Alexa Request Verifier
AlexaRequestVerifier is a gem created to verify that requests received within a Sinatra application originate from Amazon's Alexa API.
Requirements
AlexaRequestVerifier requires the following:
- Ruby - version 2.0 or greater
Installation
Add this line to your application's Gemfile:
gem 'alexa_request_verifier'
Usage
This gem's main function is taking an [Sinatra][sinatra] request and verifying that it was sent by Amazon.
# within server.rb (or equivalent)
post '/' do
AlexaRequestVerifier.valid!(request)
end
Methods
AlexaRequestVerifier has two main entry points, detailsed below:
| Method | Parameter type | Returns |
|---|---|---|
AlexaRequestVerifier.valid!(request) |
Sinatra::Request |
true on successful verification. Raises an error if unsuccessful. |
AlexaRequestVerifier.valid?(request) |
Sinatra::Request |
true on successful verificatipn. false if unsuccessful. |
Handling errors
AlexaRequestVerifier#valid! will raise one of the following expected errors if verification cannot be performed.
Please note that all errors come with (hopefully) helpful accompanying messages.
| Error | Description |
|---|---|
AlexaRequestVerifier::InvalidCertificateURIError |
Raised when the certificate URI does not pass validation. |
AlexaRequestVerifier::InvalidCertificateError |
Raised when the certificate itself does not pass validation e.g. out of date, does not contain the requires SAN extension, etc. |
AlexaRequestVerifier::InvalidRequestError |
Raised when the request cannot be verified (not timely, not signed with the certificate, etc.) |
Getting Started with Development
To clone the repository and set up the dependencies, run the following:
git clone https://github.com/mattrayner/alexa_request_verifier.git
cd alexa_request_verifier
bundle install
Running the tests
We use RSpec as our testing framework and tests can be run using:
bundle exec rake
Contributing
If you wish to submit a bug fix or feature, you can create a pull request and it will be merged pending a code review.
- Fork the repository
- Create your feature branch (
git checkout -b my-new-feature) - Commit your changes (
git commit -am 'Add some feature') - Push to the branch (
git push origin my-new-feature) - Ensure your changes are tested using Rspec
- Create a new Pull Request
License
AlexaRequestVerifier is licensed under the MIT.
Code of Conduct
Everyone interacting in the AlexaRequestVerifier project’s codebases, issue trackers, chat rooms and mailing lists is expected to follow the code of conduct.