Socket
Book a DemoInstallSign in
Socket
Book a DemoInstallSign in

@manifoldco/signature

Package Overview
Dependencies
Maintainers
4
Versions
2
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

@manifoldco/signature

Verify signed HTTP requests from Manifold

latest
Source
npmnpm
Version
1.1.0
Version published
Maintainers
4
Created
Source

node-signature

Verify signed HTTP requests from Manifold

Code of Conduct | Contribution Guidelines

GitHub release Travis License NPM

Install

$ npm install @manifoldco/signature

Usage

var Verifier = require('@manifoldco/signature').Verifier;
var verifier = new Verifier();

// Using the promise interface
verifier.test(req, req.rawBody).then(function() {
  // Accept and handle request
}).catch(function(err) {
  // Deny request on error
  res.statusCode = err.statusCode || 500;
  // Respond with JSON, including a message property
  return res.json({ message: err.message });
});

// Using the callback interface
verifier.test(req, req.rawBody, function(err) {
  if (err) {
    // Deny request on error
    res.statusCode = err.statusCode || 500;
    // Respond with JSON, including a message property
    return res.json({ message: err.message });
  }

  // Accept and handle request
});

Restify

var Verifier = require('@manifoldco/signature').Verifier;
var verifier = new Verifier();

// The verification library expects that the req.rawBody property
// exists so that the body dAoes not have to be read twice, this can be
// done automaticall with restify-plugins bodyParser
app.use(plugins.bodyParser({ mapParams: true }));

// Applying the verifier middleware with default master key and options (recommended)
app.use(function(req, res, next) {
  verifier.test(req).then(function() {
  // Accept and handle request
    next();
  }).catch(function(err) {
    // Deny request on error
    res.statusCode = err.statusCode || 500;
    // Respond with JSON, including a message property
    return res.json({ message: err.message });
  });
});

Express

var verifier = require('@manifoldco/signature').express;

// When using an existing body parser, we require you to add a verify step
// which will keep track of the original request body for the verifier
// middleware
app.use(bodyParser.json({ verify: verifier.appendRawBody }));

// Applying the verifier middleware with default master key and options (recommended)
app.use(verifier.middleware());

FAQs

Package last updated on 27 Apr 2017

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

Identifying and Preventing Fraudulent Engineering Candidates: An Investigation into 80 Confirmed Cases

Research

/

Security News

Identifying and Preventing Fraudulent Engineering Candidates: An Investigation into 80 Confirmed Cases

Socket identified 80 fake candidates targeting engineering roles, including suspected North Korean operators, exposing the new reality of hiring as a security function.

By Lauren Valencia, Kirill Boychenko  -  Sep 17, 2025
Ongoing Supply Chain Attack Targets CrowdStrike npm Packages

Application Security

/

Research

/

Security News

Ongoing Supply Chain Attack Targets CrowdStrike npm Packages

Socket detected multiple compromised CrowdStrike npm packages, continuing the "Shai-Hulud" supply chain attack that has now impacted nearly 500 packages.

By Kush Pandya, Peter van der Zee, Olivia Brown  -  Sep 16, 2025