Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More
Socket
Sign inDemoInstall
Socket

@cooper667/sns-validator

Package Overview
Dependencies
Maintainers
1
Versions
1
Alerts
File Explorer

Advanced tools

Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

@cooper667/sns-validator

A standalone validator for inbound SNS HTTP messages. No dependency on the AWS SDK for JavaScript.

  • 1.0.3
  • latest
  • Source
  • npm
  • Socket score

Version published
Weekly downloads
1
Maintainers
1
Weekly downloads
 
Created
Source

Amazon SNS Message Validator for JavaScript

@awsforjs on Twitter Build Status Apache 2 License

The Amazon SNS Message Validator for Node.js library allows you to validate that incoming HTTP(S) POST messages are valid Amazon SNS notifications. This library is standalone and does not depend on the AWS SDK for JavaScript.

Installation

The npm module's name is sns-validator. Install with npm or yarn:

npm i sns-validator

or

yarn add sns-validator

Basic Usage

To validate a message, you can instantiate a MessageValidator object and pass an SNS message and a callback to its validate method. The message should be the result of calling JSON.parse on the body of the HTTP(S) message sent by SNS to your endpoint. The callback should take two arguments, the first being an error and the second being the successfully validated SNS message.

The message validator checks the SigningCertURL, SignatureVersion, and Signature to make sure they are valid and consistent with the message data.

const MessageValidator = require('sns-validator'),
    validator = new MessageValidator();

    validator.validate(message).then(message => {
        // message has been validated and its signature checked.
    }).catch(err => {
        // Your message could not be validated.
    });

Installation

The SNS Message Validator relies on the Node crypto module and is only designed to work on a server, not in a browser. The validation performed is only necessary when subscribing HTTP(S)

About Amazon SNS

Amazon Simple Notification Service (Amazon SNS) is a fast, fully-managed, push messaging service. Amazon SNS can deliver messages to email, mobile devices (i.e., SMS; iOS, Android and FireOS push notifications), Amazon SQS queues,and — of course — HTTP/HTTPS endpoints.

With Amazon SNS, you can setup topics to publish custom messages to subscribed endpoints. However, SNS messages are used by many of the other AWS services to communicate information asynchronously about your AWS resources. Some examples include:

  • Configuring Amazon Glacier to notify you when a retrieval job is complete.
  • Configuring AWS CloudTrail to notify you when a new log file has been written.
  • Configuring Amazon Elastic Transcoder to notify you when a transcoding job changes status (e.g., from "Progressing" to "Complete")

Though you can certainly subscribe your email address to receive SNS messages from service events like these, your inbox would fill up rather quickly. There is great power, however, in being able to subscribe an HTTP/HTTPS endpoint to receive the messages. This allows you to program webhooks for your applications to easily respond to various events.

Handling Messages

Confirming a Subscription to a Topic

In order to handle a SubscriptionConfirmation message, you must use the SubscribeURL value in the incoming message:

const https = require('https'),
    MessageValidator = require('sns-validator'),
    validator = new MessageValidator();

validator.validate(message).then(message => {
    if (message['Type'] === 'SubscriptionConfirmation') {
        https.get(message['SubscribeURL'], function (res) {
          // You have confirmed your endpoint subscription
        });
    }
}).catch(err => {
    console.error(err);
});

If an incoming message includes multibyte characters and its encoding is utf8, set the encoding to validator.

const MessageValidator = require('sns-validator'),
    validator = new MessageValidator();
validator.encoding = 'utf8';

Receiving a Notification

To receive a notification, use the same code as the preceding example, but check for the Notification message type.

if (message['Type'] === 'Notification') {
    // Do whatever you want with the message body and data.
    console.log(`${message['MessageId']}: ${message['Message']}`);
}

The message body will be a string, and will hold whatever data was published to the SNS topic.

Unsubscribing

Unsubscribing looks the same as subscribing, except the message type will be UnsubscribeConfirmation.

if (message['Type'] === 'UnsubscribeConfirmation') {
    // Unsubscribed in error? You can resubscribe by visiting the endpoint
    // provided as the message's SubscribeURL field.
    https.get(message['SubscribeURL'], (res) => {
        // You have re-subscribed your endpoint.
    });
}

Keywords

FAQs

Package last updated on 23 Dec 2019

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

Packages

npm

Stay in touch

Get open source security insights delivered straight into your inbox.


  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc