ข้ามไปยังเนื้อหา

Class AmazonSesInvitationDeliveryAspNetCoreOptions

เนื้อหานี้ยังไม่ได้แปลเป็นภาษาไทย แสดงเป็นภาษาอังกฤษแทน

Namespace: Cephalon.MultiTenancy.Governance.AmazonSesDelivery.AspNetCore.Configuration
Assembly: Cephalon.MultiTenancy.Governance.AmazonSesDelivery.AspNetCore.dll

Configures ASP.NET Core Amazon SES over SNS callback translation for tenant-invitation delivery status updates.

public sealed class AmazonSesInvitationDeliveryAspNetCoreOptions

objectAmazonSesInvitationDeliveryAspNetCoreOptions

object.Equals(object?), object.Equals(object?, object?), object.GetHashCode(), object.GetType(), object.ReferenceEquals(object?, object?), object.ToString()

This adapter translates SNS-wrapped Amazon SES event publishing payloads into Cephalon delivery-status reconciliation requests. It does not own AWS account setup, SES identity verification, SNS topic/subscription creation beyond optionally confirming signed subscription-confirmation callbacks, durable callback inboxes, distributed replay protection, or provider polling. When configured, it can verify the Amazon SNS message signature before translation, confirm verified SNS subscription requests, observe verified unsubscribe-confirmation lifecycle messages without restoring subscriptions, and skip duplicate SNS message identifiers already recorded by the Cephalon delivery-status observation store.

AmazonSesInvitationDeliveryAspNetCoreOptions()

Section titled “ AmazonSesInvitationDeliveryAspNetCoreOptions()”

Initializes a new instance of the class.

public AmazonSesInvitationDeliveryAspNetCoreOptions()

Gets or sets a value indicating whether raw Amazon SES event payloads should be accepted for controlled replay.

public bool AcceptRawSesEventPayloads { get; set; }

bool

Production SNS HTTP subscriptions post an SNS envelope whose Message field contains the SES event. This option lets tests or replay tools post the SES event body directly without claiming a durable callback inbox.

Gets or sets the actor value recorded on translated Amazon SES delivery status observations.

public string Actor { get; set; }

string

Gets or sets the SNS topic ARNs accepted by this callback endpoint when topic allow-listing is required.

public string[] AllowedSnsTopicArns { get; set; }

string[]

Gets or sets a value indicating whether translated SNS notifications should skip duplicate MessageId values that already exist in the Cephalon delivery-status observation store.

public bool EnableSnsMessageIdIdempotency { get; set; }

bool

This guard uses the stable SNS MessageId-derived observation id emitted by the translator. It does not replace durable inboxing or distributed callback processing; the durability of the guard follows the configured ITenantInvitationDeliveryStatusObservationStore.

Gets or sets a value indicating whether verified SNS callbacks should be protected against replay inside the current process.

public bool EnableSnsReplayProtection { get; set; }

bool

Replay protection is active only when is enabled and the SNS envelope verifies successfully. The built-in guard stores bounded fingerprints derived from TopicArn and MessageId in memory and does not claim distributed replay protection or durable callback inbox ownership.

Gets or sets a value indicating whether verified SNS subscription-confirmation messages should be confirmed by the callback endpoint.

public bool EnableSnsSubscriptionConfirmation { get; set; }

bool

This option is disabled by default. When enabled, the endpoint only confirms SubscriptionConfirmation envelopes after SNS signature verification has succeeded. It does not create SNS topics, configure SES event destinations, own subscription lifecycle governance, or store confirmation tokens.

EnableSnsUnsubscribeConfirmationObservation

Section titled “ EnableSnsUnsubscribeConfirmationObservation”

Gets or sets a value indicating whether verified SNS unsubscribe-confirmation messages should be reported by the callback endpoint without restoring the subscription.

public bool EnableSnsUnsubscribeConfirmationObservation { get; set; }

bool

This option is active only when is enabled and the SNS envelope verifies successfully. The endpoint never visits the unsubscribe envelope’s SubscribeURL; that URL would re-confirm the subscription and belongs to an explicit operator or provider lifecycle flow.

Gets or sets a value indicating whether the Amazon SES callback endpoint should be mapped.

public bool EnableStatusCallbackEndpoint { get; set; }

bool

ExcludeStatusCallbackEndpointFromDescription

Section titled “ ExcludeStatusCallbackEndpointFromDescription”

Gets or sets a value indicating whether the Amazon SES callback endpoint should be excluded from OpenAPI descriptions.

public bool ExcludeStatusCallbackEndpointFromDescription { get; set; }

bool

Gets or sets a value indicating whether Amazon SES engagement events such as open and click should be recorded as delivered.

public bool MapEngagementEventsAsDelivered { get; set; }

bool

The default is false so the endpoint records deliverability events only. Enable this when a host deliberately wants engagement events to update invitation delivery status.

Gets or sets the maximum number of Amazon SES events accepted in one callback request.

public int MaxEventsPerRequest { get; set; }

int

SNS HTTP callbacks normally contain one SES event in the Message field. Arrays are accepted only for controlled replay and test harness scenarios while keeping the same bounded parsing posture.

Gets or sets the maximum request body size accepted by the Amazon SES callback endpoint, in bytes.

public int MaxRequestBodyBytes { get; set; }

int

Gets or sets a pinned X.509 certificate PEM used to verify SNS signatures instead of downloading the certificate from SigningCertURL.

public string? PinnedSnsSigningCertificatePem { get; set; }

string?

This is primarily useful for tests, controlled replay, or hosts that deliberately pin the SNS signing certificate. Production hosts usually leave this unset so the endpoint retrieves the AWS SNS signing certificate from the validated HTTPS URL in the SNS envelope.

Gets or sets a value indicating whether translated delivery status should be recorded on the invitation.

public bool RecordStatus { get; set; }

bool

Gets or sets a value indicating whether TopicArn must match when signature verification is required.

public bool RequireAllowedSnsTopicArn { get; set; }

bool

Keeping this enabled follows the SNS spoofing-prevention guidance that receivers reject messages from unexpected topics. Disable only for controlled multi-topic gateways that apply their own allow-list.

Gets or sets a value indicating whether translated Amazon SES events must match an existing provider message id.

public bool RequireProviderMessageMatch { get; set; }

bool

Amazon SES event payloads expose the SES-assigned message id through mail.messageId. Keeping this guard enabled makes the callback translator reconcile only the invitation dispatch previously accepted by SES.

Gets or sets a value indicating whether SNS message signatures must verify before translation.

public bool RequireSnsSignatureVerification { get; set; }

bool

When enabled, the endpoint rejects raw SES replay payloads, validates the SNS envelope, verifies the Base64-encoded RSA signature over the canonical SNS string-to-sign, and records safe verification metadata.

Gets or sets a value indicating whether verified SNS messages must use SignatureVersion 2.

public bool RequireSnsSignatureVersion2 { get; set; }

bool

Amazon SNS topics default to signature version 1, but version 2 uses SHA-256 and is the recommended setting for new deployments. Disable this only when a host deliberately accepts legacy SHA-1 SNS signatures.

Gets or sets a value indicating whether the Amazon SES callback endpoint should require authorization.

public bool RequireStatusCallbackAuthorization { get; set; }

bool

The endpoint performs an in-handler authorization check by default. Hosts can satisfy it with ASP.NET Core authentication, a gateway, or deliberately disable it for trusted test hosts.

Gets or sets the maximum number of verified SNS callback replay fingerprints retained in the current process.

public int SnsReplayCacheLimit { get; set; }

int

When the bounded cache is full, the oldest fingerprint is evicted before recording a new accepted signed callback.

Gets or sets the process-local retention window, in seconds, for verified SNS callback replay fingerprints.

public int SnsReplayRetentionSeconds { get; set; }

int

The endpoint clamps the effective retention to at least one second. The default is five minutes.

SnsSubscriptionConfirmationTimeoutSeconds

Section titled “ SnsSubscriptionConfirmationTimeoutSeconds”

Gets or sets the timeout, in seconds, for an enabled SNS subscription-confirmation HTTP request.

public int SnsSubscriptionConfirmationTimeoutSeconds { get; set; }

int

The effective timeout is clamped between one second and five minutes.

Gets or sets the source value recorded on translated Amazon SES delivery status observations.

public string Source { get; set; }

string

Gets or sets the optional ASP.NET Core authorization policy required by the Amazon SES callback endpoint.

public string? StatusCallbackAuthorizationPolicy { get; set; }

string?

Gets or sets the ASP.NET Core route pattern used for SNS-wrapped Amazon SES callbacks.

public string StatusCallbackRoutePattern { get; set; }

string

The default route stays under /engine because this endpoint is a provider-adapter ingress surface, not an application-owned onboarding API.

Gets or sets a value indicating whether the SNS signing certificate chain and validity window should be checked.

public bool ValidateSnsSigningCertificateChain { get; set; }

bool

The default is true for production safety. Tests using self-signed pinned certificates can disable this without weakening the canonical message-signature proof.

FromConfiguration(IConfiguration?, string)

Section titled “ FromConfiguration(IConfiguration?, string)”

Reads Amazon SES ASP.NET Core callback options from configuration.

public static AmazonSesInvitationDeliveryAspNetCoreOptions FromConfiguration(IConfiguration? configuration, string sectionPath = "Engine")

configuration IConfiguration?

The root configuration that contains the engine section.

sectionPath string

The engine root section path to read from.

AmazonSesInvitationDeliveryAspNetCoreOptions

The parsed Amazon SES ASP.NET Core callback options.