Update README.md

Deployment Payload fields should be of type string.

.gitignore

@@ -6,6 +6,7 @@
 # Folders
 _obj
 _test
+.idea
 
 # Architecture specific extensions/prefixes
 *.[568vq]

.travis.yml

@@ -0,0 +1,38 @@
+language: go
+go:
+    - 1.10.2
+    - tip
+matrix:
+  allow_failures:
+    - go: tip
+
+notifications:
+    email:
+        recipients: dean.karn@gmail.com
+        on_success: change
+        on_failure: always
+
+before_install:
+  - go get -u github.com/go-playground/overalls
+  - go get -u github.com/mattn/goveralls
+  - go get -u golang.org/x/tools/cmd/cover
+  - go get -u github.com/golang/lint/golint
+  - go get -u github.com/gordonklaus/ineffassign
+  - mkdir -p $GOPATH/src/gopkg.in
+  - ln -s $GOPATH/src/github.com/$TRAVIS_REPO_SLUG $GOPATH/src/gopkg.in/webhooks.v2
+  - ln -s $GOPATH/src/github.com/$TRAVIS_REPO_SLUG $GOPATH/src/gopkg.in/webhooks.v3
+
+before_script:
+  - go vet ./...
+
+script:
+ - gofmt -d -s .
+ - golint ./...
+ - ineffassign ./
+ - go test -v ./...
+ - go test -race
+
+after_success: |
+  [ $TRAVIS_GO_VERSION = 1.10.2 ] &&
+  overalls -project="github.com/go-playground/webhooks" -covermode=count -ignore=.git,examples -debug &&
+  goveralls -coverprofile=overalls.coverprofile -service travis-ci -repotoken $COVERALLS_TOKEN

README.md

@@ -1,7 +1,7 @@
 Library webhooks
 ================
-<img align="right" src="https://raw.githubusercontent.com/go-playground/webhooks/v3/logo.png">![Project status](https://img.shields.io/badge/version-3.0.0-green.svg)
+<img align="right" src="https://raw.githubusercontent.com/go-playground/webhooks/v3/logo.png">![Project status](https://img.shields.io/badge/version-3.13.0-green.svg)
-[![Build Status](https://semaphoreci.com/api/v1/joeybloggs/webhooks/branches/v3/badge.svg)](https://semaphoreci.com/joeybloggs/webhooks)
+[![Build Status](https://travis-ci.org/go-playground/webhooks.svg?branch=v3)](https://travis-ci.org/go-playground/webhooks)
 [![Coverage Status](https://coveralls.io/repos/go-playground/webhooks/badge.svg?branch=v3&service=github)](https://coveralls.io/github/go-playground/webhooks?branch=v3)
 [![Go Report Card](https://goreportcard.com/badge/go-playground/webhooks)](https://goreportcard.com/report/go-playground/webhooks)
 [![GoDoc](https://godoc.org/gopkg.in/go-playground/webhooks.v3?status.svg)](https://godoc.org/gopkg.in/go-playground/webhooks.v3)
@@ -24,7 +24,7 @@ Installation
 Use go get.
 
 ```shell
-	go get -u gopkg.in/go-playground/webhooks.v3
+go get -u gopkg.in/go-playground/webhooks.v3
 ```
 
 Then import the package into your own code.
@@ -75,7 +75,7 @@ func HandleRelease(payload interface{}, header webhooks.Header) {
 	pl := payload.(github.ReleasePayload)
 
 	// only want to compile on full releases
-	if pl.Release.Draft || pl.Release.Prelelease || pl.Release.TargetCommitish != "master" {
+	if pl.Release.Draft || pl.Release.Prerelease || pl.Release.TargetCommitish != "master" {
 		return
 	}
 
@@ -93,7 +93,6 @@ func HandlePullRequest(payload interface{}, header webhooks.Header) {
 	// Do whatever you want from here...
 	fmt.Printf("%+v", pl)
 }
-
 ```
 
 Single receiver for events you subscribe to

bitbucket/bitbucket.go

@@ -2,6 +2,7 @@ package bitbucket
 
 import (
 	"encoding/json"
+	"fmt"
 	"io/ioutil"
 	"net/http"
 
@@ -42,7 +43,7 @@ const (
 	PullRequestDeclinedEvent       Event = "pullrequest:rejected"
 	PullRequestCommentCreatedEvent Event = "pullrequest:comment_created"
 	PullRequestCommentUpdatedEvent Event = "pullrequest:comment_updated"
-	PullRequestCommentDeletedEvent Event = "pull_request:comment_deleted"
+	PullRequestCommentDeletedEvent Event = "pullrequest:comment_deleted"
 )
 
 // New creates and returns a WebHook instance denoted by the Provider type
@@ -69,38 +70,50 @@ func (hook Webhook) RegisterEvents(fn webhooks.ProcessPayloadFunc, events ...Eve
 
 // ParsePayload parses and verifies the payload and fires off the mapped function, if it exists.
 func (hook Webhook) ParsePayload(w http.ResponseWriter, r *http.Request) {
+	webhooks.DefaultLog.Info("Parsing Payload...")
 
 	uuid := r.Header.Get("X-Hook-UUID")
 	if uuid == "" {
+		webhooks.DefaultLog.Error("Missing X-Hook-UUID Header")
 		http.Error(w, "400 Bad Request - Missing X-Hook-UUID Header", http.StatusBadRequest)
 		return
 	}
+	webhooks.DefaultLog.Debug(fmt.Sprintf("X-Hook-UUID:%s", uuid))
 
-	if uuid != hook.uuid {
+	if len(hook.uuid) > 0 {
-		http.Error(w, "403 Forbidden - Missing X-Hook-UUID does not match", http.StatusForbidden)
+		if uuid != hook.uuid {
-		return
+			webhooks.DefaultLog.Error(fmt.Sprintf("X-Hook-UUID %s does not match configured uuid of %s", uuid, hook.uuid))
+			http.Error(w, "403 Forbidden - X-Hook-UUID does not match", http.StatusForbidden)
+			return
+		}
+	} else {
+		webhooks.DefaultLog.Debug("hook uuid not defined - recommend setting for improved security")
 	}
 
 	event := r.Header.Get("X-Event-Key")
 	if event == "" {
+		webhooks.DefaultLog.Error("Missing X-Event-Key Header")
 		http.Error(w, "400 Bad Request - Missing X-Event-Key Header", http.StatusBadRequest)
 		return
 	}
+	webhooks.DefaultLog.Debug(fmt.Sprintf("X-Event-Key:%s", event))
 
 	bitbucketEvent := Event(event)
 
 	fn, ok := hook.eventFuncs[bitbucketEvent]
 	// if no event registered
 	if !ok {
+		webhooks.DefaultLog.Info(fmt.Sprintf("Webhook Event %s not registered, it is recommended to setup only events in bitbucket that will be registered in the webhook to avoid unnecessary traffic and reduce potential attack vectors.", event))
 		return
 	}
 
 	payload, err := ioutil.ReadAll(r.Body)
 	if err != nil || len(payload) == 0 {
-		http.Error(w, "Error reading Body", http.StatusInternalServerError)
+		webhooks.DefaultLog.Error("Issue reading Payload")
+		http.Error(w, "Issue reading Payload", http.StatusInternalServerError)
 		return
 	}
-
+	webhooks.DefaultLog.Debug(fmt.Sprintf("Payload:%s", string(payload)))
 	hd := webhooks.Header(r.Header)
 
 	switch bitbucketEvent {

examples/custom-logger/main.go

@@ -0,0 +1,67 @@
+package main
+
+import (
+	"fmt"
+	"log"
+	"strconv"
+
+	"gopkg.in/go-playground/webhooks.v3"
+	"gopkg.in/go-playground/webhooks.v3/github"
+)
+
+const (
+	path = "/webhooks"
+	port = 3016
+)
+
+type myLogger struct {
+	PrintDebugs bool
+}
+
+func (l *myLogger) Info(msg string) {
+	log.Println(msg)
+}
+
+func (l *myLogger) Error(msg string) {
+	log.Println(msg)
+}
+
+func (l *myLogger) Debug(msg string) {
+	if !l.PrintDebugs {
+		return
+	}
+	log.Println(msg)
+}
+
+func main() {
+	// webhooks.DefaultLog=webhooks.NewLogger(true)
+	//
+	// or override with your own
+	webhooks.DefaultLog = &myLogger{PrintDebugs: true}
+
+	hook := github.New(&github.Config{Secret: "MyGitHubSuperSecretSecrect...?"})
+	hook.RegisterEvents(HandleMultiple, github.ReleaseEvent, github.PullRequestEvent) // Add as many as you want
+
+	err := webhooks.Run(hook, ":"+strconv.Itoa(port), path)
+	if err != nil {
+		fmt.Println(err)
+	}
+}
+
+// HandleMultiple handles multiple GitHub events
+func HandleMultiple(payload interface{}, header webhooks.Header) {
+	fmt.Println("Handling Payload..")
+
+	switch payload.(type) {
+
+	case github.ReleasePayload:
+		release := payload.(github.ReleasePayload)
+		// Do whatever you want from here...
+		fmt.Printf("%+v", release)
+
+	case github.PullRequestPayload:
+		pullRequest := payload.(github.PullRequestPayload)
+		// Do whatever you want from here...
+		fmt.Printf("%+v", pullRequest)
+	}
+}

examples/multiple-handlers/main.go

@@ -14,7 +14,6 @@ const (
 )
 
 func main() {
-
 	hook := github.New(&github.Config{Secret: "MyGitHubSuperSecretSecrect...?"})
 	hook.RegisterEvents(HandleRelease, github.ReleaseEvent)
 	hook.RegisterEvents(HandlePullRequest, github.PullRequestEvent)
@@ -27,7 +26,6 @@ func main() {
 
 // HandleRelease handles GitHub release events
 func HandleRelease(payload interface{}, header webhooks.Header) {
-
 	fmt.Println("Handling Release")
 
 	pl := payload.(github.ReleasePayload)

examples/single-handler/main.go

@@ -14,7 +14,6 @@ const (
 )
 
 func main() {
-
 	hook := github.New(&github.Config{Secret: "MyGitHubSuperSecretSecrect...?"})
 	hook.RegisterEvents(HandleMultiple, github.ReleaseEvent, github.PullRequestEvent) // Add as many as you want
 
@@ -26,7 +25,6 @@ func main() {
 
 // HandleMultiple handles multiple GitHub events
 func HandleMultiple(payload interface{}, header webhooks.Header) {
-
 	fmt.Println("Handling Payload..")
 
 	switch payload.(type) {

github/github.go

@@ -5,6 +5,7 @@ import (
 	"crypto/sha1"
 	"encoding/hex"
 	"encoding/json"
+	"fmt"
 	"io/ioutil"
 	"net/http"
 
@@ -35,6 +36,8 @@ const (
 	DeploymentStatusEvent         Event = "deployment_status"
 	ForkEvent                     Event = "fork"
 	GollumEvent                   Event = "gollum"
+	InstallationEvent             Event = "installation"
+	IntegrationInstallationEvent  Event = "integration_installation"
 	IssueCommentEvent             Event = "issue_comment"
 	IssuesEvent                   Event = "issues"
 	LabelEvent                    Event = "label"
@@ -44,6 +47,7 @@ const (
 	OrganizationEvent             Event = "organization"
 	OrgBlockEvent                 Event = "org_block"
 	PageBuildEvent                Event = "page_build"
+	PingEvent                     Event = "ping"
 	ProjectCardEvent              Event = "project_card"
 	ProjectColumnEvent            Event = "project_column"
 	ProjectEvent                  Event = "project"
@@ -96,36 +100,43 @@ func (hook Webhook) RegisterEvents(fn webhooks.ProcessPayloadFunc, events ...Eve
 
 // ParsePayload parses and verifies the payload and fires off the mapped function, if it exists.
 func (hook Webhook) ParsePayload(w http.ResponseWriter, r *http.Request) {
+	webhooks.DefaultLog.Info("Parsing Payload...")
 
 	event := r.Header.Get("X-GitHub-Event")
 	if len(event) == 0 {
+		webhooks.DefaultLog.Error("Missing X-GitHub-Event Header")
 		http.Error(w, "400 Bad Request - Missing X-GitHub-Event Header", http.StatusBadRequest)
 		return
 	}
+	webhooks.DefaultLog.Debug(fmt.Sprintf("X-GitHub-Event:%s", event))
 
 	gitHubEvent := Event(event)
 
 	fn, ok := hook.eventFuncs[gitHubEvent]
 	// if no event registered
 	if !ok {
+		webhooks.DefaultLog.Info(fmt.Sprintf("Webhook Event %s not registered, it is recommended to setup only events in github that will be registered in the webhook to avoid unnecessary traffic and reduce potential attack vectors.", event))
 		return
 	}
 
 	payload, err := ioutil.ReadAll(r.Body)
 	if err != nil || len(payload) == 0 {
-		http.Error(w, "Error reading Body", http.StatusInternalServerError)
+		webhooks.DefaultLog.Error("Issue reading Payload")
+		http.Error(w, "Issue reading Payload", http.StatusInternalServerError)
 		return
 	}
+	webhooks.DefaultLog.Debug(fmt.Sprintf("Payload:%s", string(payload)))
 
 	// If we have a Secret set, we should check the MAC
 	if len(hook.secret) > 0 {
-
+		webhooks.DefaultLog.Info("Checking secret")
 		signature := r.Header.Get("X-Hub-Signature")
-
 		if len(signature) == 0 {
+			webhooks.DefaultLog.Error("Missing X-Hub-Signature required for HMAC verification")
 			http.Error(w, "403 Forbidden - Missing X-Hub-Signature required for HMAC verification", http.StatusForbidden)
 			return
 		}
+		webhooks.DefaultLog.Debug(fmt.Sprintf("X-Hub-Signature:%s", signature))
 
 		mac := hmac.New(sha1.New, []byte(hook.secret))
 		mac.Write(payload)
@@ -133,6 +144,7 @@ func (hook Webhook) ParsePayload(w http.ResponseWriter, r *http.Request) {
 		expectedMAC := hex.EncodeToString(mac.Sum(nil))
 
 		if !hmac.Equal([]byte(signature[5:]), []byte(expectedMAC)) {
+			webhooks.DefaultLog.Error("HMAC verification failed")
 			http.Error(w, "403 Forbidden - HMAC verification failed", http.StatusForbidden)
 			return
 		}
@@ -170,6 +182,10 @@ func (hook Webhook) ParsePayload(w http.ResponseWriter, r *http.Request) {
 		var g GollumPayload
 		json.Unmarshal([]byte(payload), &g)
 		hook.runProcessPayloadFunc(fn, g, hd)
+	case InstallationEvent, IntegrationInstallationEvent:
+		var i InstallationPayload
+		json.Unmarshal([]byte(payload), &i)
+		hook.runProcessPayloadFunc(fn, i, hd)
 	case IssueCommentEvent:
 		var i IssueCommentPayload
 		json.Unmarshal([]byte(payload), &i)
@@ -206,6 +222,10 @@ func (hook Webhook) ParsePayload(w http.ResponseWriter, r *http.Request) {
 		var p PageBuildPayload
 		json.Unmarshal([]byte(payload), &p)
 		hook.runProcessPayloadFunc(fn, p, hd)
+	case PingEvent:
+		var p PingPayload
+		json.Unmarshal([]byte(payload), &p)
+		hook.runProcessPayloadFunc(fn, p, hd)
 	case ProjectCardEvent:
 		var p ProjectCardPayload
 		json.Unmarshal([]byte(payload), &p)

github/github_test.go

@@ -48,6 +48,8 @@ func TestMain(m *testing.M) {
 		DeploymentStatusEvent,
 		ForkEvent,
 		GollumEvent,
+		InstallationEvent,
+		IntegrationInstallationEvent,
 		IssueCommentEvent,
 		IssuesEvent,
 		LabelEvent,
@@ -57,6 +59,7 @@ func TestMain(m *testing.M) {
 		OrganizationEvent,
 		OrgBlockEvent,
 		PageBuildEvent,
+		PingEvent,
 		ProjectCardEvent,
 		ProjectColumnEvent,
 		ProjectEvent,
@@ -1309,6 +1312,186 @@ func TestGollumEvent(t *testing.T) {
 	Equal(t, resp.StatusCode, http.StatusOK)
 }
 
+func TestInstallationEvent(t *testing.T) {
+
+	payload := `{
+    "action": "created",
+    "installation": {
+        "id": 80429,
+        "account": {
+            "login": "PombeirP",
+            "id": 138074,
+            "avatar_url": "https://avatars1.githubusercontent.com/u/138074?v=4",
+            "gravatar_id": "",
+            "url": "https://api.github.com/users/PombeirP",
+            "html_url": "https://github.com/PombeirP",
+            "followers_url": "https://api.github.com/users/PombeirP/followers",
+            "following_url": "https://api.github.com/users/PombeirP/following{/other_user}",
+            "gists_url": "https://api.github.com/users/PombeirP/gists{/gist_id}",
+            "starred_url": "https://api.github.com/users/PombeirP/starred{/owner}{/repo}",
+            "subscriptions_url": "https://api.github.com/users/PombeirP/subscriptions",
+            "organizations_url": "https://api.github.com/users/PombeirP/orgs",
+            "repos_url": "https://api.github.com/users/PombeirP/repos",
+            "events_url": "https://api.github.com/users/PombeirP/events{/privacy}",
+            "received_events_url": "https://api.github.com/users/PombeirP/received_events",
+            "type": "User",
+            "site_admin": false
+        },
+        "repository_selection": "selected",
+        "access_tokens_url": "https://api.github.com/installations/80429/access_tokens",
+        "repositories_url": "https://api.github.com/installation/repositories",
+        "html_url": "https://github.com/settings/installations/80429",
+        "app_id": 8157,
+        "target_id": 138074,
+        "target_type": "User",
+        "permissions": {
+            "repository_projects": "write",
+            "issues": "read",
+            "metadata": "read",
+            "pull_requests": "read"
+        },
+        "events": [
+            "pull_request"
+        ],
+        "created_at": 1516025475,
+        "updated_at": 1516025475,
+        "single_file_name": null
+    },
+    "repositories": [
+        {
+            "id": 117381220,
+            "name": "status-github-bot",
+            "full_name": "PombeirP/status-github-bot"
+        }
+    ],
+    "sender": {
+        "login": "PombeirP",
+        "id": 138074,
+        "avatar_url": "https://avatars1.githubusercontent.com/u/138074?v=4",
+        "gravatar_id": "",
+        "url": "https://api.github.com/users/PombeirP",
+        "html_url": "https://github.com/PombeirP",
+        "followers_url": "https://api.github.com/users/PombeirP/followers",
+        "following_url": "https://api.github.com/users/PombeirP/following{/other_user}",
+        "gists_url": "https://api.github.com/users/PombeirP/gists{/gist_id}",
+        "starred_url": "https://api.github.com/users/PombeirP/starred{/owner}{/repo}",
+        "subscriptions_url": "https://api.github.com/users/PombeirP/subscriptions",
+        "organizations_url": "https://api.github.com/users/PombeirP/orgs",
+        "repos_url": "https://api.github.com/users/PombeirP/repos",
+        "events_url": "https://api.github.com/users/PombeirP/events{/privacy}",
+        "received_events_url": "https://api.github.com/users/PombeirP/received_events",
+        "type": "User",
+        "site_admin": false
+    }
+}
+`
+
+	req, err := http.NewRequest("POST", "http://127.0.0.1:3010/webhooks", bytes.NewBuffer([]byte(payload)))
+	req.Header.Set("Content-Type", "application/json")
+	req.Header.Set("X-Github-Event", "installation")
+	req.Header.Set("X-Hub-Signature", "sha1=987338c6e5c21794ab6c258abe51284f9b1df728")
+
+	Equal(t, err, nil)
+
+	client := &http.Client{}
+	resp, err := client.Do(req)
+	Equal(t, err, nil)
+
+	defer resp.Body.Close()
+
+	Equal(t, resp.StatusCode, http.StatusOK)
+}
+
+func TestIntegrationInstallationEvent(t *testing.T) {
+
+	payload := `{
+    "action": "created",
+    "installation": {
+        "id": 80429,
+        "account": {
+            "login": "PombeirP",
+            "id": 138074,
+            "avatar_url": "https://avatars1.githubusercontent.com/u/138074?v=4",
+            "gravatar_id": "",
+            "url": "https://api.github.com/users/PombeirP",
+            "html_url": "https://github.com/PombeirP",
+            "followers_url": "https://api.github.com/users/PombeirP/followers",
+            "following_url": "https://api.github.com/users/PombeirP/following{/other_user}",
+            "gists_url": "https://api.github.com/users/PombeirP/gists{/gist_id}",
+            "starred_url": "https://api.github.com/users/PombeirP/starred{/owner}{/repo}",
+            "subscriptions_url": "https://api.github.com/users/PombeirP/subscriptions",
+            "organizations_url": "https://api.github.com/users/PombeirP/orgs",
+            "repos_url": "https://api.github.com/users/PombeirP/repos",
+            "events_url": "https://api.github.com/users/PombeirP/events{/privacy}",
+            "received_events_url": "https://api.github.com/users/PombeirP/received_events",
+            "type": "User",
+            "site_admin": false
+        },
+        "repository_selection": "selected",
+        "access_tokens_url": "https://api.github.com/installations/80429/access_tokens",
+        "repositories_url": "https://api.github.com/installation/repositories",
+        "html_url": "https://github.com/settings/installations/80429",
+        "app_id": 8157,
+        "target_id": 138074,
+        "target_type": "User",
+        "permissions": {
+            "repository_projects": "write",
+            "issues": "read",
+            "metadata": "read",
+            "pull_requests": "read"
+        },
+        "events": [
+            "pull_request"
+        ],
+        "created_at": 1516025475,
+        "updated_at": 1516025475,
+        "single_file_name": null
+    },
+    "repositories": [
+        {
+            "id": 117381220,
+            "name": "status-github-bot",
+            "full_name": "PombeirP/status-github-bot"
+        }
+    ],
+    "sender": {
+        "login": "PombeirP",
+        "id": 138074,
+        "avatar_url": "https://avatars1.githubusercontent.com/u/138074?v=4",
+        "gravatar_id": "",
+        "url": "https://api.github.com/users/PombeirP",
+        "html_url": "https://github.com/PombeirP",
+        "followers_url": "https://api.github.com/users/PombeirP/followers",
+        "following_url": "https://api.github.com/users/PombeirP/following{/other_user}",
+        "gists_url": "https://api.github.com/users/PombeirP/gists{/gist_id}",
+        "starred_url": "https://api.github.com/users/PombeirP/starred{/owner}{/repo}",
+        "subscriptions_url": "https://api.github.com/users/PombeirP/subscriptions",
+        "organizations_url": "https://api.github.com/users/PombeirP/orgs",
+        "repos_url": "https://api.github.com/users/PombeirP/repos",
+        "events_url": "https://api.github.com/users/PombeirP/events{/privacy}",
+        "received_events_url": "https://api.github.com/users/PombeirP/received_events",
+        "type": "User",
+        "site_admin": false
+    }
+}
+`
+
+	req, err := http.NewRequest("POST", "http://127.0.0.1:3010/webhooks", bytes.NewBuffer([]byte(payload)))
+	req.Header.Set("Content-Type", "application/json")
+	req.Header.Set("X-Github-Event", "integration_installation")
+	req.Header.Set("X-Hub-Signature", "sha1=987338c6e5c21794ab6c258abe51284f9b1df728")
+
+	Equal(t, err, nil)
+
+	client := &http.Client{}
+	resp, err := client.Do(req)
+	Equal(t, err, nil)
+
+	defer resp.Body.Close()
+
+	Equal(t, resp.StatusCode, http.StatusOK)
+}
+
 func TestIssueCommentEvent(t *testing.T) {
 
 	payload := `{
@@ -2560,6 +2743,48 @@ func TestPageBuildEvent(t *testing.T) {
 	Equal(t, resp.StatusCode, http.StatusOK)
 }
 
+func TestPingEvent(t *testing.T) {
+
+	payload := `{
+    "zen": "Keep it logically awesome.",
+    "hook_id": 20081052,
+    "hook": {
+        "type": "App",
+        "id": 20081052,
+        "name": "web",
+        "active": true,
+        "events": [
+            "pull_request"
+        ],
+        "config": {
+            "content_type": "json",
+            "insecure_ssl": "0",
+            "secret": "********",
+            "url": "https://ngrok.io/webhook"
+        },
+        "updated_at": "2018-01-15T10:48:54Z",
+        "created_at": "2018-01-15T10:48:54Z",
+        "app_id": 8157
+    }
+}
+`
+
+	req, err := http.NewRequest("POST", "http://127.0.0.1:3010/webhooks", bytes.NewBuffer([]byte(payload)))
+	req.Header.Set("Content-Type", "application/json")
+	req.Header.Set("X-Github-Event", "ping")
+	req.Header.Set("X-Hub-Signature", "sha1=f82267eb5c6408d5986209da906747f57c11b33b")
+
+	Equal(t, err, nil)
+
+	client := &http.Client{}
+	resp, err := client.Do(req)
+	Equal(t, err, nil)
+
+	defer resp.Body.Close()
+
+	Equal(t, resp.StatusCode, http.StatusOK)
+}
+
 func TestProjectCardEvent(t *testing.T) {
 
 	payload := `{

github/payload.go

@@ -2,8 +2,6 @@ package github
 
 import "time"
 
-// PushPayload contains the information for GitHub's push hook event
-
 // CommitCommentPayload contains the information for GitHub's commit_comment hook event
 type CommitCommentPayload struct {
 	Action  string `json:"action"`
@@ -30,13 +28,14 @@ type CommitCommentPayload struct {
 			Type              string `json:"type"`
 			SiteAdmin         bool   `json:"site_admin"`
 		} `json:"user"`
-		Position  *int64    `json:"position"`
+		Position          *int64    `json:"position"`
-		Line      *int64    `json:"line"`
+		Line              *int64    `json:"line"`
-		Path      *string   `json:"path"`
+		Path              *string   `json:"path"`
-		CommitID  string    `json:"commit_id"`
+		CommitID          string    `json:"commit_id"`
-		CreatedAt time.Time `json:"created_at"`
+		CreatedAt         time.Time `json:"created_at"`
-		UpdatedAt time.Time `json:"updated_at"`
+		UpdatedAt         time.Time `json:"updated_at"`
-		Body      string    `json:"body"`
+		Body              string    `json:"body"`
+		AuthorAssociation string    `json:"author_association"`
 	} `json:"comment"`
 	Repository struct {
 		ID       int64  `json:"id"`
@@ -382,8 +381,7 @@ type DeploymentPayload struct {
 		Sha     string `json:"sha"`
 		Ref     string `json:"ref"`
 		Task    string `json:"task"`
-		Payload struct {
+		Payload string `json:"payload"`
-		} `json:"payload"`
 		Environment string  `json:"environment"`
 		Description *string `json:"description"`
 		Creator     struct {
@@ -556,8 +554,7 @@ type DeploymentStatusPayload struct {
 		Sha     string `json:"sha"`
 		Ref     string `json:"ref"`
 		Task    string `json:"task"`
-		Payload struct {
+		Payload string `json:"payload"`
-		} `json:"payload"`
 		Environment string  `json:"environment"`
 		Description *string `json:"description"`
 		Creator     struct {
@@ -1008,6 +1005,74 @@ type GollumPayload struct {
 	} `json:"sender"`
 }
 
+// InstallationPayload contains the information for GitHub's installation and integration_installation hook events
+type InstallationPayload struct {
+	Action       string `json:"action"`
+	Installation struct {
+		ID      int64 `json:"id"`
+		Account struct {
+			Login             string `json:"login"`
+			ID                int64  `json:"id"`
+			AvatarURL         string `json:"avatar_url"`
+			GravatarID        string `json:"gravatar_id"`
+			URL               string `json:"url"`
+			HTMLURL           string `json:"html_url"`
+			FollowersURL      string `json:"followers_url"`
+			FollowingURL      string `json:"following_url"`
+			GistsURL          string `json:"gists_url"`
+			StarredURL        string `json:"starred_url"`
+			SubscriptionsURL  string `json:"subscriptions_url"`
+			OrganizationsURL  string `json:"organizations_url"`
+			ReposURL          string `json:"repos_url"`
+			EventsURL         string `json:"events_url"`
+			ReceivedEventsURL string `json:"received_events_url"`
+			Type              string `json:"type"`
+			SiteAdmin         bool   `json:"site_admin"`
+		} `json:"account"`
+		RepositorySelection string `json:"repository_selection"`
+		AccessTokensURL     string `json:"access_tokens_url"`
+		RepositoriesURL     string `json:"repositories_url"`
+		HTMLURL             string `json:"html_url"`
+		AppID               int    `json:"app_id"`
+		TargetID            int    `json:"target_id"`
+		TargetType          string `json:"target_type"`
+		Permissions         struct {
+			Issues             string `json:"issues"`
+			Metadata           string `json:"metadata"`
+			PullRequests       string `json:"pull_requests"`
+			RepositoryProjects string `json:"repository_projects"`
+		} `json:"permissions"`
+		Events         []string `json:"events"`
+		CreatedAt      int64    `json:"created_at"`
+		UpdatedAt      int64    `json:"updated_at"`
+		SingleFileName *string  `json:"single_file_name"`
+	} `json:"installation"`
+	Repositories []struct {
+		ID       int64  `json:"id"`
+		Name     string `json:"name"`
+		FullName string `json:"full_name"`
+	} `json:"repositories"`
+	Sender struct {
+		Login             string `json:"login"`
+		ID                int64  `json:"id"`
+		AvatarURL         string `json:"avatar_url"`
+		GravatarID        string `json:"gravatar_id"`
+		URL               string `json:"url"`
+		HTMLURL           string `json:"html_url"`
+		FollowersURL      string `json:"followers_url"`
+		FollowingURL      string `json:"following_url"`
+		GistsURL          string `json:"gists_url"`
+		StarredURL        string `json:"starred_url"`
+		SubscriptionsURL  string `json:"subscriptions_url"`
+		OrganizationsURL  string `json:"organizations_url"`
+		ReposURL          string `json:"repos_url"`
+		EventsURL         string `json:"events_url"`
+		ReceivedEventsURL string `json:"received_events_url"`
+		Type              string `json:"type"`
+		SiteAdmin         bool   `json:"site_admin"`
+	} `json:"sender"`
+}
+
 // IssueCommentPayload contains the information for GitHub's issue_comment hook event
 type IssueCommentPayload struct {
 	Action string `json:"action"`
@@ -1078,9 +1143,10 @@ type IssueCommentPayload struct {
 			Type              string `json:"type"`
 			SiteAdmin         bool   `json:"site_admin"`
 		} `json:"user"`
-		CreatedAt time.Time `json:"created_at"`
+		CreatedAt         time.Time `json:"created_at"`
-		UpdatedAt time.Time `json:"updated_at"`
+		UpdatedAt         time.Time `json:"updated_at"`
-		Body      string    `json:"body"`
+		Body              string    `json:"body"`
+		AuthorAssociation string    `json:"author_association"`
 	} `json:"comment"`
 	Repository struct {
 		ID       int64  `json:"id"`
@@ -2094,6 +2160,27 @@ type PageBuildPayload struct {
 	} `json:"sender"`
 }
 
+// PingPayload contains the information for GitHub's ping hook event
+type PingPayload struct {
+	HookID int `json:"hook_id"`
+	Hook   struct {
+		Type   string   `json:"type"`
+		ID     int64    `json:"id"`
+		Name   string   `json:"name"`
+		Active bool     `json:"active"`
+		Events []string `json:"events"`
+		AppID  int      `json:"app_id"`
+		Config struct {
+			ContentType string `json:"content_type"`
+			InsecureSSL int    `json:"insecure_ssl"`
+			Secret      string `json:"secret"`
+			URL         string `json:"url"`
+		} `json:"config"`
+		CreatedAt time.Time `json:"created_at"`
+		UpdatedAt time.Time `json:"updated_at"`
+	} `json:"hook"`
+}
+
 // ProjectCardPayload contains the information for GitHub's project_payload hook event
 type ProjectCardPayload struct {
 	Action      string `json:"action"`
@@ -2670,20 +2757,46 @@ type PullRequestPayload struct {
 			Type              string `json:"type"`
 			SiteAdmin         bool   `json:"site_admin"`
 		} `json:"user"`
-		Body              string     `json:"body"`
+		Body               string     `json:"body"`
-		CreatedAt         time.Time  `json:"created_at"`
+		CreatedAt          time.Time  `json:"created_at"`
-		UpdatedAt         time.Time  `json:"updated_at"`
+		UpdatedAt          time.Time  `json:"updated_at"`
-		ClosedAt          *time.Time `json:"closed_at"`
+		ClosedAt           *time.Time `json:"closed_at"`
-		MergedAt          *time.Time `json:"merged_at"`
+		MergedAt           *time.Time `json:"merged_at"`
-		MergeCommitSha    *string    `json:"merge_commit_sha"`
+		MergeCommitSha     *string    `json:"merge_commit_sha"`
-		Assignee          *Assignee  `json:"assignee"`
+		Assignee           *Assignee  `json:"assignee"`
-		Milestone         *Milestone `json:"milestone"`
+		Milestone          *Milestone `json:"milestone"`
-		CommitsURL        string     `json:"commits_url"`
+		CommitsURL         string     `json:"commits_url"`
-		ReviewCommentsURL string     `json:"review_comments_url"`
+		ReviewCommentsURL  string     `json:"review_comments_url"`
-		ReviewCommentURL  string     `json:"review_comment_url"`
+		ReviewCommentURL   string     `json:"review_comment_url"`
-		CommentsURL       string     `json:"comments_url"`
+		CommentsURL        string     `json:"comments_url"`
-		StatusesURL       string     `json:"statuses_url"`
+		StatusesURL        string     `json:"statuses_url"`
-		Head              struct {
+		RequestedReviewers []struct {
+			Login             string `json:"login"`
+			ID                int    `json:"id"`
+			AvatarURL         string `json:"avatar_url"`
+			GravatarID        string `json:"gravatar_id"`
+			URL               string `json:"url"`
+			HTMLURL           string `json:"html_url"`
+			FollowersURL      string `json:"followers_url"`
+			FollowingURL      string `json:"following_url"`
+			GistsURL          string `json:"gists_url"`
+			StarredURL        string `json:"starred_url"`
+			SubscriptionsURL  string `json:"subscriptions_url"`
+			OrganizationsURL  string `json:"organizations_url"`
+			ReposURL          string `json:"repos_url"`
+			EventsURL         string `json:"events_url"`
+			ReceivedEventsURL string `json:"received_events_url"`
+			Type              string `json:"type"`
+			SiteAdmin         bool   `json:"site_admin"`
+		} `json:"requested_reviewers,omitempty"`
+		Labels []struct {
+			ID      int64  `json:"id"`
+			URL     string `json:"url"`
+			Name    string `json:"name"`
+			Color   string `json:"color"`
+			Default bool   `json:"default"`
+		} `json:"labels"`
+		Head struct {
 			Label string `json:"label"`
 			Ref   string `json:"ref"`
 			Sha   string `json:"sha"`
@@ -2942,6 +3055,13 @@ type PullRequestPayload struct {
 		Deletions      int64     `json:"deletions"`
 		ChangedFiles   int64     `json:"changed_files"`
 	} `json:"pull_request"`
+	Label struct {
+		ID      int64  `json:"id"`
+		URL     string `json:"url"`
+		Name    string `json:"name"`
+		Color   string `json:"color"`
+		Default bool   `json:"default"`
+	} `json:"label"`
 	Repository struct {
 		ID       int64  `json:"id"`
 		Name     string `json:"name"`
@@ -3526,12 +3646,13 @@ type PullRequestReviewCommentPayload struct {
 			Type              string `json:"type"`
 			SiteAdmin         bool   `json:"site_admin"`
 		} `json:"user"`
-		Body           string    `json:"body"`
+		Body              string    `json:"body"`
-		CreatedAt      time.Time `json:"created_at"`
+		AuthorAssociation string    `json:"author_association"`
-		UpdatedAt      time.Time `json:"updated_at"`
+		CreatedAt         time.Time `json:"created_at"`
-		HTMLURL        string    `json:"html_url"`
+		UpdatedAt         time.Time `json:"updated_at"`
-		PullRequestURL string    `json:"pull_request_url"`
+		HTMLURL           string    `json:"html_url"`
-		Links          struct {
+		PullRequestURL    string    `json:"pull_request_url"`
+		Links             struct {
 			Self struct {
 				Href string `json:"href"`
 			} `json:"self"`
@@ -3954,6 +4075,7 @@ type PushPayload struct {
 	BaseRef *string `json:"base_ref"`
 	Compare string  `json:"compare"`
 	Commits []struct {
+		Sha       string `json:"sha"`
 		ID        string `json:"id"`
 		TreeID    string `json:"tree_id"`
 		Distinct  bool   `json:"distinct"`

gitlab/gitlab.go

@@ -2,6 +2,7 @@ package gitlab
 
 import (
 	"encoding/json"
+	"fmt"
 	"io/ioutil"
 	"net/http"
 
@@ -25,14 +26,15 @@ type Event string
 
 // GitLab hook types
 const (
-	PushEvents         Event = "Push Hook"
+	PushEvents               Event = "Push Hook"
-	TagEvents          Event = "Tag Push Hook"
+	TagEvents                Event = "Tag Push Hook"
-	IssuesEvents       Event = "Issue Hook"
+	IssuesEvents             Event = "Issue Hook"
-	CommentEvents      Event = "Note Hook"
+	ConfidentialIssuesEvents Event = "Confidential Issue Hook"
-	MergeRequestEvents Event = "Merge Request Hook"
+	CommentEvents            Event = "Note Hook"
-	WikiPageEvents     Event = "Wiki Page Hook"
+	MergeRequestEvents       Event = "Merge Request Hook"
-	PipelineEvents     Event = "Pipeline Hook"
+	WikiPageEvents           Event = "Wiki Page Hook"
-	BuildEvents        Event = "Build Hook"
+	PipelineEvents           Event = "Pipeline Hook"
+	BuildEvents              Event = "Build Hook"
 )
 
 // New creates and returns a WebHook instance denoted by the Provider type
@@ -59,33 +61,39 @@ func (hook Webhook) RegisterEvents(fn webhooks.ProcessPayloadFunc, events ...Eve
 
 // ParsePayload parses and verifies the payload and fires off the mapped function, if it exists.
 func (hook Webhook) ParsePayload(w http.ResponseWriter, r *http.Request) {
+	webhooks.DefaultLog.Info("Parsing Payload...")
 
 	event := r.Header.Get("X-Gitlab-Event")
 	if len(event) == 0 {
+		webhooks.DefaultLog.Error("Missing X-Gitlab-Event Header")
 		http.Error(w, "400 Bad Request - Missing X-Gitlab-Event Header", http.StatusBadRequest)
 		return
 	}
+	webhooks.DefaultLog.Debug(fmt.Sprintf("X-Gitlab-Event:%s", event))
 
 	gitLabEvent := Event(event)
 
 	fn, ok := hook.eventFuncs[gitLabEvent]
 	// if no event registered
 	if !ok {
+		webhooks.DefaultLog.Info(fmt.Sprintf("Webhook Event %s not registered, it is recommended to setup only events in gitlab that will be registered in the webhook to avoid unnecessary traffic and reduce potential attack vectors.", event))
 		return
 	}
 
 	payload, err := ioutil.ReadAll(r.Body)
 	if err != nil || len(payload) == 0 {
-		http.Error(w, "Error reading Body", http.StatusInternalServerError)
+		webhooks.DefaultLog.Error("Issue reading Payload")
+		http.Error(w, "Error reading Payload", http.StatusInternalServerError)
 		return
 	}
+	webhooks.DefaultLog.Debug(fmt.Sprintf("Payload:%s", string(payload)))
 
 	// If we have a Secret set, we should check the MAC
 	if len(hook.secret) > 0 {
-
+		webhooks.DefaultLog.Info("Checking secret")
 		signature := r.Header.Get("X-Gitlab-Token")
-
 		if signature != hook.secret {
+			webhooks.DefaultLog.Error(fmt.Sprintf("Invalid X-Gitlab-Token of '%s'", signature))
 			http.Error(w, "403 Forbidden - Token missmatch", http.StatusForbidden)
 			return
 		}
@@ -105,6 +113,11 @@ func (hook Webhook) ParsePayload(w http.ResponseWriter, r *http.Request) {
 		json.Unmarshal([]byte(payload), &te)
 		hook.runProcessPayloadFunc(fn, te, hd)
 
+	case ConfidentialIssuesEvents:
+		var cie ConfidentialIssueEventPayload
+		json.Unmarshal([]byte(payload), &cie)
+		hook.runProcessPayloadFunc(fn, cie, hd)
+
 	case IssuesEvents:
 		var ie IssueEventPayload
 		json.Unmarshal([]byte(payload), &ie)

gitlab/gitlab_test.go

@@ -43,6 +43,7 @@ func TestMain(m *testing.M) {
 		PushEvents,
 		TagEvents,
 		IssuesEvents,
+		ConfidentialIssuesEvents,
 		CommentEvents,
 		MergeRequestEvents,
 		WikiPageEvents,
@@ -349,6 +350,78 @@ func TestIssueEvent(t *testing.T) {
 	Equal(t, resp.StatusCode, http.StatusOK)
 }
 
+func TestConfidentialIssueEvent(t *testing.T) {
+
+	payload := `{
+    "object_kind": "issue",
+    "user": {
+      "name": "Administrator",
+      "username": "root",
+      "avatar_url": "http://www.gravatar.com/avatar/e64c7d89f26bd1972efa854d13d7dd61?s=40\u0026d=identicon"
+    },
+    "project":{
+      "name":"Gitlab Test",
+      "description":"Aut reprehenderit ut est.",
+      "web_url":"http://example.com/gitlabhq/gitlab-test",
+      "avatar_url":null,
+      "git_ssh_url":"git@example.com:gitlabhq/gitlab-test.git",
+      "git_http_url":"http://example.com/gitlabhq/gitlab-test.git",
+      "namespace":"GitlabHQ",
+      "visibility_level":20,
+      "path_with_namespace":"gitlabhq/gitlab-test",
+      "default_branch":"master",
+      "homepage":"http://example.com/gitlabhq/gitlab-test",
+      "url":"http://example.com/gitlabhq/gitlab-test.git",
+      "ssh_url":"git@example.com:gitlabhq/gitlab-test.git",
+      "http_url":"http://example.com/gitlabhq/gitlab-test.git"
+    },
+    "repository":{
+      "name": "Gitlab Test",
+      "url": "http://example.com/gitlabhq/gitlab-test.git",
+      "description": "Aut reprehenderit ut est.",
+      "homepage": "http://example.com/gitlabhq/gitlab-test"
+    },
+    "object_attributes": {
+      "id": 301,
+      "title": "New API: create/update/delete file",
+      "assignee_id": 51,
+      "author_id": 51,
+      "project_id": 14,
+      "created_at": "2013-12-03T17:15:43Z",
+      "updated_at": "2013-12-03T17:15:43Z",
+      "position": 0,
+      "branch_name": null,
+      "description": "Create new API for manipulations with repository",
+      "milestone_id": null,
+      "state": "opened",
+      "iid": 23,
+      "url": "http://example.com/diaspora/issues/23",
+      "action": "open"
+    },
+    "assignee": {
+      "name": "User1",
+      "username": "user1",
+      "avatar_url": "http://www.gravatar.com/avatar/e64c7d89f26bd1972efa854d13d7dd61?s=40\u0026d=identicon"
+    }
+  }
+  `
+
+	req, err := http.NewRequest("POST", "http://127.0.0.1:3011/webhooks", bytes.NewBuffer([]byte(payload)))
+	req.Header.Set("Content-Type", "application/json")
+	req.Header.Set("X-Gitlab-Event", "Confidential Issue Hook")
+	req.Header.Set("X-Gitlab-Token", "sampleToken!")
+
+	Equal(t, err, nil)
+
+	client := &http.Client{}
+	resp, err := client.Do(req)
+	Equal(t, err, nil)
+
+	defer resp.Body.Close()
+
+	Equal(t, resp.StatusCode, http.StatusOK)
+}
+
 func TestCommentCommitEvent(t *testing.T) {
 
 	payload := `{
@@ -734,82 +807,145 @@ func TestCommentSunippetEvent(t *testing.T) {
 func TestMergeRequestEvent(t *testing.T) {
 
 	payload := `{
-  "object_kind": "merge_request",
+    "object_kind": "merge_request",
-  "user": {
+    "user": {
-    "name": "Administrator",
+      "name": "Administrator",
-    "username": "root",
+      "username": "root",
-    "avatar_url": "http://www.gravatar.com/avatar/e64c7d89f26bd1972efa854d13d7dd61?s=40\u0026d=identicon"
+      "avatar_url": "http://www.gravatar.com/avatar/e64c7d89f26bd1972efa854d13d7dd61?s=40\u0026d=identicon"
-  },
-  "object_attributes": {
-    "id": 99,
-    "target_branch": "master",
-    "source_branch": "ms-viewport",
-    "source_project_id": 14,
-    "author_id": 51,
-    "assignee_id": 6,
-    "title": "MS-Viewport",
-    "created_at": "2013-12-03T17:23:34Z",
-    "updated_at": "2013-12-03T17:23:34Z",
-    "st_commits": null,
-    "st_diffs": null,
-    "milestone_id": null,
-    "state": "opened",
-    "merge_status": "unchecked",
-    "target_project_id": 14,
-    "iid": 1,
-    "description": "",
-    "source":{
-      "name":"Awesome Project",
-      "description":"Aut reprehenderit ut est.",
-      "web_url":"http://example.com/awesome_space/awesome_project",
-      "avatar_url":null,
-      "git_ssh_url":"git@example.com:awesome_space/awesome_project.git",
-      "git_http_url":"http://example.com/awesome_space/awesome_project.git",
-      "namespace":"Awesome Space",
-      "visibility_level":20,
-      "path_with_namespace":"awesome_space/awesome_project",
-      "default_branch":"master",
-      "homepage":"http://example.com/awesome_space/awesome_project",
-      "url":"http://example.com/awesome_space/awesome_project.git",
-      "ssh_url":"git@example.com:awesome_space/awesome_project.git",
-      "http_url":"http://example.com/awesome_space/awesome_project.git"
     },
-    "target": {
+    "project": {
-      "name":"Awesome Project",
+      "id": 1,
+      "name":"Gitlab Test",
       "description":"Aut reprehenderit ut est.",
-      "web_url":"http://example.com/awesome_space/awesome_project",
+      "web_url":"http://example.com/gitlabhq/gitlab-test",
       "avatar_url":null,
-      "git_ssh_url":"git@example.com:awesome_space/awesome_project.git",
+      "git_ssh_url":"git@example.com:gitlabhq/gitlab-test.git",
-      "git_http_url":"http://example.com/awesome_space/awesome_project.git",
+      "git_http_url":"http://example.com/gitlabhq/gitlab-test.git",
-      "namespace":"Awesome Space",
+      "namespace":"GitlabHQ",
       "visibility_level":20,
-      "path_with_namespace":"awesome_space/awesome_project",
+      "path_with_namespace":"gitlabhq/gitlab-test",
       "default_branch":"master",
-      "homepage":"http://example.com/awesome_space/awesome_project",
+      "homepage":"http://example.com/gitlabhq/gitlab-test",
-      "url":"http://example.com/awesome_space/awesome_project.git",
+      "url":"http://example.com/gitlabhq/gitlab-test.git",
-      "ssh_url":"git@example.com:awesome_space/awesome_project.git",
+      "ssh_url":"git@example.com:gitlabhq/gitlab-test.git",
-      "http_url":"http://example.com/awesome_space/awesome_project.git"
+      "http_url":"http://example.com/gitlabhq/gitlab-test.git"
     },
-    "last_commit": {
+    "repository": {
-      "id": "da1560886d4f094c3e6c9ef40349f7d38b5d27d7",
+      "name": "Gitlab Test",
-      "message": "fixed readme",
+      "url": "http://example.com/gitlabhq/gitlab-test.git",
-      "timestamp": "2012-01-03T23:36:29+02:00",
+      "description": "Aut reprehenderit ut est.",
-      "url": "http://example.com/awesome_space/awesome_project/commits/da1560886d4f094c3e6c9ef40349f7d38b5d27d7",
+      "homepage": "http://example.com/gitlabhq/gitlab-test"
-      "author": {
+    },
-        "name": "GitLab dev user",
+    "object_attributes": {
-        "email": "gitlabdev@dv6700.(none)"
+      "id": 99,
+      "target_branch": "master",
+      "source_branch": "ms-viewport",
+      "source_project_id": 14,
+      "author_id": 51,
+      "assignee_id": 6,
+      "title": "MS-Viewport",
+      "created_at": "2013-12-03T17:23:34Z",
+      "updated_at": "2013-12-03T17:23:34Z",
+      "milestone_id": null,
+      "state": "opened",
+      "merge_status": "unchecked",
+      "target_project_id": 14,
+      "iid": 1,
+      "description": "",
+      "source": {
+        "name":"Awesome Project",
+        "description":"Aut reprehenderit ut est.",
+        "web_url":"http://example.com/awesome_space/awesome_project",
+        "avatar_url":null,
+        "git_ssh_url":"git@example.com:awesome_space/awesome_project.git",
+        "git_http_url":"http://example.com/awesome_space/awesome_project.git",
+        "namespace":"Awesome Space",
+        "visibility_level":20,
+        "path_with_namespace":"awesome_space/awesome_project",
+        "default_branch":"master",
+        "homepage":"http://example.com/awesome_space/awesome_project",
+        "url":"http://example.com/awesome_space/awesome_project.git",
+        "ssh_url":"git@example.com:awesome_space/awesome_project.git",
+        "http_url":"http://example.com/awesome_space/awesome_project.git"
+      },
+      "target": {
+        "name":"Awesome Project",
+        "description":"Aut reprehenderit ut est.",
+        "web_url":"http://example.com/awesome_space/awesome_project",
+        "avatar_url":null,
+        "git_ssh_url":"git@example.com:awesome_space/awesome_project.git",
+        "git_http_url":"http://example.com/awesome_space/awesome_project.git",
+        "namespace":"Awesome Space",
+        "visibility_level":20,
+        "path_with_namespace":"awesome_space/awesome_project",
+        "default_branch":"master",
+        "homepage":"http://example.com/awesome_space/awesome_project",
+        "url":"http://example.com/awesome_space/awesome_project.git",
+        "ssh_url":"git@example.com:awesome_space/awesome_project.git",
+        "http_url":"http://example.com/awesome_space/awesome_project.git"
+      },
+      "last_commit": {
+        "id": "da1560886d4f094c3e6c9ef40349f7d38b5d27d7",
+        "message": "fixed readme",
+        "timestamp": "2012-01-03T23:36:29+02:00",
+        "url": "http://example.com/awesome_space/awesome_project/commits/da1560886d4f094c3e6c9ef40349f7d38b5d27d7",
+        "author": {
+          "name": "GitLab dev user",
+          "email": "gitlabdev@dv6700.(none)"
+        }
+      },
+      "work_in_progress": false,
+      "url": "http://example.com/diaspora/merge_requests/1",
+      "action": "open",
+      "assignee": {
+        "name": "User1",
+        "username": "user1",
+        "avatar_url": "http://www.gravatar.com/avatar/e64c7d89f26bd1972efa854d13d7dd61?s=40\u0026d=identicon"
       }
     },
-    "work_in_progress": false,
+    "labels": [{
-    "url": "http://example.com/diaspora/merge_requests/1",
+      "id": 206,
-    "action": "open",
+      "title": "API",
-    "assignee": {
+      "color": "#ffffff",
-      "name": "User1",
+      "project_id": 14,
-      "username": "user1",
+      "created_at": "2013-12-03T17:15:43Z",
-      "avatar_url": "http://www.gravatar.com/avatar/e64c7d89f26bd1972efa854d13d7dd61?s=40\u0026d=identicon"
+      "updated_at": "2013-12-03T17:15:43Z",
+      "template": false,
+      "description": "API related issues",
+      "type": "ProjectLabel",
+      "group_id": 41
+    }],
+    "changes": {
+      "updated_by_id": [null, 1],
+      "updated_at": ["2017-09-15 16:50:55 UTC", "2017-09-15 16:52:00 UTC"],
+      "labels": {
+        "previous": [{
+          "id": 206,
+          "title": "API",
+          "color": "#ffffff",
+          "project_id": 14,
+          "created_at": "2013-12-03T17:15:43Z",
+          "updated_at": "2013-12-03T17:15:43Z",
+          "template": false,
+          "description": "API related issues",
+          "type": "ProjectLabel",
+          "group_id": 41
+        }],
+        "current": [{
+          "id": 205,
+          "title": "Platform",
+          "color": "#123123",
+          "project_id": 14,
+          "created_at": "2013-12-03T17:15:43Z",
+          "updated_at": "2013-12-03T17:15:43Z",
+          "template": false,
+          "description": "Platform related issues",
+          "type": "ProjectLabel",
+          "group_id": 41
+        }]
+      }
     }
   }  
-}
 `
 
 	req, err := http.NewRequest("POST", "http://127.0.0.1:3011/webhooks", bytes.NewBuffer([]byte(payload)))

gitlab/payload.go

@@ -38,6 +38,14 @@ type IssueEventPayload struct {
 	Repository       Repository       `json:"repository"`
 	ObjectAttributes ObjectAttributes `json:"object_attributes"`
 	Assignee         Assignee         `json:"assignee"`
+	Changes          Changes          `json:"changes"`
+}
+
+// ConfidentialIssueEventPayload contains the information for GitLab's confidential issue event
+type ConfidentialIssueEventPayload struct {
+	// The data for confidential issues is currently the same as normal issues,
+	// so we can just embed the normal issue payload type here.
+	IssueEventPayload
 }
 
 // MergeRequestEventPayload contains the information for GitLab's merge request event
@@ -45,6 +53,9 @@ type MergeRequestEventPayload struct {
 	ObjectKind       string           `json:"object_kind"`
 	User             User             `json:"user"`
 	ObjectAttributes ObjectAttributes `json:"object_attributes"`
+	Changes          Changes          `json:"changes"`
+	Project          Project          `json:"project"`
+	Repository       Repository       `json:"repository"`
 }
 
 // PushEventPayload contains the information for GitLab's push event
@@ -312,7 +323,7 @@ type MergeRequest struct {
 	ID              int64      `json:"id"`
 	TargetBranch    string     `json:"target_branch"`
 	SourceBranch    string     `json:"source_branch"`
-	SourceProjectID string     `json:"source_project_id"`
+	SourceProjectID int64      `json:"source_project_id"`
 	AssigneeID      int64      `json:"assignee_id"`
 	AuthorID        int64      `json:"author_id"`
 	Title           string     `json:"title"`
@@ -402,3 +413,28 @@ type Author struct {
 	Name  string `json:"name"`
 	Email string `json:"email"`
 }
+
+// Changes contains all changes associated with a GitLab issue or MR
+type Changes struct {
+	LabelChanges LabelChanges `json:"labels"`
+}
+
+// LabelChanges contains changes in labels assocatiated with a GitLab issue or MR
+type LabelChanges struct {
+	Previous []Label `json:"previous"`
+	Current  []Label `json:"current"`
+}
+
+// Label contains all of the GitLab label information
+type Label struct {
+	Id          int64      `json:"id"`
+	Title       string     `json:"title"`
+	Color       string     `json:"color"`
+	ProjectId   int64      `json:"project_id"`
+	CreatedAt   customTime `json:"created_at"`
+	UpdatedAt   customTime `json:"updated_at"`
+	Template    bool       `json:"template"`
+	Description string     `json:"description"`
+	Type        string     `json:"type"`
+	GroupId     int64      `json:"group_id"`
+}

gogs/gogs.go

@@ -0,0 +1,167 @@
+package gogs
+
+import (
+	"encoding/json"
+	"fmt"
+	"io/ioutil"
+	"net/http"
+
+	"crypto/hmac"
+	"crypto/sha256"
+	"encoding/hex"
+	client "github.com/gogits/go-gogs-client"
+	"gopkg.in/go-playground/webhooks.v3"
+)
+
+// Webhook instance contains all methods needed to process events
+type Webhook struct {
+	provider   webhooks.Provider
+	secret     string
+	eventFuncs map[Event]webhooks.ProcessPayloadFunc
+}
+
+// Config defines the configuration to create a new Gogs Webhook instance
+type Config struct {
+	Secret string
+}
+
+// Event defines a Gogs hook event type
+type Event string
+
+// Gogs hook types
+const (
+	CreateEvent       Event = "create"
+	DeleteEvent       Event = "delete"
+	ForkEvent         Event = "fork"
+	PushEvent         Event = "push"
+	IssuesEvent       Event = "issues"
+	IssueCommentEvent Event = "issue_comment"
+	PullRequestEvent  Event = "pull_request"
+	ReleaseEvent      Event = "release"
+)
+
+// New creates and returns a WebHook instance denoted by the Provider type
+func New(config *Config) *Webhook {
+	return &Webhook{
+		provider:   webhooks.Gogs,
+		secret:     config.Secret,
+		eventFuncs: map[Event]webhooks.ProcessPayloadFunc{},
+	}
+}
+
+// Provider returns the current hooks provider ID
+func (hook Webhook) Provider() webhooks.Provider {
+	return hook.provider
+}
+
+// RegisterEvents registers the function to call when the specified event(s) are encountered
+func (hook Webhook) RegisterEvents(fn webhooks.ProcessPayloadFunc, events ...Event) {
+
+	for _, event := range events {
+		hook.eventFuncs[event] = fn
+	}
+}
+
+// ParsePayload parses and verifies the payload and fires off the mapped function, if it exists.
+func (hook Webhook) ParsePayload(w http.ResponseWriter, r *http.Request) {
+	webhooks.DefaultLog.Info("Parsing Payload...")
+
+	event := r.Header.Get("X-Gogs-Event")
+	if len(event) == 0 {
+		webhooks.DefaultLog.Error("Missing X-Gogs-Event Header")
+		http.Error(w, "400 Bad Request - Missing X-Gogs-Event Header", http.StatusBadRequest)
+		return
+	}
+	webhooks.DefaultLog.Debug(fmt.Sprintf("X-Gogs-Event:%s", event))
+
+	gogsEvent := Event(event)
+
+	fn, ok := hook.eventFuncs[gogsEvent]
+	// if no event registered
+	if !ok {
+		webhooks.DefaultLog.Info(fmt.Sprintf("Webhook Event %s not registered, it is recommended to setup only events in gogs that will be registered in the webhook to avoid unnecessary traffic and reduce potential attack vectors.", event))
+		return
+	}
+
+	payload, err := ioutil.ReadAll(r.Body)
+	if err != nil || len(payload) == 0 {
+		webhooks.DefaultLog.Error("Issue reading Payload")
+		http.Error(w, "Issue reading Payload", http.StatusInternalServerError)
+		return
+	}
+	webhooks.DefaultLog.Debug(fmt.Sprintf("Payload:%s", string(payload)))
+
+	// If we have a Secret set, we should check the MAC
+	if len(hook.secret) > 0 {
+		webhooks.DefaultLog.Info("Checking secret")
+		signature := r.Header.Get("X-Gogs-Signature")
+		if len(signature) == 0 {
+			webhooks.DefaultLog.Error("Missing X-Gogs-Signature required for HMAC verification")
+			http.Error(w, "403 Forbidden - Missing X-Gogs-Signature required for HMAC verification", http.StatusForbidden)
+			return
+		}
+		webhooks.DefaultLog.Debug(fmt.Sprintf("X-Gogs-Signature:%s", signature))
+
+		mac := hmac.New(sha256.New, []byte(hook.secret))
+		mac.Write(payload)
+
+		expectedMAC := hex.EncodeToString(mac.Sum(nil))
+
+		if !hmac.Equal([]byte(signature), []byte(expectedMAC)) {
+			webhooks.DefaultLog.Debug(string(payload))
+			http.Error(w, "403 Forbidden - HMAC verification failed", http.StatusForbidden)
+			return
+		}
+	}
+
+	// Make headers available to ProcessPayloadFunc as a webhooks type
+	hd := webhooks.Header(r.Header)
+
+	switch gogsEvent {
+	case CreateEvent:
+		var pe client.CreatePayload
+		json.Unmarshal([]byte(payload), &pe)
+		hook.runProcessPayloadFunc(fn, pe, hd)
+
+	case ReleaseEvent:
+		var re client.ReleasePayload
+		json.Unmarshal([]byte(payload), &re)
+		hook.runProcessPayloadFunc(fn, re, hd)
+
+	case PushEvent:
+		var pe client.PushPayload
+		json.Unmarshal([]byte(payload), &pe)
+		hook.runProcessPayloadFunc(fn, pe, hd)
+
+	case DeleteEvent:
+		var de client.DeletePayload
+		json.Unmarshal([]byte(payload), &de)
+		hook.runProcessPayloadFunc(fn, de, hd)
+
+	case ForkEvent:
+		var fe client.ForkPayload
+		json.Unmarshal([]byte(payload), &fe)
+		hook.runProcessPayloadFunc(fn, fe, hd)
+
+	case IssuesEvent:
+		var ie client.IssuesPayload
+		json.Unmarshal([]byte(payload), &ie)
+		hook.runProcessPayloadFunc(fn, ie, hd)
+
+	case IssueCommentEvent:
+		var ice client.IssueCommentPayload
+		json.Unmarshal([]byte(payload), &ice)
+		hook.runProcessPayloadFunc(fn, ice, hd)
+
+	case PullRequestEvent:
+		var pre client.PullRequestPayload
+		json.Unmarshal([]byte(payload), &pre)
+		hook.runProcessPayloadFunc(fn, pre, hd)
+	}
+}
+
+func (hook Webhook) runProcessPayloadFunc(fn webhooks.ProcessPayloadFunc, results interface{}, header webhooks.Header) {
+	go func(fn webhooks.ProcessPayloadFunc, results interface{}, header webhooks.Header) {
+		fn(results, header)
+	}(fn, results, header)
+}

logger.go

@@ -0,0 +1,44 @@
+package webhooks
+
+import "log"
+
+// DefaultLog contains the default logger for webhooks, and prints only info and error messages by default
+// for debugs override DefaultLog or see NewLogger for creating one without debugs.
+var DefaultLog Logger = new(logger)
+
+// Logger allows for customizable logging
+type Logger interface {
+	// Info prints basic information.
+	Info(string)
+	// Error prints error information.
+	Error(string)
+	// Debug prints information usefull for debugging.
+	Debug(string)
+}
+
+// NewLogger returns a new logger for use.
+func NewLogger(debug bool) Logger {
+	return &logger{PrintDebugs: debug}
+}
+
+type logger struct {
+	PrintDebugs bool
+}
+
+// Info prints basic information.
+func (l *logger) Info(msg string) {
+	log.Println("INFO:", msg)
+}
+
+// v prints error information.
+func (l *logger) Error(msg string) {
+	log.Println("ERROR:", msg)
+}
+
+// Debug prints information usefull for debugging.
+func (l *logger) Debug(msg string) {
+	if !l.PrintDebugs {
+		return
+	}
+	log.Println("DEBUG:", msg)
+}

webhooks.go

@@ -1,6 +1,9 @@
 package webhooks
 
-import "net/http"
+import (
+	"fmt"
+	"net/http"
+)
 
 // Header provides http.Header to minimize imports
 type Header http.Header
@@ -16,6 +19,8 @@ func (p Provider) String() string {
 		return "Bitbucket"
 	case GitLab:
 		return "GitLab"
+	case Gogs:
+		return "Gogs"
 	default:
 		return "Unknown"
 	}
@@ -26,6 +31,7 @@ const (
 	GitHub Provider = iota
 	Bitbucket
 	GitLab
+	Gogs
 )
 
 // Webhook interface defines a webhook to receive events
@@ -35,22 +41,31 @@ type Webhook interface {
 }
 
 type server struct {
-	hook Webhook
+	hook             Webhook
-	path string
+	path             string
+	includePathCheck bool
 }
 
 // ProcessPayloadFunc is a common function for payload return values
 type ProcessPayloadFunc func(payload interface{}, header Header)
 
+// Handler returns the webhook http.Handler for use in your own Mux implementation
+func Handler(hook Webhook) http.Handler {
+	return &server{
+		hook: hook,
+	}
+}
+
 // Run runs a server
 func Run(hook Webhook, addr string, path string) error {
 	srv := &server{
-		hook: hook,
+		hook:             hook,
-		path: path,
+		path:             path,
+		includePathCheck: true,
 	}
-
 	s := &http.Server{Addr: addr, Handler: srv}
 
+	DefaultLog.Info(fmt.Sprintf("Listening on addr: %s path: %s", addr, path))
 	return s.ListenAndServe()
 }
 
@@ -58,12 +73,13 @@ func Run(hook Webhook, addr string, path string) error {
 func RunServer(s *http.Server, hook Webhook, path string) error {
 
 	srv := &server{
-		hook: hook,
+		hook:             hook,
-		path: path,
+		path:             path,
+		includePathCheck: true,
 	}
 
 	s.Handler = srv
-
+	DefaultLog.Info(fmt.Sprintf("Listening on addr: %s path: %s", s.Addr, path))
 	return s.ListenAndServe()
 }
 
@@ -74,26 +90,34 @@ func RunServer(s *http.Server, hook Webhook, path string) error {
 func RunTLSServer(s *http.Server, hook Webhook, path string) error {
 
 	srv := &server{
-		hook: hook,
+		hook:             hook,
-		path: path,
+		path:             path,
+		includePathCheck: true,
 	}
 
 	s.Handler = srv
-
+	DefaultLog.Info(fmt.Sprintf("Listening on addr: %s path: %s", s.Addr, path))
 	return s.ListenAndServeTLS("", "")
 }
 
 // ServeHTTP is the Handler for every posted WebHook Event
 func (s *server) ServeHTTP(w http.ResponseWriter, r *http.Request) {
 	defer r.Body.Close()
+	DefaultLog.Info("Webhook received")
 
 	if r.Method != "POST" {
+		DefaultLog.Error(fmt.Sprintf("405 Method not allowed, attempt made using Method: %s", r.Method))
 		http.Error(w, "405 Method not allowed", http.StatusMethodNotAllowed)
 		return
 	}
-	if r.URL.Path != s.path {
+
-		http.Error(w, "404 Not found", http.StatusNotFound)
+	DefaultLog.Debug(fmt.Sprintf("Include path check: %t", s.includePathCheck))
-		return
+	if s.includePathCheck {
+		if r.URL.Path != s.path {
+			DefaultLog.Error(fmt.Sprintf("404 Not found, POST made using path: %s, but expected %s", r.URL.Path, s.path))
+			http.Error(w, "404 Not found", http.StatusNotFound)
+			return
+		}
 	}
 
 	s.hook.ParsePayload(w, r)

webhooks_test.go

@@ -8,6 +8,8 @@ import (
 	"testing"
 	"time"
 
+	"net/http/httptest"
+
 	. "gopkg.in/go-playground/assert.v1"
 )
 
@@ -47,6 +49,43 @@ func TestMain(m *testing.M) {
 	// teardown
 }
 
+func TestHandler(t *testing.T) {
+
+	mux := http.NewServeMux()
+	mux.Handle("/webhooks", Handler(fakeHook))
+
+	s := httptest.NewServer(Handler(fakeHook))
+	defer s.Close()
+
+	payload := "{}"
+
+	req, err := http.NewRequest("POST", s.URL+"/webhooks", bytes.NewBuffer([]byte(payload)))
+	req.Header.Set("Content-Type", "application/json")
+
+	Equal(t, err, nil)
+
+	client := &http.Client{}
+	resp, err := client.Do(req)
+	Equal(t, err, nil)
+
+	defer resp.Body.Close()
+
+	Equal(t, resp.StatusCode, http.StatusOK)
+
+	// Test BAD METHOD
+	req, err = http.NewRequest("GET", s.URL+"/webhooks", bytes.NewBuffer([]byte(payload)))
+	req.Header.Set("Content-Type", "application/json")
+
+	Equal(t, err, nil)
+
+	resp, err = client.Do(req)
+	Equal(t, err, nil)
+
+	defer resp.Body.Close()
+
+	Equal(t, resp.StatusCode, http.StatusMethodNotAllowed)
+}
+
 func TestRun(t *testing.T) {
 
 	go Run(fakeHook, "127.0.0.1:3006", "/webhooks")
@@ -97,7 +136,7 @@ func TestRun(t *testing.T) {
 }
 
 func TestRunServer(t *testing.T) {
-
+	DefaultLog = NewLogger(true)
 	server := &http.Server{Addr: "127.0.0.1:3007", Handler: nil}
 	go RunServer(server, fakeHook, "/webhooks")
 	time.Sleep(5000)