calamarble-xhub - npm Package Compare versions

Comparing version 0.4.1 to 0.4.2

package.json

 {
   "name": "calamarble-xhub",
   "description": "xhub signature verification for POST requests from facebook",
-  "version": "0.4.1",
+  "version": "0.4.2",
   "main": "./src/index.js",
@@ -6,0 +6,0 @@ "scripts": {

src/index.js

@@ -28,3 +28,6 @@ 'use strict';
 
-const signature = (algo, secret, msg) => _crypto2.default.createHmac(algo, secret).update(msg).digest('hex');
+const verifySignature = (algo, secret, providedSignature, msg) => {
+    const signature = _crypto2.default.createHmac(algo, secret).update(msg).digest('hex');
+    return (0, _tsscmp2.default)(signature, providedSignature);
+};
 
@@ -36,7 +39,7 @@ const apiEndpoint = userConfig => (req, res) => {
     const xHubSignature = headers['X-Hub-Signature'] || headers['x-hub-signature'];
-    const serverSignature = signature(config.xHubAlgo, config.xHubSecret, rawBody);
-    const signatureMatches = (0, _tsscmp2.default)(xHubSignature.split('=')[1], serverSignature);
-    console.log('serverSignature:', serverSignature);
-    console.log('X-Hub-Signature', xHubSignature);
-    console.log('rawBody', rawBody);
+    const headerSignature = xHubSignature.split('=')[1];
+    const signatureMatches = verifySignature(config.xHubAlgo, config.xHubSecret, headerSignature, rawBody);
+    // console.log('serverSignature:', serverSignature);
+    // console.log('X-Hub-Signature', xHubSignature);
+    // console.log('rawBody', rawBody);
     if (!signatureMatches) {
@@ -43,0 +46,0 @@ console.error(config.messages.wrongSignature);

No alert changes

Improved metrics

Total package byte prevSize

7473

increased by1.47%

Lines of code

52

increased by6.12%

No dependency changes