gidgethub · Mariatta · Jun 15, 2021 · Apr 8, 2021 · Apr 14, 2021 · Apr 14, 2021
diff --git a/gidgethub/sansio.py b/gidgethub/sansio.py
@@ -70,12 +70,12 @@ def _decode_body(
 def validate_event(payload: bytes, *, signature: str, secret: str) -> None:
     """Validate the signature of a webhook event."""
     # https://docs.github.com/en/free-pro-team@latest/developers/webhooks-and-events/securing-your-webhooks#validating-payloads-from-github
-    signature_prefix = "sha1="
+    signature_prefix = "sha256="
     if not signature.startswith(signature_prefix):
         raise ValidationFailure(
             "signature does not start with " f"{repr(signature_prefix)}"
         )
-    hmac_ = hmac.new(secret.encode("UTF-8"), msg=payload, digestmod="sha1")
+    hmac_ = hmac.new(secret.encode("UTF-8"), msg=payload, digestmod="sha256")
     calculated_sig = signature_prefix + hmac_.hexdigest()
     if not hmac.compare_digest(signature, calculated_sig):
         raise ValidationFailure("payload's signature does not align " "with the secret")
@@ -114,10 +114,12 @@ def from_http(
         (including not providing a secret) will lead to ValidationFailure being
         raised.
         """
-        if "x-hub-signature" in headers:
+        if "x-hub-signature-256" in headers:
             if secret is None:
                 raise ValidationFailure("secret not provided")
-            validate_event(body, signature=headers["x-hub-signature"], secret=secret)
+            validate_event(
+                body, signature=headers["x-hub-signature-256"], secret=secret
+            )
         elif secret is not None:
             raise ValidationFailure("signature is missing")
 

diff --git a/tests/test_sansio.py b/tests/test_sansio.py
@@ -26,8 +26,8 @@ class TestValidateEvent:
 
     secret = "123456"
     payload = "gidget".encode("UTF-8")
-    hash_signature = "8acc2ae97633ec018f118577f4872e103f24ef58"
-    signature = "sha1=" + hash_signature
+    hash_signature = "091319196718d5bcb1c20ad25fc890597423ecdbad1f947f560afd643b5000de"
+    signature = "sha256=" + hash_signature
 
     def test_malformed_signature(self):
         """Error out if the signature doesn't start with "sha1="."""
@@ -60,7 +60,7 @@ class TestEvent:
         "content-type": "application/json",
         "x-github-event": "pull_request",
         "x-github-delivery": "72d3162e-cc78-11e3-81ab-4c9367dc0958",
-        "x-hub-signature": "sha1=c28e33b2e56e548956c446e890929a6cbec3ac89",
+        "x-hub-signature-256": "sha256=0340d06469a1b35662ebd7a67ea2c0c328239f319f1cfafb221451de629e0430",
     }
 
     def check_event(self, event):
@@ -116,7 +116,7 @@ def test_from_http_missing_secret(self):
     def test_from_http_missing_signature(self):
         """Secret but no signature raises ValidationFailure."""
         headers_no_sig = self.headers.copy()
-        del headers_no_sig["x-hub-signature"]
+        del headers_no_sig["x-hub-signature-256"]
         with pytest.raises(ValidationFailure):
             sansio.Event.from_http(headers_no_sig, self.data_bytes, secret=self.secret)
 
@@ -128,7 +128,7 @@ def test_from_http_bad_signature(self):
 
     def test_from_http_no_signature(self):
         headers = self.headers.copy()
-        del headers["x-hub-signature"]
+        del headers["x-hub-signature-256"]
         event = sansio.Event.from_http(headers, self.data_bytes)
         self.check_event(event)