New Case Study:See how Anthropic automated 95% of dependency reviews with Socket.Learn More
Socket
Sign inDemoInstall
Socket
Sign inDemoInstall

cloudfront-signer

Package Overview
Dependencies
Maintainers
1
Versions
5
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

cloudfront-signer - npm Package Compare versions

Comparing version 4.0.0 to 4.1.0

.travis.yml

9

index.js

@@ -40,10 +40,9 @@ const crypto = require('crypto');

return custom ? QS({
'Expires': time,
'Key-Pair-Id': keypairId,
'Policy': normalizeBase64(Buffer.from(policyStr).toString('base64')),
'Signature': normalizeBase64(signature),
'Key-Pair-Id': keypairId
'Signature': normalizeBase64(signature)
}) : QS({
'Expires': time,
'Signature': normalizeBase64(signature),
'Key-Pair-Id': keypairId
'Key-Pair-Id': keypairId,
'Signature': normalizeBase64(signature)
});

@@ -50,0 +49,0 @@ };

16

package.json
{
"name": "cloudfront-signer",
"version": "4.0.0",
"version": "4.1.0",
"description": "Sign urls for AWS CloudFront",
"main": "index.js",
"dependencies": {},
"devDependencies": {},
"scripts": {
"test": "node test/"
},
"repository": {

@@ -26,3 +21,10 @@ "type": "git",

},
"homepage": "https://github.com/caub/cloudfront-signer#readme"
"homepage": "https://github.com/caub/cloudfront-signer#readme",
"scripts": {
"test": "node test/"
},
"dependencies": {},
"devDependencies": {
"aws-sdk": "^2.95.0"
}
}

6

README.md

@@ -1,5 +0,7 @@

## CloudFront Signer
## CloudFront Signer [![Build Status](https://travis-ci.org/caub/cloudfront-signer.svg?branch=master)](https://travis-ci.org/caub/cloudfront-signer)
Sign urls with [canned or custom policy](http://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/private-content-signed-urls.html)
**Notice**: Use aws-sdk library rather, this one was done before I knew about it, and inspired from aws-cloudfront-sign
```js

@@ -21,4 +23,4 @@ // canned:

const qs = cfSign('http://xyz.cloudfront.net/test/*', expire, cfKeypairId, cfPrivateKey)
// valid for 'http://xyz.cloudfront.net/test/test/bar' + qs
// valid for 'http://xyz.cloudfront.net/test/test/bar?' + qs
// valid for 'http://xyz.cloudfront.net/test/test/cool?fun=1&' + qs
```

49

test/index.js

@@ -0,1 +1,3 @@

const AWS = require('aws-sdk');
const cfUrl = 'https://d123.cloudfront.net';

@@ -30,20 +32,49 @@ const cfKeypairId = '__cfKeypairId__';

-----END RSA PRIVATE KEY-----
`;
`; // dummy pem
const signer = new AWS.CloudFront.Signer(cfKeypairId, cfPrivateKey);
const assert = require('assert');
const cfSign = require('../');
const urlParse = require('url').parse;
const qsParse = require('querystring').parse;
var d = new Date(2017, 4, 20)/1000;
var d = Math.floor(new Date(2017, 4, 20)/1000);
assert.equal(
cfSign(cfUrl+'/test', d, cfKeypairId, cfPrivateKey),
'Expires=1495231200&Signature=rj5SS8iD8NlINEp2OfSA7kG433lAveUf8EgTzkxtJAU~gbB1QpYIuxA6XrIebHJKYkcgYZ03QsDpn7582VJ3E~Y6Z43KdpuBob505wopvmEsCs1aFo323NnziiLesYJMvsaDRYj~kJndoS7pPRCo1VUFbOoTbOquhrHWh57zWUPsaR62AMYQ5Vhf66Uo340a71~zur-D2ez9cDzL3VGF7kD8IoYFsbC9b3~B6aJn3UxSqDBeQZdHaVsyfpV3-eHKOnbjtJPtMj-1wyds28jDiUxfSk~utwLz4z7v~KHD8YqWgX9GwM2K24AFGmJbcfsqzr5DDdgqG69UjmsWSZLvJA__&Key-Pair-Id=__cfKeypairId__'
assert.deepEqual(
qsParse(cfSign(cfUrl+'/test', d, cfKeypairId, cfPrivateKey)),
urlParse(signer.getSignedUrl({url:cfUrl+'/test', expires:d}), true).query
);
const policy = JSON.stringify({
'Statement': [{
'Resource': cfUrl+'/*',
'Condition': {
'DateLessThan': {
'AWS:EpochTime': d
}
}
}]
});
assert.equal(
cfSign(cfUrl+'/*', d, cfKeypairId, cfPrivateKey, true),
'Expires=1495231200&Policy=eyJTdGF0ZW1lbnQiOlt7IlJlc291cmNlIjoiaHR0cHM6Ly9kMTIzLmNsb3VkZnJvbnQubmV0LyoiLCJDb25kaXRpb24iOnsiRGF0ZUxlc3NUaGFuIjp7IkFXUzpFcG9jaFRpbWUiOjE0OTUyMzEyMDB9fX1dfQ__&Signature=VSBpF5uZ5ok6BZ7lnGjVSqPLpRcN1fDx2ntLEeXCtUXxvN3uw7Bzf5dzU2JaHenJAz2MbxeTMuZ6zQOWUhPSGz4kFX1CH-jPgwpk~-S1fMrnohZ~mlhL91429jHp5~rNeHcVSYysHIJLlvYsjm3QFsaLtHf7ld2ZmlQIMOBQa0GrQN9MZZabfxU-NAXWXMkdOdEUnv9YktQmjO74dNyJTIc38-bjLX1~NE-rDzwy3Y9~naa98Jbi54nOGl-u6po1Yt0SfOkDpA4~ut5G~oZA-AwEVxSdOL7FSRluckRA7ioyC8BXfPts4LcJSRSEnbduG3oxlyJm8mK4pZAjLdV5sw__&Key-Pair-Id=__cfKeypairId__'
assert.deepEqual(
qsParse(cfSign(cfUrl+'/*', d, cfKeypairId, cfPrivateKey, true)),
urlParse(signer.getSignedUrl({url:cfUrl+'/wat/foo', policy}), true).query
);
console.time(1);
for (let i=0; i<1e3; i++) {
const url = cfUrl+'/test_'+i+'?v=8978';
const surl =url + '&'+ cfSign(url, d, cfKeypairId, cfPrivateKey);
}
console.timeEnd(1);
console.time(2);
for (let i=0; i<1e3; i++) {
const url = cfUrl+'/test_'+i+'?v=8978';
const surl = signer.getSignedUrl({url:url, expires:d});
}
console.timeEnd(2);
.npmignore

Sorry, the diff of this file is not supported yet

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

About

Packages

npm

Go

Maven

PyPI

Rubygems

Stay in touch

Get open source security insights delivered straight into your inbox.

  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc