p4tin
commented
4 years ago As I am involved in other projects at the moment and you seem to have a grasp of the issue, I'd very much welcome a PR.
Open DayS1eeper opened 4 years ago
p4tin
commented
4 years ago As I am involved in other projects at the moment and you seem to have a grasp of the issue, I'd very much welcome a PR.
Expected behaviour (SNS) In
Verifying the Signatures of Amazon SNS Messageshttps://docs.aws.amazon.com/sns/latest/dg/sns-verify-signature-of-message.html is specified thatstring to signmust containSubjectname-value pair if it is included in the message. It doesn't mean thatSubjectmust be omitted if value ofSubjectkey is empty string. Inaws-php-sns-message-validatorSubjectfield is omitted only when message doesn't contain it https://github.com/aws/aws-php-sns-message-validator/blob/ba6810807ac8936317021ccc14cdb1297d525ae1/src/MessageValidator.php#L162 , the same logic is present inExample Code for an Amazon SNS Endpoint Java Servlethttps://docs.aws.amazon.com/sns/latest/dg/sns-example-code-endpoint-java-servlet.htmlCurrent behaviour (goaws) Subject is omitted while creating
string to signif the value is empty string https://github.com/p4tin/goaws/blob/6ecd9bf473ad2b2a88dba5224957826665710dec/app/gosns/gosns.go#L257It would be great if it were fixed.