		# Change Log

		# 2.1.0 (2020-05-07)

		This release contains the following changes :

		- Add certificate chain validation by using node-forge pacakge.

		# 2.0.1 (2020-01-22)
		@@ -4,0 +10,0 @@

dist/verifier/index.js

		@@ -56,2 +56,3 @@ "use strict";
		var url = require("url");
		var helper_1 = require("./helper");
		/**
		@@ -276,2 +277,13 @@ * Provide constant value
		}
		// Use the pki.verifyCertificateChain function from Node-forge to
		// validate that all certificates in the chain combine to create a chain of trust to a trusted root CA certificate
		// TODO: Implement certificate revocation check which is misssed in pki.verifyCertificateChain function
		var certChain = helper_1.generateCertificatesArray(pemCert);
		var caStore = helper_1.generateCAStore(require('ssl-root-cas/latest').create());
		try {
		node_forge_1.pki.verifyCertificateChain(caStore, certChain);
		}
		catch (e) {
		throw ask_sdk_core_1.createAskSdkError(this.constructor.name, e.message);
		}
		};
		@@ -278,0 +290,0 @@ /**

package.json

		{
		"name": "ask-sdk-express-adapter",
		"version": "2.0.1",
		"version": "2.1.0",
		"description": "Express adapter package for Alexa Skills Kit SDK",
		@@ -26,3 +26,4 @@ "main": "dist/index.js",
		"body-parser": "^1.18.2",
		"node-forge": "^0.8.0"
		"node-forge": "^0.8.0",
		"ssl-root-cas": "^1.3.1"
		},
		@@ -29,0 +30,0 @@ "peerDependencies": {

dist/verifier/index.js.map

Sorry, the diff of this file is not supported yet

ask-sdk-express-adapter - npm Package Compare versions

New alerts