Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More
Socket
Sign inDemoInstall
Socket

@contentful/node-apps-toolkit

Package Overview
Dependencies
Maintainers
7
Versions
49
Alerts
File Explorer

Advanced tools

Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

@contentful/node-apps-toolkit - npm Package Compare versions

Comparing version 2.0.2 to 2.0.3

7

CHANGELOG.md

@@ -0,1 +1,8 @@

## [2.0.3](https://github.com/contentful/node-apps-toolkit/compare/v2.0.2...v2.0.3) (2022-06-10)
### Bug Fixes
* [] do not export const enums for headers ([#51](https://github.com/contentful/node-apps-toolkit/issues/51)) ([6858557](https://github.com/contentful/node-apps-toolkit/commit/685855743a4bbf00b94067267efb7290ea96f308))
## [2.0.2](https://github.com/contentful/node-apps-toolkit/compare/v2.0.1...v2.0.2) (2022-03-25)

@@ -2,0 +9,0 @@

3

lib/index.d.ts
export { getManagementToken } from './keys';
export { signRequest, verifyRequest, ContentfulHeader, CanonicalRequest, SignedRequestHeaders, } from './requests';
export { signRequest, verifyRequest, ContentfulHeader } from './requests';
export type { CanonicalRequest, SignedRequestHeaders } from './requests';
"use strict";
Object.defineProperty(exports, "__esModule", { value: true });
exports.verifyRequest = exports.signRequest = exports.getManagementToken = void 0;
exports.ContentfulHeader = exports.verifyRequest = exports.signRequest = exports.getManagementToken = void 0;
var keys_1 = require("./keys");

@@ -9,1 +9,2 @@ Object.defineProperty(exports, "getManagementToken", { enumerable: true, get: function () { return keys_1.getManagementToken; } });

Object.defineProperty(exports, "verifyRequest", { enumerable: true, get: function () { return requests_1.verifyRequest; } });
Object.defineProperty(exports, "ContentfulHeader", { enumerable: true, get: function () { return requests_1.ContentfulHeader; } });
"use strict";
Object.defineProperty(exports, "__esModule", { value: true });
exports.verifyRequest = exports.signRequest = void 0;
exports.ContentfulContextHeader = exports.ContentfulHeader = exports.verifyRequest = exports.signRequest = void 0;
var sign_request_1 = require("./sign-request");

@@ -8,1 +8,4 @@ Object.defineProperty(exports, "signRequest", { enumerable: true, get: function () { return sign_request_1.signRequest; } });

Object.defineProperty(exports, "verifyRequest", { enumerable: true, get: function () { return verify_request_1.verifyRequest; } });
var typings_1 = require("./typings");
Object.defineProperty(exports, "ContentfulHeader", { enumerable: true, get: function () { return typings_1.ContentfulHeader; } });
Object.defineProperty(exports, "ContentfulContextHeader", { enumerable: true, get: function () { return typings_1.ContentfulContextHeader; } });

@@ -6,2 +6,3 @@ "use strict";

const typings_1 = require("./typings");
const typings_2 = require("./typings");
const utils_1 = require("./utils");

@@ -24,11 +25,11 @@ const hash = (normalizedCanonicalRequest, secret) => {

const rawSignedHeaders = Object.keys(headers);
if (!("x-contentful-signed-headers" /* SignedHeaders */ in headers)) {
rawSignedHeaders.push("x-contentful-signed-headers" /* SignedHeaders */);
if (!(typings_1.ContentfulHeader.SignedHeaders in headers)) {
rawSignedHeaders.push(typings_1.ContentfulHeader.SignedHeaders);
}
if (!("x-contentful-timestamp" /* Timestamp */ in headers)) {
rawSignedHeaders.push("x-contentful-timestamp" /* Timestamp */);
if (!(typings_1.ContentfulHeader.Timestamp in headers)) {
rawSignedHeaders.push(typings_1.ContentfulHeader.Timestamp);
}
const signedHeaders = rawSignedHeaders.sort(utils_1.sortHeaderKeys).join(',');
headers["x-contentful-timestamp" /* Timestamp */] = timestamp.toString();
headers["x-contentful-signed-headers" /* SignedHeaders */] = signedHeaders;
headers[typings_1.ContentfulHeader.Timestamp] = timestamp.toString();
headers[typings_1.ContentfulHeader.SignedHeaders] = signedHeaders;
const sortedHeaders = Object.entries(headers).sort(([keyA], [keyB]) => (0, utils_1.sortHeaderKeys)(keyA, keyB));

@@ -40,5 +41,5 @@ return { sortedHeaders, signedHeaders };

const maybeDefaultTimestamp = rawTimestamp !== null && rawTimestamp !== void 0 ? rawTimestamp : Date.now();
const canonicalRequest = typings_1.CanonicalRequestValidator.check(rawCanonicalRequest);
const timestamp = typings_1.TimestampValidator.check(maybeDefaultTimestamp);
const secret = typings_1.SecretValidator.check(rawSecret);
const canonicalRequest = typings_2.CanonicalRequestValidator.check(rawCanonicalRequest);
const timestamp = typings_2.TimestampValidator.check(maybeDefaultTimestamp);
const secret = typings_2.SecretValidator.check(rawSecret);
const path = (0, utils_1.getNormalizedEncodedURI)(canonicalRequest.path);

@@ -51,5 +52,5 @@ const method = canonicalRequest.method;

return {
["x-contentful-signature" /* Signature */]: hash({ method, headers: sortedHeaders, path, body }, secret),
["x-contentful-signed-headers" /* SignedHeaders */]: signedHeaders,
["x-contentful-timestamp" /* Timestamp */]: timestamp.toString(),
[typings_1.ContentfulHeader.Signature]: hash({ method, headers: sortedHeaders, path, body }, secret),
[typings_1.ContentfulHeader.SignedHeaders]: signedHeaders,
[typings_1.ContentfulHeader.Timestamp]: timestamp.toString(),
...contextHeaders,

@@ -56,0 +57,0 @@ };

import * as runtypes from 'runtypes';
export declare const enum ContentfulHeader {
export declare enum ContentfulHeader {
Timestamp = "x-contentful-timestamp",

@@ -7,3 +7,3 @@ SignedHeaders = "x-contentful-signed-headers",

}
export declare const enum ContentfulContextHeader {
export declare enum ContentfulContextHeader {
SpaceId = "x-contentful-space-id",

@@ -10,0 +10,0 @@ EnvironmentId = "x-contentful-environment-id",

"use strict";
Object.defineProperty(exports, "__esModule", { value: true });
exports.TimeToLiveValidator = exports.RequestMetadataValidator = exports.TimestampValidator = exports.SecretValidator = exports.CanonicalRequestValidator = void 0;
exports.TimeToLiveValidator = exports.RequestMetadataValidator = exports.TimestampValidator = exports.SecretValidator = exports.CanonicalRequestValidator = exports.ContentfulContextHeader = exports.ContentfulHeader = void 0;
// Remove when this eslint rule covers all the cases

@@ -8,2 +8,15 @@ // https://github.com/typescript-eslint/typescript-eslint/blob/master/packages/eslint-plugin/ROADMAP.md

const runtypes = require("runtypes");
var ContentfulHeader;
(function (ContentfulHeader) {
ContentfulHeader["Timestamp"] = "x-contentful-timestamp";
ContentfulHeader["SignedHeaders"] = "x-contentful-signed-headers";
ContentfulHeader["Signature"] = "x-contentful-signature";
})(ContentfulHeader = exports.ContentfulHeader || (exports.ContentfulHeader = {}));
var ContentfulContextHeader;
(function (ContentfulContextHeader) {
ContentfulContextHeader["SpaceId"] = "x-contentful-space-id";
ContentfulContextHeader["EnvironmentId"] = "x-contentful-environment-id";
ContentfulContextHeader["UserId"] = "x-contentful-user-id";
ContentfulContextHeader["AppId"] = "x-contentful-app-id";
})(ContentfulContextHeader = exports.ContentfulContextHeader || (exports.ContentfulContextHeader = {}));
const MethodValidator = runtypes.Union(runtypes.Literal('GET'), runtypes.Literal('PATCH'), runtypes.Literal('HEAD'), runtypes.Literal('POST'), runtypes.Literal('DELETE'), runtypes.Literal('OPTIONS'), runtypes.Literal('PUT'));

@@ -10,0 +23,0 @@ const PathValidator = runtypes.String.withConstraint((s) => s.startsWith('/'), {

@@ -5,2 +5,3 @@ "use strict";

const querystring = require("querystring");
const typings_1 = require("./typings");
const getNormalizedEncodedURI = (uri) => {

@@ -29,6 +30,6 @@ const [pathname, search] = uri.split('?');

const contextHeadersMap = {
spaceId: "x-contentful-space-id" /* SpaceId */,
envId: "x-contentful-environment-id" /* EnvironmentId */,
appId: "x-contentful-app-id" /* AppId */,
userId: "x-contentful-user-id" /* UserId */,
spaceId: typings_1.ContentfulContextHeader.SpaceId,
envId: typings_1.ContentfulContextHeader.EnvironmentId,
appId: typings_1.ContentfulContextHeader.AppId,
userId: typings_1.ContentfulContextHeader.UserId,
};

@@ -35,0 +36,0 @@ function normalizeContextHeaders(rawContext) {

@@ -10,5 +10,5 @@ "use strict";

var _a, _b;
const signature = normalizedHeaders["x-contentful-signature" /* Signature */];
const signedHeaders = ((_a = normalizedHeaders["x-contentful-signed-headers" /* SignedHeaders */]) !== null && _a !== void 0 ? _a : '').split(',');
const timestamp = Number.parseInt((_b = normalizedHeaders["x-contentful-timestamp" /* Timestamp */]) !== null && _b !== void 0 ? _b : '', 10);
const signature = normalizedHeaders[typings_1.ContentfulHeader.Signature];
const signedHeaders = ((_a = normalizedHeaders[typings_1.ContentfulHeader.SignedHeaders]) !== null && _a !== void 0 ? _a : '').split(',');
const timestamp = Number.parseInt((_b = normalizedHeaders[typings_1.ContentfulHeader.Timestamp]) !== null && _b !== void 0 ? _b : '', 10);
return typings_1.RequestMetadataValidator.check({ signature, signedHeaders, timestamp });

@@ -63,5 +63,5 @@ };

};
const { ["x-contentful-signature" /* Signature */]: computedSignature } = (0, sign_request_1.signRequest)(secret, requestToValidate, timestamp);
const { [typings_1.ContentfulHeader.Signature]: computedSignature } = (0, sign_request_1.signRequest)(secret, requestToValidate, timestamp);
return signature === computedSignature;
};
exports.verifyRequest = verifyRequest;

@@ -1,2 +0,4 @@

export { Response, HttpClient, createHttpClient, createValidateStatusCode, HttpError } from './http';
export { createLogger, Logger } from './logger';
export type { Response, HttpClient } from './http';
export { createHttpClient, createValidateStatusCode, HttpError } from './http';
export { createLogger } from './logger';
export type { Logger } from './logger';
{
"name": "@contentful/node-apps-toolkit",
"version": "2.0.2",
"version": "2.0.3",
"description": "A collection of helpers and utilities for creating NodeJS Contentful Apps",

@@ -50,3 +50,3 @@ "main": "lib/index.js",

"prettier": "^2.1.2",
"semantic-release": "18.0.0",
"semantic-release": "19.0.3",
"serve": "^13.0.2",

@@ -53,0 +53,0 @@ "sinon": "^9.1.0",

@@ -19,3 +19,4 @@ {

"pretty": true,
"declaration": true
"declaration": true,
"isolatedModules": true
},

@@ -22,0 +23,0 @@ "include": ["./src/**/*"],

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

Packages

npm

Stay in touch

Get open source security insights delivered straight into your inbox.


  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc