
configuration options. Following locations are checked:
- `/etc/webhookey/config.yml`
- `<config_dir>/webhookey/config.yml`
- `./config.yml`
Whereas `<config_dir>` is depending on the platform:
- Linux: `$XDG_CONFIG_HOME` or `$HOME/.config`
- macOS: `$HOME/Library/Application Support`
- Windows: `{FOLDERID_RoamingAppData}`
Each hook's action is executed if all of the specified filters match.