aws-sns-verify

Parse and verify AWS SNS messages

https://github.com/freckle/aws-sns-verify#readme

Version on this page:0.0.0.2
LTS Haskell 22.17:0.0.0.3@rev:1
Stackage Nightly 2024-04-14:0.0.0.3@rev:1
Latest on Hackage:0.0.0.3@rev:1

See all snapshots aws-sns-verify appears in

MIT licensed by Freckle
Maintained by [email protected]
This version can be pinned in stack with:aws-sns-verify-0.0.0.2@sha256:5c0281ecbe7484b4d7a16002de00ec2cbb82d106412a85782efa8f6f7d76494e,4175

Module documentation for 0.0.0.2

aws-sns-verify

Consumers utilizing SNS need to do 3 tasks:

  1. Parse the message JSON
  2. Validate signed signatures
  3. Handle subscriptions

This library encapsulates those actions.

myEchoWebhook :: MonadHandler m => m ()
myEchoWebhook = do
  message <- verifySNSMessage =<< requireInsecureJsonBody
  logDebugN message

Sign For Test

Signatures for testing are produced with the self signed certificate in this repository.

cat unsigned.txt | openssl dgst -sha1 -sign tests/key.pem | openssl base64

The certificate was produced with

openssl req -newkey rsa:2048 -new -nodes -x509 -days 3650 -keyout tests/key.pem -out tests/cert.pem

Changes

Unreleased

v0.0.0.2

  • Validate PEM has come from AWS before checking signature.

v0.0.0.1

  • Fix typo in subscribe signature

v0.0.0.0

  • Initial release.
  • Handle JSON parsing.
  • Handle validation of payload signatures via X509.
  • Handle response to subscription messages.