aws-signature-v4
Advanced tools
aws-signature-v4 - npm Package Compare versions
Comparing version 1.1.1 to 1.2.0
@@ -79,2 +79,3 @@ /* eslint-env node */ | ||
| options.secret = options.secret || process.env.AWS_SECRET_ACCESS_KEY; | ||
| options.sessionToken = options.sessionToken || process.env.AWS_SESSION_TOKEN; | ||
| options.protocol = options.protocol || 'https'; | ||
@@ -96,2 +97,5 @@ options.headers = options.headers || {}; | ||
| query['X-Amz-SignedHeaders'] = exports.createSignedHeaders(options.headers); | ||
| if (options.sessionToken) { | ||
| query['X-Amz-Security-Token'] = options.sessionToken; | ||
| } | ||
@@ -98,0 +102,0 @@ var canonicalRequest = exports.createCanonicalRequest(method, path, query, options.headers, payload); |
| { | ||
| "name": "aws-signature-v4", | ||
| "version": "1.1.1", | ||
| "version": "1.2.0", | ||
| "description": "Generate AWS V4 Signatures and Signed URLs", | ||
@@ -10,9 +10,14 @@ "main": "index.js", | ||
| "repository": "department-stockholm/aws-signature-v4", | ||
| "keywords": ["aws", "signature", "signed", "url", "v4"], | ||
| "keywords": [ | ||
| "aws", | ||
| "signature", | ||
| "signed", | ||
| "url", | ||
| "v4" | ||
| ], | ||
| "author": "Robert Sköld <robert@department.se>", | ||
| "license": "MIT", | ||
| "devDependencies": { | ||
| "mocha": "^2.2.5", | ||
| "release": "^3.1.4" | ||
| "mocha": "^2.2.5" | ||
| } | ||
| } |
@@ -1,3 +0,2 @@ | ||
| AWS Signature V4 | ||
| ================ | ||
| # AWS Signature V4 | ||
@@ -44,3 +43,2 @@ Generating the "new" AWS V4 signatures can be a bit of a pain. | ||
| # API | ||
@@ -52,8 +50,8 @@ | ||
| - `AWS_ACCESS_KEY_ID` | ||
| - `AWS_SECRET_ACCESS_KEY` | ||
| - `AWS_REGION` | ||
| - `AWS_S3_BUCKET` (not really official, but useful) | ||
| * `AWS_ACCESS_KEY_ID` | ||
| * `AWS_SECRET_ACCESS_KEY` | ||
| * `AWS_REGION` | ||
| * `AWS_SESSION_TOKEN` | ||
| * `AWS_S3_BUCKET` (not really official, but useful) | ||
| ## Public API | ||
@@ -67,4 +65,4 @@ | ||
| - `method` (defaults to `"GET"`) | ||
| - `bucket` (defaults to `process.env.AWS_S3_BUCKET`) | ||
| * `method` (defaults to `"GET"`) | ||
| * `bucket` (defaults to `process.env.AWS_S3_BUCKET`) | ||
@@ -75,11 +73,12 @@ ### createPresignedURL(method, host, path, service, payload[, options]) | ||
| - `key` (defaults to `process.env.AWS_ACCESS_KEY_ID`) | ||
| - `secret` (defaults to `process.env.AWS_SECRET_ACCESS_KEY`) | ||
| - `protocol` (defaults to `"https"`) | ||
| - `headers` (defaults to `{}`) | ||
| - `timestamp` (defaults to `Date.now()`) | ||
| - `region` (defaults to `process.env.AWS_REGION || "us-east-1"`) | ||
| - `expires` (defaults to `86400`, or 24 hours) | ||
| - `headers` (defaults to `{}`) | ||
| - `query` Optional query parameters attached to the AWS API call (defaults to none) | ||
| * `key` (defaults to `process.env.AWS_ACCESS_KEY_ID`) | ||
| * `secret` (defaults to `process.env.AWS_SECRET_ACCESS_KEY`) | ||
| * `sessionToken` (defaults to `process.env.AWS_SESSION_TOKEN`) | ||
| * `protocol` (defaults to `"https"`) | ||
| * `headers` (defaults to `{}`) | ||
| * `timestamp` (defaults to `Date.now()`) | ||
| * `region` (defaults to `process.env.AWS_REGION || "us-east-1"`) | ||
| * `expires` (defaults to `86400`, or 24 hours) | ||
| * `headers` (defaults to `{}`) | ||
| * `query` Optional query parameters attached to the AWS API call (defaults to none) | ||
@@ -116,4 +115,3 @@ ## Internal API (but still available) | ||
| [sign-query-docs]: http://docs.aws.amazon.com/AmazonS3/latest/API/sigv4-query-string-auth.html | ||
| [s3-component]: https://github.com/component/s3/tree/0.3.x |
12
test.js
@@ -11,2 +11,3 @@ /* eslint-env node, mocha */ | ||
| var secretKey = 'wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY'; | ||
| var sessionToken = 'EXAMPLESESSION'; | ||
| var exampleTime = Date.parse('Fri, 24 May 2013 00:00:00 GMT'); | ||
@@ -79,2 +80,13 @@ var canonicalRequest = aws.createCanonicalRequest('GET', '/test.txt', { | ||
| }); | ||
| it('should generate a presigned url with security token', function() { | ||
| var presignedUrlWithSecurityToken = aws.createPresignedS3URL('test.txt', { | ||
| key: accessKey, | ||
| secret: secretKey, | ||
| bucket: 'examplebucket', | ||
| timestamp: exampleTime, | ||
| sessionToken: sessionToken, | ||
| }); | ||
| assert.equal(presignedUrlWithSecurityToken, 'https://examplebucket.s3.amazonaws.com/test.txt?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAIOSFODNN7EXAMPLE%2F20130524%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20130524T000000Z&X-Amz-Expires=86400&X-Amz-SignedHeaders=host&X-Amz-Security-Token=EXAMPLESESSION&X-Amz-Signature=12abb65becb4cfbac48bfdd9eb3178408ff6fd7f470505f4baf3dcad7088253f'); | ||
| }); | ||
| }); |
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
New alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Environment variable access
Supply chain riskPackage accesses environment variables, which may be a sign of credential stuffing or data theft.
Found 1 instance in 1 package
Fixed alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Improved metrics
- Dev dependency count
- decreased by-50%
1
- Lines of code
- increased by9.04%
193
Worsened metrics
- Total package byte prevSize
- decreased by-72.85%
17430
- Number of lines in readme file
- decreased by-1.74%
113
- Number of low supply chain risk alerts
- increased by20%
6