normalize file names

Author: rachmari

server.rb

@@ -1,27 +1,26 @@
 require 'sinatra'
 require 'octokit'
-require 'dotenv/load' # Manages environment variables
 require 'json'
-require 'openssl'     # Verifies the webhook signature
-require 'jwt'         # Authenticates a GitHub App
-require 'time'        # Gets ISO 8601 representation of a Time object
-require 'logger'      # Logs debug statements
+require 'openssl' # Used to verify the webhook signature
+require 'jwt'     # Used to authenticate a GitHub App
+require 'time'    # Used to get ISO 8601 representation of a Time object
+require 'logger'
 
 set :port, 3000
-set :bind, '0.0.0.0'
 
 
 # This is template code to create a GitHub App server.
 # You can read more about GitHub Apps here: # https://developer.github.com/apps/
 #
 # On its own, this app does absolutely nothing, except that it can be installed.
-# It's up to you to add functionality!
+# It's up to you to add fun functionality!
 # You can check out one example in advanced_server.rb.
 #
 # This code is a Sinatra app, for two reasons:
 #   1. Because the app will require a landing page for installation.
 #   2. To easily handle webhook events.
 #
+#
 # Of course, not all apps need to receive and process events!
 # Feel free to rip out the event handling code if you don't need it.
 #
@@ -30,7 +29,16 @@
 
 class GHAapp < Sinatra::Application
 
-  # Expects that the private key in PEM format. Converts the newlines
+  # !!! DO NOT EVER USE HARD-CODED VALUES IN A REAL APP !!!
+  # Instead, set and read app tokens or other secrets in your code
+  # in a runtime source, like an environment variable like below
+
+  # Expects that the private key has been set as an environment variable in
+  # PEM format using the following command to replace newlines with the
+  # literal `\n`:
+  #   export GITHUB_PRIVATE_KEY=`awk '{printf "%s\\n", $0}' private-key.pem`
+  #
+  # Converts the newlines
   PRIVATE_KEY = OpenSSL::PKey::RSA.new(ENV['GITHUB_PRIVATE_KEY'].gsub('\n', "\n"))
 
   # Your registered app must have a secret set. The secret is used to verify
@@ -51,26 +59,32 @@ class GHAapp < Sinatra::Application
     get_payload_request(request)
     verify_webhook_signature
     authenticate_app
-    # Authenticate the app installation in order to run API operations
+    # Authenticate each installation of the app in order to run API operations
     authenticate_installation(@payload)
   end
 
 
   post '/event_handler' do
 
-    # # # # # # # # # # # #
-    # ADD YOUR CODE HERE  #
-    # # # # # # # # # # # #
+    case request.env['HTTP_X_GITHUB_EVENT']
+    when 'issues'
+      if @payload['action'] === 'opened'
+        handle_issue_opened_event(@payload)
+      end
+    end
 
-    200 # success status
+    'ok' # You have to return _something_. ;)
   end
 
 
   helpers do
 
-    # # # # # # # # # # # # # # # # #
-    # ADD YOUR HELPER METHODS HERE  #
-    # # # # # # # # # # # # # # # # #
+    # When an issue is opened, add a label
+    def handle_issue_opened_event(payload)
+      repo = payload['repository']['full_name']
+      issue_number = payload['issue']['number']
+      @installation_client.add_labels_to_an_issue(repo, issue_number, ['needs-response'])
+    end
 
     # Saves the raw payload and converts the payload to JSON format
     def get_payload_request(request)
@@ -87,7 +101,7 @@ def get_payload_request(request)
     end
 
     # Instantiate an Octokit client authenticated as a GitHub App.
-    # GitHub App authentication requires that you construct a
+    # GitHub App authentication equires that we construct a
     # JWT (https://jwt.io/introduction/) signed with the app's private key,
     # so GitHub can be sure that it came from the app an not altererd by
     # a malicious third party.
@@ -103,15 +117,15 @@ def authenticate_app
           iss: APP_IDENTIFIER
       }
 
-      # Cryptographically sign the JWT.
+      # Cryptographically sign the JWT
       jwt = JWT.encode(payload, PRIVATE_KEY, 'RS256')
 
       # Create the Octokit client, using the JWT as the auth token.
       @app_client ||= Octokit::Client.new(bearer_token: jwt)
     end
 
-    # Instantiate an Octokit client, authenticated as an installation of a
-    # GitHub App, to run API operations.
+    # Instantiate an Octokit client authenticated as an installation of a
+    # GitHub App to run API operations.
     def authenticate_installation(payload)
       installation_id = payload['installation']['id']
       installation_token = @app_client.create_app_installation_access_token(installation_id)[:token]
@@ -121,14 +135,14 @@ def authenticate_installation(payload)
     # Check X-Hub-Signature to confirm that this webhook was generated by
     # GitHub, and not a malicious third party.
     #
-    # GitHub uses the WEBHOOK_SECRET, registered to the GitHub App, to
-    # create the hash signature sent in the `X-HUB-Signature` header of each
-    # webhook. This code computes the expected hash signature and compares it to
-    # the signature sent in the `X-HUB-Signature` header. If they don't match,
-    # this request is an attack, and you should reject it. GitHub uses the HMAC
-    # hexdigest to compute the signature. The `X-HUB-Signature` looks something
-    # like this: "sha1=123456".
-    # See https://developer.github.com/webhooks/securing/ for details.
+    # GitHub will the WEBHOOK_SECRET, registered
+    # to the GitHub App, to create a hash signature sent in each webhook payload
+    # in the `X-HUB-Signature` header. This code computes the expected hash
+    # signature and compares it to the signature sent in the `X-HUB-Signature`
+    # header. If they don't match, this request is an attack, and we should
+    # reject it. GitHub uses the HMAC hexdigest to compute the signature. The
+    # `X-HUB-Signature` looks something like this: "sha1=123456"
+    # See https://developer.github.com/webhooks/securing/ for details
     def verify_webhook_signature
       their_signature_header = request.env['HTTP_X_HUB_SIGNATURE'] || 'sha1='
       method, their_digest = their_signature_header.split('=')
@@ -143,8 +157,9 @@ def verify_webhook_signature
 
   end
 
+
   # Finally some logic to let us run this server directly from the commandline, or with Rack
-  # Don't worry too much about this code. But, for the curious:
+  # Don't worry too much about this code ;) But, for the curious:
   # $0 is the executed file
   # __FILE__ is the current file
   # If they are the same—that is, we are running this file directly, call the Sinatra run method

advanced_server.rb renamed to template_server.rb

@@ -1,26 +1,27 @@
 require 'sinatra'
 require 'octokit'
+require 'dotenv/load' # Manages environment variables
 require 'json'
-require 'openssl' # Used to verify the webhook signature
-require 'jwt'     # Used to authenticate a GitHub App
-require 'time'    # Used to get ISO 8601 representation of a Time object
-require 'logger'
+require 'openssl'     # Verifies the webhook signature
+require 'jwt'         # Authenticates a GitHub App
+require 'time'        # Gets ISO 8601 representation of a Time object
+require 'logger'      # Logs debug statements
 
 set :port, 3000
+set :bind, '0.0.0.0'
 
 
 # This is template code to create a GitHub App server.
 # You can read more about GitHub Apps here: # https://developer.github.com/apps/
 #
 # On its own, this app does absolutely nothing, except that it can be installed.
-# It's up to you to add fun functionality!
+# It's up to you to add functionality!
 # You can check out one example in advanced_server.rb.
 #
 # This code is a Sinatra app, for two reasons:
 #   1. Because the app will require a landing page for installation.
 #   2. To easily handle webhook events.
 #
-#
 # Of course, not all apps need to receive and process events!
 # Feel free to rip out the event handling code if you don't need it.
 #
@@ -29,16 +30,7 @@
 
 class GHAapp < Sinatra::Application
 
-  # !!! DO NOT EVER USE HARD-CODED VALUES IN A REAL APP !!!
-  # Instead, set and read app tokens or other secrets in your code
-  # in a runtime source, like an environment variable like below
-
-  # Expects that the private key has been set as an environment variable in
-  # PEM format using the following command to replace newlines with the
-  # literal `\n`:
-  #   export GITHUB_PRIVATE_KEY=`awk '{printf "%s\\n", $0}' private-key.pem`
-  #
-  # Converts the newlines
+  # Expects that the private key in PEM format. Converts the newlines
   PRIVATE_KEY = OpenSSL::PKey::RSA.new(ENV['GITHUB_PRIVATE_KEY'].gsub('\n', "\n"))
 
   # Your registered app must have a secret set. The secret is used to verify
@@ -59,32 +51,26 @@ class GHAapp < Sinatra::Application
     get_payload_request(request)
     verify_webhook_signature
     authenticate_app
-    # Authenticate each installation of the app in order to run API operations
+    # Authenticate the app installation in order to run API operations
     authenticate_installation(@payload)
   end
 
 
   post '/event_handler' do
 
-    case request.env['HTTP_X_GITHUB_EVENT']
-    when 'issues'
-      if @payload['action'] === 'opened'
-        handle_issue_opened_event(@payload)
-      end
-    end
+    # # # # # # # # # # # #
+    # ADD YOUR CODE HERE  #
+    # # # # # # # # # # # #
 
-    'ok' # You have to return _something_. ;)
+    200 # success status
   end
 
 
   helpers do
 
-    # When an issue is opened, add a label
-    def handle_issue_opened_event(payload)
-      repo = payload['repository']['full_name']
-      issue_number = payload['issue']['number']
-      @installation_client.add_labels_to_an_issue(repo, issue_number, ['needs-response'])
-    end
+    # # # # # # # # # # # # # # # # #
+    # ADD YOUR HELPER METHODS HERE  #
+    # # # # # # # # # # # # # # # # #
 
     # Saves the raw payload and converts the payload to JSON format
     def get_payload_request(request)
@@ -101,7 +87,7 @@ def get_payload_request(request)
     end
 
     # Instantiate an Octokit client authenticated as a GitHub App.
-    # GitHub App authentication equires that we construct a
+    # GitHub App authentication requires that you construct a
     # JWT (https://jwt.io/introduction/) signed with the app's private key,
     # so GitHub can be sure that it came from the app an not altererd by
     # a malicious third party.
@@ -117,15 +103,15 @@ def authenticate_app
           iss: APP_IDENTIFIER
       }
 
-      # Cryptographically sign the JWT
+      # Cryptographically sign the JWT.
       jwt = JWT.encode(payload, PRIVATE_KEY, 'RS256')
 
       # Create the Octokit client, using the JWT as the auth token.
       @app_client ||= Octokit::Client.new(bearer_token: jwt)
     end
 
-    # Instantiate an Octokit client authenticated as an installation of a
-    # GitHub App to run API operations.
+    # Instantiate an Octokit client, authenticated as an installation of a
+    # GitHub App, to run API operations.
     def authenticate_installation(payload)
       installation_id = payload['installation']['id']
       installation_token = @app_client.create_app_installation_access_token(installation_id)[:token]
@@ -135,14 +121,14 @@ def authenticate_installation(payload)
     # Check X-Hub-Signature to confirm that this webhook was generated by
     # GitHub, and not a malicious third party.
     #
-    # GitHub will the WEBHOOK_SECRET, registered
-    # to the GitHub App, to create a hash signature sent in each webhook payload
-    # in the `X-HUB-Signature` header. This code computes the expected hash
-    # signature and compares it to the signature sent in the `X-HUB-Signature`
-    # header. If they don't match, this request is an attack, and we should
-    # reject it. GitHub uses the HMAC hexdigest to compute the signature. The
-    # `X-HUB-Signature` looks something like this: "sha1=123456"
-    # See https://developer.github.com/webhooks/securing/ for details
+    # GitHub uses the WEBHOOK_SECRET, registered to the GitHub App, to
+    # create the hash signature sent in the `X-HUB-Signature` header of each
+    # webhook. This code computes the expected hash signature and compares it to
+    # the signature sent in the `X-HUB-Signature` header. If they don't match,
+    # this request is an attack, and you should reject it. GitHub uses the HMAC
+    # hexdigest to compute the signature. The `X-HUB-Signature` looks something
+    # like this: "sha1=123456".
+    # See https://developer.github.com/webhooks/securing/ for details.
     def verify_webhook_signature
       their_signature_header = request.env['HTTP_X_HUB_SIGNATURE'] || 'sha1='
       method, their_digest = their_signature_header.split('=')
@@ -157,9 +143,8 @@ def verify_webhook_signature
 
   end
 
-
   # Finally some logic to let us run this server directly from the commandline, or with Rack
-  # Don't worry too much about this code ;) But, for the curious:
+  # Don't worry too much about this code. But, for the curious:
   # $0 is the executed file
   # __FILE__ is the current file
   # If they are the same—that is, we are running this file directly, call the Sinatra run method