In a servant/wai application the request body can be obtained using a combinator e.g. ReqBody '[JSON] Book
. In this case the body is extracted as a value of type Book
. It is not clear how the raw request body can be accessed without converting it to a type.
The raw request body may be required to verify its signature. An example is in stripe webhooks (i.e. stripe.com) where the raw request body may be needed for verification. There is a nice library on hackage.org (stripe-hs) that does this verification but does not explain how to obtain the raw request body.
I guess one way is through a middleware where the request body can be consumed once. Is there any other way?
What I ended up doing is to create a new data type
data WebhookJSON
and its corresponding MimeUnrender and MimeRender instances for this data type. Just like its done for theJSON
type. I used that data type in the combinators e.g.ReqBody '[WebhookJSON] ByteString
. Hopefully (I haven't tested it yet), this is one way to gain access to the raw request body.