class AWS::SNS::Message
Represents a single SNS message.
See also docs.amazonwebservices.com/sns/latest/gsg/json-formats.html
Originators¶ ↑
Originators are sources of SNS messages. {FromAutoScaling} is one. {Message} can be extended by originators if their applicable? method returns true when passed the raw message. Originator modules must implement `applicable? sns` module function. If an originator is applicable, it should set the `@origin` accessor to denote itself.
Constants
- SIGNABLE_KEYS
Attributes
Public Class Methods
@return {Message} Constructs a new {Message} from the raw SNS, sets origin
# File lib/aws/sns/message.rb, line 53 def initialize sns if sns.is_a? String @raw = parse_from sns else @raw = sns end @origin = :sns self.extend FromAutoScaling if FromAutoScaling.applicable? @raw end
Public Instance Methods
@param [String] key Indexer into raw SNS JSON message. @return [String] the value of the SNS' field
# File lib/aws/sns/message.rb, line 65 def [] key @raw[key] end
@return [Boolean] true when the {Message} is authentic:
SigningCert is hosted at amazonaws.com, on https correctly cryptographically signed by sender nothing went wrong during authenticating the {Message}
See docs.amazonwebservices.com/sns/latest/gsg/SendMessageToHttp.verify.signature.html
# File lib/aws/sns/message.rb, line 75 def authentic? begin decoded_from_base64 = decode signature public_key = get_public_key_from signing_cert_url public_key.verify OpenSSL::Digest::SHA1.new, decoded_from_base64, canonical_string rescue MessageWasNotAuthenticError false end end
# File lib/aws/sns/message.rb, line 110 def message @raw['Message'] end
# File lib/aws/sns/message.rb, line 98 def message_id @raw['MessageId'] end
# File lib/aws/sns/message.rb, line 142 def parse_from json JSON.parse json end
# File lib/aws/sns/message.rb, line 118 def signature @raw['Signature'] end
# File lib/aws/sns/message.rb, line 122 def signature_version @raw['SignatureVersion'] end
# File lib/aws/sns/message.rb, line 126 def signing_cert_url @raw['SigningCertURL'] end
# File lib/aws/sns/message.rb, line 106 def subject @raw['Subject'] end
# File lib/aws/sns/message.rb, line 130 def subscribe_url @raw['SubscribeURL'] end
# File lib/aws/sns/message.rb, line 114 def timestamp @raw['Timestamp'] end
# File lib/aws/sns/message.rb, line 134 def token @raw['Token'] end
# File lib/aws/sns/message.rb, line 102 def topic_arn @raw['TopicArn'] end
@return the message type
# File lib/aws/sns/message.rb, line 86 def type case when @raw['Type'] =~ /SubscriptionConfirmation/i then :SubscriptionConfirmation when @raw['Type'] =~ /Notification/i then :Notification when @raw['Type'] =~ /UnsubscribeConfirmation/i then :UnsubscribeConfirmation else :unknown end end
# File lib/aws/sns/message.rb, line 138 def unsubscribe_url @raw['UnsubscribeURL'] end
Protected Instance Methods
# File lib/aws/sns/message.rb, line 157 def canonical_string text = '' SIGNABLE_KEYS.each do |key| value = @raw[key] next if value.nil? or value.empty? text << key << "\n" text << value << "\n" end text end
# File lib/aws/sns/message.rb, line 147 def decode raw Base64.decode64 raw end
# File lib/aws/sns/message.rb, line 168 def download url raise MessageWasNotAuthenticError, "cert is not hosted at AWS URL (https): #{url}" unless url =~ /^https.*amazonaws\.com\/.*$/i tries = 0 begin resp = https_get(url) resp.body rescue => error tries += 1 retry if tries < 3 raise error end end
# File lib/aws/sns/message.rb, line 151 def get_public_key_from(x509_pem_url) cert_pem = download x509_pem_url x509 = OpenSSL::X509::Certificate.new(cert_pem) OpenSSL::PKey::RSA.new(x509.public_key) end
# File lib/aws/sns/message.rb, line 181 def https_get(url) uri = URI.parse(url) http = Net::HTTP.new(uri.host, uri.port) http.use_ssl = true http.verify_mode = OpenSSL::SSL::VERIFY_PEER http.start resp = http.request(Net::HTTP::Get.new(uri.request_uri)) http.finish resp end