aws-sns-verify: Parse and verify AWS SNS messages

[ amazon, aws, cloud, cryptography, distributed-computing, library, mit, network, web ] [ Propose Tags ] [ Report a vulnerability ]

Flags

Manual Flags

NameDescriptionDefault
development

Configure of testing

Disabled

Use -f <flag> to enable a flag, or -f -<flag> to disable that flag. More info

Downloads

Note: This package has metadata revisions in the cabal description newer than included in the tarball. To unpack the package including the revisions, use 'cabal get'.

Maintainer's Corner

Package maintainers

For package maintainers and hackage trustees

Candidates

  • No Candidates
Versions [RSS] 0.0.0.0, 0.0.0.1, 0.0.0.2, 0.0.0.3
Change log CHANGELOG.md
Dependencies aeson (>=1.3.1.1), base (>=4.7 && <5), bytestring (>=0.10.8.2), crypton-x509, crypton-x509-validation, errors (>=2.3.0), http-conduit (>=2.3.2), memory (>=0.14.18), network-uri (>=2.6.1.0), pem (>=0.2.4), regex-tdfa (>=1.2.3.1), text (>=1.2.3.1) [details]
License MIT
Copyright 2022 Freckle By Renaissance
Author Freckle
Maintainer engineering@freckle.com
Revised Revision 1 made by PatrickBrisbin at 2023-10-05T14:47:19Z
Category Network, Web, AWS, Amazon, Cloud, Cryptography, Distributed-Computing
Home page https://github.com/freckle/aws-sns-verify#readme
Bug tracker https://github.com/freckle/aws-sns-verify/issues
Source repo head: git clone https://github.com/freckle/aws-sns-verify
Uploaded by PatrickBrisbin at 2023-07-26T16:28:57Z
Distributions LTSHaskell:0.0.0.3, NixOS:0.0.0.3, Stackage:0.0.0.3
Downloads 497 total (17 in the last 30 days)
Rating (no votes yet) [estimated by Bayesian average]
Your Rating
  • λ
  • λ
  • λ
Status Docs available [build log]
Last success reported on 2023-07-26 [all 1 reports]

Readme for aws-sns-verify-0.0.0.3

[back to package description]

aws-sns-verify

Consumers utilizing SNS need to do 3 tasks:

  1. Parse the message JSON
  2. Validate signed signatures
  3. Handle subscriptions

This library encapsulates those actions.

myEchoWebhook :: MonadHandler m => m ()
myEchoWebhook = do
  message <- verifySNSMessage =<< requireInsecureJsonBody
  logDebugN message

Sign For Test

Signatures for testing are produced with the self signed certificate in this repository.

cat unsigned.txt | openssl dgst -sha1 -sign tests/key.pem | openssl base64

The certificate was produced with

openssl req -newkey rsa:2048 -new -nodes -x509 -days 3650 -keyout tests/key.pem -out tests/cert.pem