deed - npm Package Compare versions

Comparing version 0.0.4 to 0.0.5

index.js

		@@ -6,6 +6,6 @@

		var string_decoder = require('string_decoder')
		, crypto = require('crypto')
		, util = require('util')
		, stream = require('stream')
		var string_decoder = require("string_decoder")
		, crypto = require("crypto")
		, stream = require("stream")
		, util = require("util")
		;
		@@ -16,5 +16,5 @@
		stream.Transform.call(this)
		this.buf = 'sha1='
		this.buf = "sha1="
		this.sig = sig
		this.dec = new string_decoder.StringDecoder('hex')
		this.dec = new string_decoder.StringDecoder("hex")
		this._readableState.objectMode = true
		@@ -29,21 +29,21 @@ }
		Verify.prototype._flush = function () {
		this.push(this.buf === this.sig ? true : false)
		this.push(this.buf === this.sig)
		}

		function deed (secret, req, cb) {
		var xub = 'X-Hub-Signature'
		var xub = "X-Hub-Signature"
		, sig = req.headers[xub] \|\| req.headers[xub.toLowerCase()]
		;
		if (!sig) return cb(new Error('no ' + xub))
		var hmac = crypto.createHmac('sha1', secret)
		if (!sig) return cb(new Error("no " + xub))
		var hmac = crypto.createHmac("sha1", secret)
		, verify = new Verify(sig)
		;
		verify.once('readable', function () {
		verify.read() ? cb(null, req) : cb(new Error('unverified ' + xub))
		verify.once("readable", function () {
		verify.read() ? cb(null, req) : cb(new Error("unverified " + xub))
		})
		verify.once('error', cb)
		hmac.once('error', cb)
		req.once('error', cb)
		verify.once("error", cb)
		hmac.once("error", cb)
		req.once("error", cb)
		req.pipe(hmac).pipe(verify)
		return req
		}

package.json

		{
		"name": "deed",
		"version": "0.0.4",
		"version": "0.0.5",
		"description": "verify x-hub-signature",
		@@ -15,3 +15,6 @@ "main": "index.js",
		"verify",
		"x-hub-signature"
		"x-hub-signature",
		"github",
		"webhook",
		"pubsubhubbub"
		],
		@@ -18,0 +21,0 @@ "author": {

README.md


		# deed - verify x-hub-signature

		The deed [Node.js](http://nodejs.org/) module verifies [X-Hub-Signature](http://pubsubhubbub.googlecode.com/git/pubsubhubbub-core-0.3.html#authednotify) headers.
		The deed [Node.js](http://nodejs.org/) module verifies [X-Hub-Signature](http://pubsubhubbub.googlecode.com/git/pubsubhubbub-core-0.3.html#authednotify) headers which can be used to authorize `HTTP` requests like [GitHub webhooks](https://developer.github.com/v3/repos/hooks/) for example.

		@@ -20,3 +20,2 @@ [![Build Status](https://secure.travis-ci.org/michaelnisi/deed.svg)](http://travis-ci.org/michaelnisi/deed) [![David DM](https://david-dm.org/michaelnisi/deed.svg)](http://david-dm.org/michaelnisi/deed)
		}).listen(1337)

		```
		@@ -28,3 +27,3 @@

		The callback called when deed is done receives the request if all went well.
		The callback receives an error if verification failed otherwise the authorized request is passed.

		@@ -38,3 +37,3 @@ - `er` The error if an error occured or verification failed.

		The sole function exported by the deed module checks if the request body hashed with the secret matches the `X-Hub-Signature` header.
		The sole function exported by the deed module checks if the request body hashed with the secret matches the `X-Hub-Signature` header.

		@@ -41,0 +40,0 @@ - `secret` The key to hash the payload.

test/deed.js


		var crypto = require('crypto')
		, deed = require('../')
		, http = require('http')
		, test = require('tap').test
		var crypto = require("crypto")
		, deed = require("../")
		, http = require("http")
		, test = require("tap").test
		;

		var SECRET = 'secret'
		var SECRET = "secret"

		test('none', function (t) {
		test("none", function (t) {
		t.plan(3)
		var req = new http.IncomingMessage()
		deed(SECRET, req, function (er, req) {
		t.ok(er, 'should error')
		t.is(er.message, 'no X-Hub-Signature')
		t.ok(!req, 'should not pass request')
		t.ok(er, "should error")
		t.is(er.message, "no X-Hub-Signature")
		t.ok(!req, "should not pass request")
		t.end()
		@@ -23,7 +23,7 @@ })
		return {
		hostname: 'localhost'
		hostname: "localhost"
		, port: 1337
		, method: 'POST'
		, method: "POST"
		, headers: {
		'X-Hub-Signature': 'sha1=' + sig
		"X-Hub-Signature": "sha1=" + sig
		}
		@@ -33,9 +33,9 @@ }

		test('unverified', function (t) {
		test("unverified", function (t) {
		t.plan(4)
		var server = http.createServer(function (req, res) {
		deed(SECRET, req, function (er, req) {
		t.ok(er, 'should error')
		t.ok(!req, 'should not pass request')
		t.is(er.message, 'unverified X-Hub-Signature')
		t.ok(er, "should error")
		t.ok(!req, "should not pass request")
		t.is(er.message, "unverified X-Hub-Signature")
		res.end()
		@@ -46,6 +46,6 @@ })

		var req = http.request(opts('hello'), function (res) {
		res.on('end', function () {
		var req = http.request(opts("hello"), function (res) {
		res.on("end", function () {
		server.close(function (er) {
		t.error(er, 'should not error')
		t.error(er, "should not error")
		t.end()
		@@ -60,13 +60,13 @@ })
		function sig (body) {
		var hmac = crypto.createHmac('sha1', SECRET)
		var hmac = crypto.createHmac("sha1", SECRET)
		hmac.update(body)
		return hmac.digest('hex')
		return hmac.digest("hex")
		}

		test('verified', function (t) {
		test("verified", function (t) {
		t.plan(3)
		var server = http.createServer(function (req, res) {
		deed(SECRET, req, function (er, req) {
		t.error(er, 'should not error')
		t.ok(req, 'should pass request')
		t.error(er, "should not error")
		t.ok(req, "should pass request")
		res.end()
		@@ -77,8 +77,8 @@ })

		var body = 'this is the body'
		var body = "this is the body"

		var req = http.request(opts(sig(body)), function (res) {
		res.on('end', function () {
		res.on("end", function () {
		server.close(function (er) {
		t.error(er, 'should not error')
		t.error(er, "should not error")
		t.end()
		@@ -85,0 +85,0 @@ })

deed - npm Package Compare versions

New alerts

Fixed alerts

Improved metrics

Worsened metrics