Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

v2 fixes #35 #42

Merged
merged 3 commits into from
Jan 15, 2022
Merged

v2 fixes #35 #42

Show file tree
Hide file tree
Changes from 2 commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
d71046a
convert to pure es module. remove old versions of node. update all de…
mreinstein Jan 13, 2022
15c5c5d
2.0.0
mreinstein Jan 13, 2022
306ce48
goodbye travis, hello github actions
mreinstein Jan 15, 2022
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 2 additions & 0 deletions .npmrc
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,2 @@
engine-strict=true

10 changes: 4 additions & 6 deletions .travis.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,13 +1,11 @@
sudo: false

dist: xenial
os: linux
language: node_js

node_js:
- '8'
- '9'
- '10'
- '12'
- '14'
- '16'

cache:
directories:
Expand All @@ -18,4 +16,4 @@ notifications:

matrix:
include:
- node_js: 8
- node_js: 12
5 changes: 5 additions & 0 deletions CHANGELOG.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,5 @@
# 2.0.0
* BREAKING: publish as a pure ES module
* BREAKING: only support node >= 12.17
* BREAKING: switch to es6 everywhere
* update all dependencies
19 changes: 10 additions & 9 deletions README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -9,20 +9,21 @@
An [express](https://www.npmjs.com/package/express) middleware that verifies HTTP requests sent to an Alexa skill are sent from Amazon.


This module should work on node v4 and up, though we don't test on those platforms anymore. We guarantee support node v8 and up.
Version 2.x is now a pure es module, and requires node 12.17 or higher. If you want to run this via an older version of node, use [email protected]


### Usage

It is recommended that you attach all Alexa routes to an express Router.
```javascript
var express = require('express');
var verifier = require('alexa-verifier-middleware');
import express from 'express';
import verifier from 'alexa-verifier-middleware';

var app = express();

const app = express();

// create a router and attach to express before doing anything else
var alexaRouter = express.Router();
const alexaRouter = express.Router();
app.use('/alexa', alexaRouter);

// attach the verifier middleware first because it needs the entire
Expand All @@ -32,7 +33,7 @@ alexaRouter.use(verifier);
// Routes that handle alexa traffic are now attached here.
// Since this is attached to a router mounted at /alexa,
// this endpoint will be accessible at /alexa/weather_info
alexaRouter.get('/weather_info', function(req, res) { ... });
alexaRouter.get('/weather_info', function (req, res) { ... });

app.listen(3000);
```
Expand All @@ -44,7 +45,7 @@ app.listen(3000);

Before:
```javascript
var alexaRouter = express.Router();
const alexaRouter = express.Router();
app.use('/alexa', alexaRouter);

// INCORRECT
Expand All @@ -54,7 +55,7 @@ alexaRouter.use(verifier);

After:
```javascript
var alexaRouter = express.Router();
const alexaRouter = express.Router();
app.use('/alexa', alexaRouter);

// CORRECT
Expand All @@ -63,4 +64,4 @@ alexaRouter.use(bodyParser.json());
```

### Mentions
* [mreinstein](https://github.com/mreinstein) for his [alexa-verifier](https://github.com/mreinstein/alexa-verifier) module, which allows you to verify any Amazon requests from any web service
* [mreinstein](https://github.com/mreinstein) for his [alexa-verifier](https://github.com/mreinstein/alexa-verifier) module, which allows you to verify any Amazon requests from any web service
22 changes: 11 additions & 11 deletions index.js
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,14 +1,15 @@
var verifier = require('alexa-verifier')
import verifier from 'alexa-verifier'


// the alexa API calls specify an HTTPS certificate that must be validated.
// the validation uses the request's raw POST body which isn't available from
// the body parser module. so we look for any requests that include a
// signaturecertchainurl HTTP request header, parse out the entire body as a
// text string, and set a flag on the request object so other body parser
// middlewares don't try to parse the body again
module.exports = function alexaVerifierMiddleware(req, res, next) {
export default function alexaVerifierMiddleware (req, res, next) {
if (req._body) {
var er = 'The raw request body has already been parsed.'
const er = 'The raw request body has already been parsed.'
return res.status(400).json({ status: 'failure', reason: er })
}

Expand All @@ -18,29 +19,28 @@ module.exports = function alexaVerifierMiddleware(req, res, next) {
// other body parser middlewares
req._body = true
req.rawBody = ''
req.on('data', function(data) {
req.on('data', function (data) {
return req.rawBody += data
})

req.on('end', function() {
var certUrl, er, error, signature
req.on('end', function () {
let certUrl, er, error, signature

try {
req.body = JSON.parse(req.rawBody)
} catch (error) {
er = error
req.body = {}
req.body = { }
}

certUrl = req.headers.signaturecertchainurl
signature = req.headers.signature

verifier(certUrl, signature, req.rawBody, function(er) {
if (er) {
verifier(certUrl, signature, req.rawBody, function (er) {
if (er)
res.status(400).json({ status: 'failure', reason: er })
} else {
else
next()
}
})
})
}
Loading