Merge pull request #3 from mokemokechicken/feature/enable_to_specify_message_encoding

enable to specify message encoding

Author: jeskew

README.md

@@ -28,7 +28,7 @@ validator.validate(message, function (err, message) {
         // Your message could not be validated.
         return;
     }
-   
+
     // message has been validated and its signature checked.
 });
 ```
@@ -79,7 +79,7 @@ validator.validate(message, function (err, message) {
         console.error(err);
         return;
     }
-   
+
     if (message['Type'] === 'SubscriptionConfirmation') {
         https.get(message['SubscribeURL'], function (res) {
           // You have confirmed your endpoint subscription
@@ -88,6 +88,15 @@ validator.validate(message, function (err, message) {
 });
 ```
 
+If an incoming message includes multibyte characters and its encoding is utf8,
+set the encoding to `validator`.
+
+```javascript
+var MessageValidator = require('sns-validator'),
+    validator = new MessageValidator();
+validator.encoding = 'utf8';
+```
+
 ### Receiving a Notification
 
 To receive a notification, use the same code as the preceding example, but

index.js

@@ -88,7 +88,7 @@ var getCertificate = function (certUrl, cb) {
     }).on('error', cb)
 };
 
-var validateSignature = function (message, cb) {
+var validateSignature = function (message, cb, encoding) {
     if (message['SignatureVersion'] !== '1') {
         cb(new Error('The signature version '
             + message['SignatureVersion'] + ' is not supported.'));
@@ -99,7 +99,7 @@ var validateSignature = function (message, cb) {
     for (var i = 0; i < signableKeys.length; i++) {
         if (signableKeys[i] in message) {
             verifier.update(signableKeys[i] + "\n"
-                + message[signableKeys[i]] + "\n");
+                + message[signableKeys[i]] + "\n", encoding);
         }
     }
 
@@ -123,8 +123,9 @@ var validateSignature = function (message, cb) {
  * @constructor
  * @param {RegExp} [hostPattern=/^sns\.[a-zA-Z0-9\-]{3,}\.amazonaws\.com(\.cn)?$/] - A pattern used to validate that a message's certificate originates from a trusted domain.
  */
-function MessageValidator(hostPattern) {
+function MessageValidator(hostPattern, encoding) {
     this.hostPattern = hostPattern || defaultHostPattern;
+    this.encoding = encoding;
 }
 
 /**
@@ -156,7 +157,7 @@ MessageValidator.prototype.validate = function (hash, cb) {
         return;
     }
 
-    validateSignature(hash, cb);
+    validateSignature(hash, cb, this.encoding);
 };
 
 module.exports = MessageValidator;

package.json

@@ -1,6 +1,6 @@
 {
   "name": "sns-validator",
-  "version": "0.1.0",
+  "version": "0.2.1",
   "description": "A standalone validator for inbound SNS HTTP messages. No dependency on the AWS SDK for JavaScript.",
   "repository": {
     "type": "git",

test/validator.js

@@ -24,6 +24,20 @@ var chai = require('chai'),
         SubscribeURL: 'https://www.amazonaws.com',
         Type: 'SubscriptionConfirmation'
     }),
+    utf8Message = {
+        Type: 'Notification',
+        MessageId: '1',
+        TopicArn: 'arn',
+        Message: 'Ａ Ｍｅｓｓａｇｅ Ｆｏｒ ｙｏｕ！',
+        Timestamp: (new Date).toISOString(),
+        SignatureVersion: '1',
+        SigningCertURL: "https://localhost:56789/cert.pem"
+    },
+    utf8SubscriptionControlMessage = _.extend({}, utf8Message, {
+        Token: 'Nonce',
+        SubscribeURL: 'https://www.amazonaws.com',
+        Type: 'SubscriptionConfirmation'
+    }),
     validCertUrl = 'https://sns.us-east-1.amazonaws.com/cert.pem';
 
 describe('Message Validator', function () {
@@ -182,4 +196,40 @@ describe('Message Validator', function () {
                 .validate(validSubscriptionControlMessage, done);
         });
     });
+
+    describe('UTF8 message validation', function () {
+        before(function (done) {
+            pem.createCertificate({}, function (err, certHash) {
+                if (err) throw err;
+
+                var crypto = require('crypto'),
+                    validMessages = [utf8Message, utf8SubscriptionControlMessage];
+
+                for (var i = 0; i < validMessages.length; i++) {
+                    var signer = crypto.createSign('RSA-SHA1');
+
+                    for (var j = 0; j < signableKeys.length; j++) {
+                        if (signableKeys[j] in validMessages[i]) {
+                            signer.update(signableKeys[j] + "\n"
+                                + validMessages[i][signableKeys[j]] + "\n", 'utf8');
+                        }
+                    }
+
+                    validMessages[i]['Signature']
+                        = signer.sign(certHash.serviceKey, 'base64');
+                }
+
+                MessageValidator.__set__('getCertificate', function (url, cb) {
+                    cb(null, certHash.certificate);
+                });
+
+                done();
+            });
+        });
+
+        it('should accept a valid UTF8 message', function (done) {
+            (new MessageValidator(/^localhost:56789$/, 'utf8'))
+                .validate(utf8Message, done);
+        });
+    });
 });