Open zoewangg opened 5 years ago
I wanted to use a library to validate incoming SNS messages (notifications received from an SES ConfigurationSet) and had to use v1 because of the lack of Message Manager. As i'm on a Scala project after validating i just parse it off into a case class and don't really make use of the rest of the library.
If it sounds like i've done the right thing for now, great and :+1: for future V2 integration of a validator of some sort. If you think i could have done the validation with V2 please do let me know!
Request from Java SDK v1:
A way to access the optional Message Attributes in the SnsMessage.
Request from Java SDK v1:
Ability to set a custom httpClient, so I can set proxy config.
For more context: https://github.com/aws/aws-sdk-java/issues/2710
Any chance to also resolve this issue in the SDK v2 implementation: https://github.com/aws/aws-sdk-net/issues/1104?
Just ran into the same issue in the Java SDK v1 implementation. SNS->Lambda contains field SignatureCertUrl
(docs) while SignatureChecker
expects SignatureCertURL
.
3 years after the initial report there is still no equivalent for a basic security check that I guess most SNS users should make...
Is there any update on implementing this?
Three years on and I'm still using V1 as in my original comment. If you want to provide a migration path off using SnsMessageManager instead of migrating it to V2 in code that could also be helpful
Can't believe this problom is still existing. How can I verify the sns message by spring-cloud-aws-sns? Does anyone solve this issue?
Three years on and I'm still using V1 as in my original comment. If you want to provide a migration path off using SnsMessageManager instead of migrating it to V2 in code that could also be helpful
Hi @henricook , I wonder that how you can still using V1? I mean the SNS service had been updated, but you can still use Public Key method to verfiy message? I have try to create a new topic and found that no where to get the public key ...
private val messageManager = new SnsMessageManager(Regions.EU_WEST_1.getName)
def parseMessage(messageBody: InputStream): Try[Unit] = Try(messageManager.parseMessage(messageBody))
Takes care of everything for you 🤷🏻 - this is what you can't do in V2 (it seems) currently
private val messageManager = new SnsMessageManager(Regions.EU_WEST_1.getName) def parseMessage(messageBody: InputStream): Try[Unit] = Try(messageManager.parseMessage(messageBody))
Takes care of everything for you 🤷🏻 - this is what you can't do in V2 (it seems) currently
Sorry, I can't understand your code... it's scala? I want make sure that you mixed use V1 (only for verification) and V2 (for rest of stuff) in your project? As far as I know, V1 verifies the message by Public Key, but this method don't support V2(at least I can't find the Public Key signature or something like that on V2 documents)..
No, i'm only using V1 in my project. I'm blocked from using V2 because I want the ability to verify received messages from SES/SNS-JSON-HTTP callbacks using the library, like I do in V1 with SnsMessageManager
.
No, i'm only using V1 in my project. I'm blocked from using V2 because I want the ability to verify received messages from SES/SNS-JSON-HTTP callbacks using the library, like I do in V1 with
SnsMessageManager
.
oh.. Got it. Thank you for your help, my bro.
I have pushed some code to spring-cloud-aws(https://github.com/awspring/spring-cloud-aws/pull/684) which base on V2. It can verify the message by sns signingCertUrl.
Hope will help you guys.
Hi All, any update on this issue? I'm using v1 for parseMessage() in SnsMessageManager.java. Is there an equivalent method in v2 to validate the authenticity of an incoming SNS message?
@sindhu-cbs - same here! Can't find the equivalent in v2. Guess we haver to stick to v1 for now?
Missing SnsMessageManager::parseMessage
is the only reason we've been on V1 for the last four years+
As of July 31, 2024 v1 is deprecated but still no migration path for SnsMessageManager::parseMessage
...
Is there some other way to parse a message/check its signature that I don't know about? It seems like such a bizarre gap 😅
I am shocked it's not in v2 too...
Is there some other way to parse a message/check its signature that I don't know about? It seems like such a bizarre gap 😅
@henricook you have to do it manually as my current understanding. I seems to me that they are pushing to use SQS or other AWS services as a target endpoint.
This issue tracks the 2.x implementation of equivalent functionality to the 1.11.x
SnsMessageManager