@relaybox/rest - npm Package Compare versions

Comparing version 1.8.0 to 1.9.0

dist/relaybox.d.ts

 import { ExtendedJwtPayload } from './types/jwt.types';
 import { PublishResponseData, TokenResponse, TokenResponseParams } from './types/response.types';
 import { RelayBoxOptions } from './types/config.types';
+import { WebhookPayload } from './types/webhook.types';
 /**
@@ -57,2 +58,6 @@ * The RelayBox class provides methods to generate authentication tokens and publish events
     verifyAuthToken(token: string): ExtendedJwtPayload;
+    /**
+     * Verify webhook sugnature
+     */
+    verifyWebhookSignature(webhookPayload: WebhookPayload, requestSignature: string, signingKey: string): boolean;
 }

dist/relaybox.js

@@ -125,3 +125,12 @@ "use strict";
     }
+    /**
+     * Verify webhook sugnature
+     */
+    verifyWebhookSignature(webhookPayload, requestSignature, signingKey) {
+        const { data } = webhookPayload;
+        const serializedData = (0, signature_1.serializeData)(data);
+        const generatedSignature = (0, signature_1.generateHmacSignature)(serializedData, signingKey);
+        return generatedSignature === requestSignature;
+    }
 }
 exports.default = RelayBox;

dist/signature.d.ts

@@ -5,1 +5,2 @@ import { ExtendedJwtPayload } from './types/jwt.types';
 export declare function verifyAuthToken(token: string, secretKey: string): ExtendedJwtPayload;
+export declare function serializeData(data: any): string;

dist/signature.js

@@ -9,5 +9,7 @@ "use strict";
 exports.verifyAuthToken = verifyAuthToken;
+exports.serializeData = serializeData;
 const crypto_1 = __importDefault(require("crypto"));
 const jsonwebtoken_1 = __importDefault(require("jsonwebtoken"));
 const errors_1 = require("./errors");
+const json_canonicalize_1 = require("json-canonicalize");
 const JWT_ISSUER = `https://relaybox.net`;
@@ -57,1 +59,11 @@ const JWT_HASHING_ALGORITHM = 'HS256';
 }
+function serializeData(data) {
+    try {
+        const canonicalizedData = (0, json_canonicalize_1.canonicalize)(data);
+        const serializedData = JSON.stringify(canonicalizedData);
+        return serializedData;
+    }
+    catch (err) {
+        throw new errors_1.SignatureError(`failed to serialze data, ${err}`);
+    }
+}

package.json

 {
   "name": "@relaybox/rest",
-  "version": "1.8.0",
+  "version": "1.9.0",
   "description": "RelayBox REST Services SDK. Enables seemless integration between server-side applications and RelayBox's authentication and realtime services. It provides robust functionality for generating authentication tokens, publishing events, and interacting efficiently with RelayBox's suite of services.",
@@ -48,2 +48,3 @@ "keywords": [
   "dependencies": {
+    "json-canonicalize": "^1.0.6",
     "jsonwebtoken": "^9.0.2"
@@ -50,0 +51,0 @@ },

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

33419

increased by6.28%

Number of package files

31

increased by14.81%

Lines of code

601

increased by11.71%

Worsened metrics

Dependency count

2

increased by100%

Dependency changes

• + Addedjson-canonicalize@^1.0.6

• + Addedjson-canonicalize@1.0.6(transitive)