4 files changed, 33 insertions, 9 deletions
diff --git a/gitautodeploy/parsers/common.py b/gitautodeploy/parsers/common.py
index 0a1a799..1b40b73 100644
--- a/gitautodeploy/parsers/common.py
+++ b/gitautodeploy/parsers/common.py
@@ -22,3 +22,6 @@ class WebhookRequestParser(object):
                     configs.append(repo_config)
 
         return configs
+
+    def validate_request(self, request_headers, repo_configs):
+        return True
+\ No newline at end of file
diff --git a/gitautodeploy/parsers/generic.py b/gitautodeploy/parsers/generic.py
index 3247662..7b150d2 100644
--- a/gitautodeploy/parsers/generic.py
+++ b/gitautodeploy/parsers/generic.py
@@ -27,4 +27,5 @@ class GenericRequestParser(WebhookRequestParser):
         # Get a list of configured repositories that matches the incoming web hook reqeust
         repo_configs = self.get_matching_repo_configs(repo_urls)
 
-        return repo_configs, ref or "master", action, repo_urls
-\ No newline at end of file
+        return repo_configs, ref or "master", action, repo_urls
+
diff --git a/gitautodeploy/parsers/github.py b/gitautodeploy/parsers/github.py
index 7077def..4d24648 100644
--- a/gitautodeploy/parsers/github.py
+++ b/gitautodeploy/parsers/github.py
@@ -40,20 +40,24 @@ class GitHubRequestParser(WebhookRequestParser):
             logger.debug("Action '%s' was fired" % action)
 
         # Get a list of configured repositories that matches the incoming web hook reqeust
-        items = self.get_matching_repo_configs(repo_urls)
+        repo_configs = self.get_matching_repo_configs(repo_urls)
 
-        repo_configs = []
-        for repo_config in items:
+        return repo_configs, ref or "master", action, repo_urls
+
+    def validate_request(self, request_headers, repo_configs):
+        import logging
+
+        logger = logging.getLogger()
+
+        for repo_config in repo_configs:
 
             # Validate secret token if present
             if 'secret-token' in repo_config and 'x-hub-signature' in request_headers:
                 if not self.verify_signature(repo_config['secret-token'], request_body, request_headers['x-hub-signature']):
-                    logger.warning("Request signature does not match the 'secret-token' configured for repository %s." % repo_config['url'])
-                    continue
+                    logger.info("Request signature does not match the 'secret-token' configured for repository %s." % repo_config['url'])
+                    return False
 
-            repo_configs.append(repo_config)
-
-        return repo_configs, ref or "master", action, repo_urls
+        return True
 
     def verify_signature(self, token, body, signature):
         import hashlib
diff --git a/gitautodeploy/parsers/gitlab.py b/gitautodeploy/parsers/gitlab.py
index 86c05fa..68a1982 100644
--- a/gitautodeploy/parsers/gitlab.py
+++ b/gitautodeploy/parsers/gitlab.py
@@ -39,6 +39,22 @@ class GitLabRequestParser(WebhookRequestParser):
 
         return repo_configs, ref or "master", action, repo_urls
 
+    def validate_request(self, request_headers, repo_configs):
+        import logging
+
+        logger = logging.getLogger()
+
+        for repo_config in repo_configs:
+
+            # Validate secret token if present
+            if 'secret-token' in repo_config and 'x-gitlab-token' in request_headers:
+
+                if repo_config['secret-token'] != request_headers['x-gitlab-token']:
+                    logger.info("Request token does not match the 'secret-token' configured for repository %s." % repo_config['url'])
+                    return False
+
+        return True
+
 
 class GitLabCIRequestParser(WebhookRequestParser):