MIT licensed by Freckle
Maintained by [email protected]
This version can be pinned in stack with:aws-sns-verify-0.0.0.3@sha256:f9b5b485710158e6f97f41f3ed06ee16ab3c48bd540292091462b54dce4c2f90,4011

Module documentation for 0.0.0.3

aws-sns-verify

Consumers utilizing SNS need to do 3 tasks:

  1. Parse the message JSON
  2. Validate signed signatures
  3. Handle subscriptions

This library encapsulates those actions.

myEchoWebhook :: MonadHandler m => m ()
myEchoWebhook = do
  message <- verifySNSMessage =<< requireInsecureJsonBody
  logDebugN message

Sign For Test

Signatures for testing are produced with the self signed certificate in this repository.

cat unsigned.txt | openssl dgst -sha1 -sign tests/key.pem | openssl base64

The certificate was produced with

openssl req -newkey rsa:2048 -new -nodes -x509 -days 3650 -keyout tests/key.pem -out tests/cert.pem

Changes

Unreleased

v0.0.0.3

  • Migrate to crypton-x509*
  • Remove CI for GHC’s 8.6 and 8.8

v0.0.0.2

  • Validate PEM has come from AWS before checking signature.

v0.0.0.1

  • Fix typo in subscribe signature

v0.0.0.0

  • Initial release.
  • Handle JSON parsing.
  • Handle validation of payload signatures via X509.
  • Handle response to subscription messages.