Skip to content

Commit b44e471

Browse files
habara-khabara-k
committed
Add option to skip signature verification
1 parent 73c26be commit b44e471

File tree

2 files changed

+15
-4
lines changed

2 files changed

+15
-4
lines changed

examples/echo_bot/server.go

Lines changed: 4 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -26,7 +26,7 @@ import (
2626
)
2727

2828
func main() {
29-
channelSecret := os.Getenv("LINE_CHANNEL_SECRET")
29+
channelSecret := "DummyChannelSecret" // Dummy value is fine to skip webhook signature verification
3030
bot, err := messaging_api.NewMessagingApiAPI(
3131
os.Getenv("LINE_CHANNEL_TOKEN"),
3232
)
@@ -38,7 +38,9 @@ func main() {
3838
http.HandleFunc("/callback", func(w http.ResponseWriter, req *http.Request) {
3939
log.Println("/callback called...")
4040

41-
cb, err := webhook.ParseRequest(channelSecret, req)
41+
cb, err := webhook.ParseRequestWithOption(channelSecret, req, &webhook.ParseOption{
42+
SkipSignatureValidation: func() bool { return true },
43+
})
4244
if err != nil {
4345
log.Printf("Cannot parse request: %+v\n", err)
4446
if errors.Is(err, webhook.ErrInvalidSignature) {

linebot/webhook/parse.go

Lines changed: 11 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -15,14 +15,19 @@ var (
1515
ErrInvalidSignature = errors.New("invalid signature")
1616
)
1717

18+
type ParseOption struct {
19+
SkipSignatureValidation func() bool
20+
}
21+
1822
// ParseRequest func
19-
func ParseRequest(channelSecret string, r *http.Request) (*CallbackRequest, error) {
23+
func ParseRequestWithOption(channelSecret string, r *http.Request, opt *ParseOption) (*CallbackRequest, error) {
2024
defer func() { _ = r.Body.Close() }()
2125
body, err := io.ReadAll(r.Body)
2226
if err != nil {
2327
return nil, err
2428
}
25-
if !ValidateSignature(channelSecret, r.Header.Get("x-line-signature"), body) {
29+
skip := opt != nil && opt.SkipSignatureValidation != nil && opt.SkipSignatureValidation()
30+
if !skip && !ValidateSignature(channelSecret, r.Header.Get("x-line-signature"), body) {
2631
return nil, ErrInvalidSignature
2732
}
2833

@@ -33,6 +38,10 @@ func ParseRequest(channelSecret string, r *http.Request) (*CallbackRequest, erro
3338
return &cb, nil
3439
}
3540

41+
func ParseRequest(channelSecret string, r *http.Request) (*CallbackRequest, error) {
42+
return ParseRequestWithOption(channelSecret, r, nil)
43+
}
44+
3645
func ValidateSignature(channelSecret, signature string, body []byte) bool {
3746
decoded, err := base64.StdEncoding.DecodeString(signature)
3847
if err != nil {

0 commit comments

Comments
 (0)