Introducing Socket Firewall: Free, Proactive Protection for Your Software Supply Chain.Learn More
Socket
Book a DemoInstallSign in
Socket
Book a DemoInstallSign in

@manifoldco/signature

Package Overview
Dependencies
Maintainers
4
Versions
2
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

@manifoldco/signature

Verify signed HTTP requests from Manifold

latest
Source
npmnpm
Version
1.1.0
Version published
Weekly downloads
5
Maintainers
4
Weekly downloads
 
Created
Source

node-signature

Verify signed HTTP requests from Manifold

Code of Conduct | Contribution Guidelines

GitHub release Travis License NPM

Install

$ npm install @manifoldco/signature

Usage

var Verifier = require('@manifoldco/signature').Verifier;
var verifier = new Verifier();

// Using the promise interface
verifier.test(req, req.rawBody).then(function() {
  // Accept and handle request
}).catch(function(err) {
  // Deny request on error
  res.statusCode = err.statusCode || 500;
  // Respond with JSON, including a message property
  return res.json({ message: err.message });
});

// Using the callback interface
verifier.test(req, req.rawBody, function(err) {
  if (err) {
    // Deny request on error
    res.statusCode = err.statusCode || 500;
    // Respond with JSON, including a message property
    return res.json({ message: err.message });
  }

  // Accept and handle request
});

Restify

var Verifier = require('@manifoldco/signature').Verifier;
var verifier = new Verifier();

// The verification library expects that the req.rawBody property
// exists so that the body dAoes not have to be read twice, this can be
// done automaticall with restify-plugins bodyParser
app.use(plugins.bodyParser({ mapParams: true }));

// Applying the verifier middleware with default master key and options (recommended)
app.use(function(req, res, next) {
  verifier.test(req).then(function() {
  // Accept and handle request
    next();
  }).catch(function(err) {
    // Deny request on error
    res.statusCode = err.statusCode || 500;
    // Respond with JSON, including a message property
    return res.json({ message: err.message });
  });
});

Express

var verifier = require('@manifoldco/signature').express;

// When using an existing body parser, we require you to add a verify step
// which will keep track of the original request body for the verifier
// middleware
app.use(bodyParser.json({ verify: verifier.appendRawBody }));

// Applying the verifier middleware with default master key and options (recommended)
app.use(verifier.middleware());

FAQs

Package last updated on 27 Apr 2017

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

Weaponizing Discord for Command and Control Across npm, PyPI, and RubyGems.org

Research

/

Security News

Weaponizing Discord for Command and Control Across npm, PyPI, and RubyGems.org

Socket researchers uncover how threat actors weaponize Discord across the npm, PyPI, and RubyGems ecosystems to exfiltrate sensitive data.

By Olivia Brown  -  Oct 11, 2025
Socket Integrates With Bun 1.3’s Security Scanner API

Security News

Socket Integrates With Bun 1.3’s Security Scanner API

Socket now integrates with Bun 1.3’s Security Scanner API to block risky packages at install time and enforce your organization’s policies in local dev and CI.

By Ahmad Nassri, Bradley Meck Farias  -  Oct 10, 2025