openclaw-mission-control

yunxiafei/openclaw-mission-control

Fork 0

Commit Graph

Author	SHA1	Message	Date
Hugh Brown	3a00636ceb	Update backend/migrations/versions/a1b2c3d4e5f6_add_webhook_secret.py Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>	2026-03-07 23:35:10 +05:30
Hugh Brown	4d1dbb4098	security: add HMAC signature verification to webhook ingest Webhook ingest endpoint was completely unauthenticated. Add an optional `secret` field to BoardWebhook. When configured, inbound requests must include a valid HMAC-SHA256 signature in X-Hub-Signature-256 or X-Webhook-Signature headers. Uses hmac.compare_digest for timing safety. Includes migration to add the secret column. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-03-07 23:35:10 +05:30

Author

SHA1

Message

Date

Hugh Brown

3a00636ceb

Update backend/migrations/versions/a1b2c3d4e5f6_add_webhook_secret.py

Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>

2026-03-07 23:35:10 +05:30

Hugh Brown

4d1dbb4098

security: add HMAC signature verification to webhook ingest

Webhook ingest endpoint was completely unauthenticated. Add an optional
`secret` field to BoardWebhook. When configured, inbound requests must
include a valid HMAC-SHA256 signature in X-Hub-Signature-256 or
X-Webhook-Signature headers. Uses hmac.compare_digest for timing safety.
Includes migration to add the secret column.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

2026-03-07 23:35:10 +05:30

2 Commits