Verify Signature #1
Description
hyper Queue allows you to create a target webhook endpoint to receive jobs, in order to secure that endpoint to only receive jobs from hyper, you can implement a secret, this secret using sha256 to encode a nounce timestamp and a signature of the job payload. We created a function on hyper_connect to make it easier to implement your own middleware to validate these incoming jobs in a secure way.
- Create and export create_hyper_verify fn
- Types
- Document within readme
- Example within readme
JS hyper-connect SDK version: https://github.com/hyper63/hyper/blob/main/packages/connect/deno/utils/hyper-verify.ts
/**
* Verify a job received from a hyper queue.
* See https://docs.hyper.io/post-a-jobtask#sz-verifying-jobs-from-hyper-queue
*
* @param {string} secret - the secret you provided when creating the queue.
* your hyper queue adds a signature to all job requests, using this secret.
* @param {string} ttl - the maximum age of a job, in the case of your worker having a constraint
* where it should only process jobs if the job was sent within the last 5 minutes
* @returns - a function that, given the X-HYPER-SIGNATURE and job payload,
* will verify the signature and payload and return a hyper OK response
*/
export function createHyperVerify(secret: string, ttl?: string) {
return function (signature: string, payload: unknown): Result {
return of({ input: { signature, payload }, secret, ttl })
.map(splitHyperSignature)
.chain(createHmacSignature)
.chain(compareSignatures)
.chain(verifyTimeGap(ttl as string))
.either(identity, handleSuccess);
};
}