# AlexaRequestVerifier

## Description
Alexa Request Verifier is a library that handles all of the certificate and request verification for Alexa Requests for certified skills. (See the [Alexa Skills Documentation]( for more information)  

Specifically, it will:
* Confirm the URL for the certificate is a valid Alexa URL
* Validate the certificate is valid
* Confirm the request is recent (to avoid playback attacks)
* Validate the message signature

Alexa Request Verifier uses ConCache to cache certificates once they have been verified.

## Installation

1. If [available in Hex](, the package can be installed
by adding `alexa_request_verifier` to your list of dependencies in `mix.exs`:

def deps do
  [{:alexa_request_verifier, "~> 0.1.3"}]
2.You will need to add AlexaRequestVerifier as an application in the same mix.exs file.
applications: [..., :alexa_request_verifier] 

3. You will also need to modify your endpoint.ex file by changing the parser as follows:
parsers: [AlexaRequestVerifier.JSONRawBodyParser, :urlencoded, :multipart, :json],

4. You will need to add the verifier plug to your pipeline in your router.ex file
pipeline :alexa_api do
    plug :accepts, ["json"]
    plug AlexaRequestVerifier

## Kudos
A big thanks to the Elixir Forum for helping me navigate all of the Erlang :public_key libraries.  [Forum thread](

Documentation can be found at [](