Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Alexa skill: The skill end-point is not validating the signatures for incoming requests and is accepting requests with an empty signature URL. #143

Closed
isabelacmor opened this issue Jan 9, 2018 · 4 comments
Closed

Alexa skill: The skill end-point is not validating the signatures for incoming requests and is accepting requests with an empty signature URL. #143

isabelacmor opened this issue Jan 9, 2018 · 4 comments

Comments

@isabelacmor
Copy link

We're using Claudia.js to deploy a lambda function for an Alexa skill. Everything works on their platform after running claudia update locally, but when we submit the skill for certification, it fails and says:

The skill end-point is not validating the signatures for incoming requests and is accepting requests with an empty signature URL. Please check if your signature validation is correct. To reject an invalid request (with an invalid signature or certificate), the skill should respond with an HTTP status code 400 (Bad Request). Please refer to our documentation on how to build your Alexa Skill as a web service and validate requests and signatures.

  • Link to a minimal, executable project that demonstrates the problem:
    Our skill's repo: https://github.com/tylerl0706/alexa-spell

  • More info:
    In the Alexa skill SSL cert page, I put in the URL generated by Claudia and also checked the " My development endpoint is a sub-domain of a domain that has a wildcard certificate from a certificate authority" option.
@TylerLeonhardt
Copy link

Hey there - Isabela and I working on this online hackathon and the deadline is coming up so if you have any suggestions, we're all ears!

FWIW, I attempted to add "Alexa Skills Kit" to the lambda function hoping that would fix it (I, of course, updated the https url to the ARN) but instead, our skill now throws:

{ "errorMessage": "event does not contain routing information" }

Any thoughts? We are desperate and are depending on you guys 😢

@stojanovic
Copy link
Member

stojanovic commented Jan 9, 2018
edited
Loading

Huh, you should be able to reuse most of the code by using this as a tmp solution: https://github.com/stojanovic/alexa-skill-kit/
It's a connection without API Gateway.

I don't think I can check the issue with this that fast.

@tylerl0706 you can't point to lambda directly with Claudia Bot Builder, because it expects API request, not Alexa request.

@stojanovic
Copy link
Member

Wait, are you using Claudia Bot Builder? If yes can you open an issue there, because this isn't Claudia issue?

@TylerLeonhardt TylerLeonhardt mentioned this issue Jan 9, 2018
Open
@TylerLeonhardt
Copy link

Done claudiajs/claudia-bot-builder#110

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@stojanovic @TylerLeonhardt @isabelacmor