in lambdas/scale_out_runner/app.py [0:0]
def validate_gh_sig(request: Request):
sig = request.headers.get('X-Hub-Signature-256', None)
if not sig or not sig.startswith('sha256='):
raise BadRequestError('X-Hub-Signature-256 not of expected format')
sig = sig[len('sha256=') :]
calculated_sig = sign_request_body(request)
app.log.debug('Checksum verification - expected %s got %s', calculated_sig, sig)
if not hmac.compare_digest(sig, calculated_sig):
raise ForbiddenError('Spoofed request')