From e0703e0a502f0d067cc15c223e9ffd43f89c0403 Mon Sep 17 00:00:00 2001
From: syuilo <syuilotan@yahoo.co.jp>
Date: Sun, 12 Feb 2017 06:39:37 +0900
Subject: [PATCH] [Server] Fix bug

---
 src/api/service/github.ts | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/src/api/service/github.ts b/src/api/service/github.ts
index 00241987a..2b7067501 100644
--- a/src/api/service/github.ts
+++ b/src/api/service/github.ts
@@ -1,5 +1,6 @@
 import * as EventEmitter from 'events';
 import * as express from 'express';
+const crypto = require('crypto');
 import User from '../models/user';
 import config from '../../conf';
 
@@ -20,7 +21,7 @@ module.exports = async (app: express.Application) => {
 	const handler = new EventEmitter();
 
 	app.post('/hooks/github', (req, res, next) => {
-		if (req.headers['x-hub-signature'] == config.github_bot.hook_secret) {
+		if ((new Buffer(req.headers['x-hub-signature'])).equals(new Buffer('sha1=' + crypto.createHmac('sha1', config.github_bot.hook_secret).update(JSON.stringify(req.body)).digest('hex')))) {
 			handler.emit(req.headers['x-github-event'], req.body);
 		} else {
 			res.sendStatus(400);