sns-validator - npm Package Compare versions

Comparing version 0.2.0 to 0.2.1

index.js

@@ -23,3 +23,3 @@ "use strict";
     ],
-    signableKeys = [
+    signableKeysForNotification = [
         'Message',
@@ -30,2 +30,11 @@ 'MessageId',
         'Timestamp',
+        'TopicArn',
+        'Type'
+    ],
+    signableKeysForSubscription = [
+        'Message',
+        'MessageId',
+        'Subject',
+        'SubscribeURL',
+        'Timestamp',
         'Token',
@@ -93,3 +102,3 @@ 'TopicArn',
 
-var validateSignature = function (message, cb) {
+var validateSignature = function (message, cb, encoding) {
     if (message['SignatureVersion'] !== '1') {
@@ -101,2 +110,9 @@ cb(new Error('The signature version '
 
+    var signableKeys = [];
+    if (message.Type === 'SubscriptionConfirmation') {
+        signableKeys = signableKeysForSubscription.slice(0);
+    } else {
+        signableKeys = signableKeysForNotification.slice(0);
+    }
+
     var verifier = crypto.createVerify('RSA-SHA1');
@@ -106,3 +122,3 @@ for (var i = 0; i < signableKeys.length; i++) {
             verifier.update(signableKeys[i] + "\n"
-                + message[signableKeys[i]] + "\n");
+                + message[signableKeys[i]] + "\n", encoding);
         }
@@ -131,4 +147,5 @@ }
  */
-function MessageValidator(hostPattern) {
+function MessageValidator(hostPattern, encoding) {
     this.hostPattern = hostPattern || defaultHostPattern;
+    this.encoding = encoding;
 }
@@ -165,5 +182,5 @@
 
-    validateSignature(hash, cb);
+    validateSignature(hash, cb, this.encoding);
 };
 
 module.exports = MessageValidator;

package.json

 {
   "name": "sns-validator",
-  "version": "0.2.0",
+  "version": "0.2.1",
   "description": "A standalone validator for inbound SNS HTTP messages. No dependency on the AWS SDK for JavaScript.",
@@ -5,0 +5,0 @@ "repository": {

README.md

@@ -31,3 +31,3 @@ # Amazon SNS Message Validator for JavaScript
     }
-   
+
     // message has been validated and its signature checked.
@@ -83,3 +83,3 @@ });
     }
-   
+
     if (message['Type'] === 'SubscriptionConfirmation') {
@@ -93,2 +93,11 @@ https.get(message['SubscribeURL'], function (res) {
 
+If an incoming message includes multibyte characters and its encoding is utf8,
+set the encoding to `validator`.
+
+```javascript
+var MessageValidator = require('sns-validator'),
+    validator = new MessageValidator();
+validator.encoding = 'utf8';
+```
+
 ### Receiving a Notification
@@ -95,0 +104,0 @@

test/validator.js

@@ -8,3 +8,3 @@ var chai = require('chai'),
     MessageValidator = rewire('../index.js'),
-    signableKeys = MessageValidator.__get__('signableKeys'),
+    signableKeysForSubscription = MessageValidator.__get__('signableKeysForSubscription'),
     invalidMessage = {
@@ -28,2 +28,16 @@ foo: 'bar',
     }),
+    utf8Message = {
+        Type: 'Notification',
+        MessageId: '1',
+        TopicArn: 'arn',
+        Message: 'Ａ Ｍｅｓｓａｇｅ Ｆｏｒ ｙｏｕ！',
+        Timestamp: (new Date).toISOString(),
+        SignatureVersion: '1',
+        SigningCertURL: "https://localhost:56789/cert.pem"
+    },
+    utf8SubscriptionControlMessage = _.extend({}, utf8Message, {
+        Token: 'Nonce',
+        SubscribeURL: 'https://www.amazonaws.com',
+        Type: 'SubscriptionConfirmation'
+    }),
     validCertUrl = 'https://sns.us-east-1.amazonaws.com/cert.pem';
@@ -44,6 +58,6 @@
 
-                for (var j = 0; j < signableKeys.length; j++) {
-                    if (signableKeys[j] in validMessages[i]) {
-                        signer.update(signableKeys[j] + "\n"
-                            + validMessages[i][signableKeys[j]] + "\n");
+                for (var j = 0; j < signableKeysForSubscription.length; j++) {
+                    if (signableKeysForSubscription[j] in validMessages[i]) {
+                        signer.update(signableKeysForSubscription[j] + "\n"
+                            + validMessages[i][signableKeysForSubscription[j]] + "\n");
                     }
@@ -188,2 +202,38 @@ }
     });
+
+    describe('UTF8 message validation', function () {
+        before(function (done) {
+            pem.createCertificate({}, function (err, certHash) {
+                if (err) throw err;
+
+                var crypto = require('crypto'),
+                    validMessages = [utf8Message, utf8SubscriptionControlMessage];
+
+                for (var i = 0; i < validMessages.length; i++) {
+                    var signer = crypto.createSign('RSA-SHA1');
+
+                    for (var j = 0; j < signableKeysForSubscription.length; j++) {
+                        if (signableKeysForSubscription[j] in validMessages[i]) {
+                            signer.update(signableKeysForSubscription[j] + "\n"
+                                + validMessages[i][signableKeysForSubscription[j]] + "\n", 'utf8');
+                        }
+                    }
+
+                    validMessages[i]['Signature']
+                        = signer.sign(certHash.serviceKey, 'base64');
+                }
+
+                MessageValidator.__set__('getCertificate', function (url, cb) {
+                    cb(null, certHash.certificate);
+                });
+
+                done();
+            });
+        });
+
+        it('should accept a valid UTF8 message', function (done) {
+            (new MessageValidator(/^localhost:56789$/, 'utf8'))
+                .validate(utf8Message, done);
+        });
+    });
 });

No alert changes

Improved metrics

Total package byte prevSize

97410

increased by1.26%

Number of package files

22

increased by4.76%

Lines of code

423

increased by15.89%

Number of lines in readme file

130

increased by7.44%

No dependency changes