signature

Documentation

Overview

Package signature implements signature verification for MessageBird webhooks.

To use define a new validator using your MessageBird Signing key. You can use the ValidRequest method, just pass the request as a parameter:

validator := signature.NewValidator("your signing key")
if err := validator.ValidRequest(r); err != nil {
    // handle error
}

Or use the handler as a middleware for your server:

http.Handle("/path", validator.Validate(YourHandler))

It will reject the requests that contain invalid signatures. The validator uses a 5ms seconds window to accept requests as valid, to change this value, set the ValidityWindow to the disired duration. Take into account that the validity window works around the current time:

[now - ValidityWindow/2, now + ValidityWindow/2]

Index

• Variables
• type Validator
  • func NewValidator(signingKey string) *Validator
  • func (v *Validator) ValidRequest(r *http.Request) error
  • func (v *Validator) Validate(h http.Handler) http.Handler

Variables

var ValidityWindow = 5 * time.Second

ValidityWindow defines the time window in which to validate a request.

Types

type Validator

type Validator struct {
	SigningKey string // Signing Key provided by MessageBird.
}

Validator type represents a MessageBird signature validator.

func NewValidator

func NewValidator(signingKey string) *Validator

NewValidator returns a signature validator object.

func (*Validator) ValidRequest

func (v *Validator) ValidRequest(r *http.Request) error

ValidRequest is a method that takes care of the signature validation of incoming requests.

func (*Validator) Validate

func (v *Validator) Validate(h http.Handler) http.Handler

Validate is a handler wrapper that takes care of the signature validation of incoming requests and rejects them if invalid or pass them on to your handler otherwise.