def do_POST(self):
content_length = int(self.headers['Content-Length'])
try:
content_bytes = self.rfile.read(content_length)
_logger.debug("processing message. headers=%s, content=%s", self.headers, content_bytes)
try:
body = json.loads(content_bytes)
sns_verify_signature(body)
except json.decoder.JSONDecodeError:
_logger.warning("ignoring invalid message. content=%s", content_bytes, exc_info=True)
_counter_errors.labels('sns').inc()
except InvalidSnsSignatureException:
_logger.warning("ignoring message with invalid signature. content=%s", content_bytes, exc_info=True)
_counter_errors.labels('sns').inc()
else:
if self.receiver is not None:
self.receiver.receive(body)
else:
_logger.info("received notification. body=%s", body)
_counter_sns.inc()
self.send_response(HTTPStatus.OK)
self.send_header('Content-Length', '0')
self.end_headers()
except:
_logger.warning("unexpected error.", exc_info=True)
_counter_errors.labels('sns').inc()
self.send_response(HTTPStatus.INTERNAL_SERVER_ERROR)
self.send_header('Content-Length', '0')
self.end_headers()
def test_sns_verify_signature_untrusted_signing_url(valid_body):
body = valid_body.copy()
body["SigningCertURL"] = "http://example.com/badcaffe"
with pytest.raises(InvalidSnsSignatureException,
match=r"Invalid signing cert url.*"):
sns_verify_signature(body)
def test_sns_verify_signature_invalid_signature_encoding(valid_body):
body = valid_body.copy()
body["Signature"] = "=notBase64"
with pytest.raises(InvalidSnsSignatureException,
match="Invalid signature"):
sns_verify_signature(body)
def test_sns_verify_signature_missing_signature(valid_body):
body = valid_body.copy()
del body["Signature"]
with pytest.raises(InvalidSnsSignatureException,
match="Missing key. name=Signature"):
sns_verify_signature(body)
def test_sns_verify_signature_bad_key_type(valid_body):
body = valid_body.copy()
body["Subject"] = 1
with pytest.raises(InvalidSnsSignatureException,
match="Missing key. name=Subject"):
sns_verify_signature(body)
def test_sns_verify_signature_invalid_signature(valid_body):
body = valid_body.copy()
body["Signature"] = "dGVzdAo="
with pytest.raises(InvalidSnsSignatureException,
match="Invalid signature"):
sns_verify_signature(body)
def test_sns_verify_signature_unknown_signature_version(valid_body):
body = valid_body.copy()
body["SignatureVersion"] = "2"
with pytest.raises(Exception,
match="Signature version not implemented. version=2"):
sns_verify_signature(body)
def test_sns_verify_signature(valid_body):
sns_verify_signature(valid_body)