search

organizerconnect / django-bouncy

A Django package used to process bounce and abuse reports from AWS Simple Email Service
Other
8 stars 14 forks source link

Verification Failure occurring #16

Open thenewguy opened 2 years ago

thenewguy commented 2 years ago

I've started receiving verification failures.

After comparing the NOTIFICATION_HASH_FORMAT at https://github.com/organizerconnect/django-bouncy/blob/773a581bda6eae26ab8b080a27614cebca3c3fbd/django_bouncy/utils.py#L36 against the amazon docs at https://docs.aws.amazon.com/sns/latest/dg/sns-verify-signature-of-message.html I noticed the failure errors I am observing include a subject.

Here are the fields per the docs:

Message
MessageId
Subject (if included in the message)
Timestamp
TopicArn
Type

and an example per the docs:

Message
My Test Message
MessageId
4d4dc071-ddbf-465d-bba8-08f81c89da64
Subject
My subject
Timestamp
2019-01-31T04:37:04.321Z
TopicArn
arn:aws:sns:us-east-2:123456789012:s4-MySNSTopic-1G1WEFCOXTC0P
Type
Notification

This is the current template used by bouncy:

NOTIFICATION_HASH_FORMAT = u'''Message
{Message}
MessageId
{MessageId}
Timestamp
{Timestamp}
TopicArn
{TopicArn}
Type
{Type}
'''

Notice it does not include the subject.

thenewguy commented 2 years ago

This might be related to #17