aws-sns-verify

Parse and verify AWS SNS messages

https://github.com/freckle/aws-sns-verify#readme

LTS Haskell 22.18:0.0.0.3@rev:1
Stackage Nightly 2024-04-25:0.0.0.3@rev:1
Latest on Hackage:0.0.0.3@rev:1

See all snapshots aws-sns-verify appears in

MIT licensed by Freckle
Maintained by [email protected]
This version can be pinned in stack with:aws-sns-verify-0.0.0.3@sha256:f95fd9b417d25925afff7f16f59362d015bbd8ecb6f64df73cae4e85b428ecab,4366

Module documentation for 0.0.0.3

aws-sns-verify

Consumers utilizing SNS need to do 3 tasks:

  1. Parse the message JSON
  2. Validate signed signatures
  3. Handle subscriptions

This library encapsulates those actions.

myEchoWebhook :: MonadHandler m => m ()
myEchoWebhook = do
  message <- verifySNSMessage =<< requireInsecureJsonBody
  logDebugN message

Sign For Test

Signatures for testing are produced with the self signed certificate in this repository.

cat unsigned.txt | openssl dgst -sha1 -sign tests/key.pem | openssl base64

The certificate was produced with

openssl req -newkey rsa:2048 -new -nodes -x509 -days 3650 -keyout tests/key.pem -out tests/cert.pem

Changes

Unreleased

v0.0.0.3

  • Migrate to crypton-x509*
  • Remove CI for GHC’s 8.6 and 8.8

v0.0.0.2

  • Validate PEM has come from AWS before checking signature.

v0.0.0.1

  • Fix typo in subscribe signature

v0.0.0.0

  • Initial release.
  • Handle JSON parsing.
  • Handle validation of payload signatures via X509.
  • Handle response to subscription messages.