authy-client - npm Package Compare versions

Comparing version 1.0.3 to 1.0.4

dist/package.json

 {
   "name": "authy-client",
-  "version": "1.0.3",
+  "version": "1.0.4",
   "description": "A complete Authy client with support for TOTP, OneTouch, Phone Verification and Phone Intelligence APIs",
@@ -5,0 +5,0 @@ "keywords": [

dist/src/asserts/signature-assert.js

@@ -64,3 +64,6 @@ 'use strict';
     const url = (0, _url.parse)(`${ protocol }://${ host }${ path }`, true);
-    const encoded = qs.stringify(body, { sort: (a, b) => a.localeCompare(b) });
+
+    // Stringify body using sorted keys and encoding spaces as "+" instead of "%20".
+    const encoded = qs.stringify(body, { sort: (a, b) => a.localeCompare(b) }).replace(/%20/g, '+');
+
     const data = `${ nonce }|${ method }|${ url.protocol }//${ url.host }${ url.pathname }|${ encoded }`;
@@ -67,0 +70,0 @@ const signature = (0, _crypto.createHmac)('sha256', this.key).update(data).digest('base64');

dist/test/asserts/signature-assert_test.js

@@ -111,2 +111,26 @@ 'use strict';
   });
+
+  it('should encode spaces as + instead of %20', () => {
+    new Assert().Signature({
+      key: 'foo',
+      request: {
+        body: {
+          qux: 'net',
+          foo: {
+            bar: {
+              biz: 'foo bar'
+            }
+          }
+        },
+        headers: {
+          host: 'foo.bar',
+          'x-authy-signature': '+fyGys+d5yNJx9SpeKZdf+N77od1t1cC/fVSWDW2+kY=',
+          'x-authy-signature-nonce': 1455825429
+        },
+        method: 'POST',
+        protocol: 'https',
+        url: '/'
+      }
+    }).validate('+fyGys+d5yNJx9SpeKZdf+N77od1t1cC/fVSWDW2+kY=');
+  });
 });

package.json

 {
   "name": "authy-client",
-  "version": "1.0.3",
+  "version": "1.0.4",
   "description": "A complete Authy client with support for TOTP, OneTouch, Phone Verification and Phone Intelligence APIs",
@@ -5,0 +5,0 @@ "keywords": [

src/asserts/signature-assert.js

@@ -38,3 +38,6 @@
     const url = parse(`${protocol}://${host}${path}`, true);
-    const encoded = qs.stringify(body, { sort: (a, b) => a.localeCompare(b) });
+
+    // Stringify body using sorted keys and encoding spaces as "+" instead of "%20".
+    const encoded = qs.stringify(body, { sort: (a, b) => a.localeCompare(b) }).replace(/%20/g, '+');
+
     const data = `${nonce}|${method}|${url.protocol}//${url.host}${url.pathname}|${encoded}`;
@@ -41,0 +44,0 @@ const signature = createHmac('sha256', this.key).update(data).digest('base64');

test/asserts/signature-assert_test.js

@@ -102,2 +102,26 @@
   });
+
+  it('should encode spaces as + instead of %20', () => {
+    new Assert().Signature({
+      key: 'foo',
+      request: {
+        body: {
+          qux: 'net',
+          foo: {
+            bar: {
+              biz: 'foo bar'
+            }
+          }
+        },
+        headers: {
+          host: 'foo.bar',
+          'x-authy-signature': '+fyGys+d5yNJx9SpeKZdf+N77od1t1cC/fVSWDW2+kY=',
+          'x-authy-signature-nonce': 1455825429
+        },
+        method: 'POST',
+        protocol: 'https',
+        url: '/'
+      }
+    }).validate('+fyGys+d5yNJx9SpeKZdf+N77od1t1cC/fVSWDW2+kY=');
+  });
 });

No alert changes

Improved metrics

Total package byte prevSize

415883

increased by0.34%

Lines of code

10021

increased by0.48%

No dependency changes