ember-http-hmac
Advanced tools
Provides an Ember wrapper around Acquia's http-hmac-javascript library.
This addon provides an Ember integration for working with version 2.0 of the HTTP HMAC Specification. It wraps the http-hmac-javascript library and exposes signing capabilites both as a mixin for ember-data adapters and for signing individual ember-ajax requests.
In order to generate the authorization headers the http-hmac-javascript library needs to know the realm, public key, and secret key to use. These values can be set either in the config/environment.js file or directly on the request-signer service. Optionally, you can configure a list of headers that need to be included in the signature. This is an array of header names that will be included if present in the request.
The values can be set in the environment configuration by adding a section to your variables:
module.exports = function(environment) {
'ember-http-hmac': {
realm: 'your-realm',
publicKey: 'enter-your-public-key-here',
secretKey: 'enter-your-secret-key-here',
signedHeaders: ['header-name-1', 'header-name-2']
}
};
The same variables exist on the request-signer servive provided by ember-http-hmac. Here is an example of setting the values within a component:
export default Ember.Component.extend({
requestSigner: Ember.inject.service();
init() {
this._super(...arguments);
let signer = this.get('requestSigner');
signer.set('realm', 'your-realm');
signer.set('publicKey', 'enter-your-public-key-here');
signer.set('secretKey', 'enter-your-secret-key-here');
signer.set('signedHeader', ['header-name-1', 'header-name-2']);
}
});
This addon provides a mixin that can be used on any ember-data adapter. Adding this mixin will automatically sign all requests made through the adapter using the configured realm and keys. Using this mixin in your application adapter will add authentication to all ember-data requests by default.
import DS from 'ember-data';
import HmacAdapterMixin from 'ember-http-hmac/mixins/hmac-adapter-mixin';
export default DS.RESTAdapter.extend(HmacAdapterMixin);
This addon also provides a service that provides automatic signing to individual AJAX requests. The service extends the ember-ajax Ajax service. To use, include the signed-ajax service and then use as you would the standard ajax service. For example:
import Ember from 'ember';
export default Ember.Route.extend({
signedAjax: Ember.inject.service(),
model: {
return this.get('signedAjax').request('/myendpoint');
}
});
The basic signing functionality used by both the signed-ajax service and the hmac-adapter-mixin is available directly as the request-signer service to use as needed.
This addon can be installed via standard ember addon installation procedures:
ember install ember-http-hmacgit clone this repositorynpm installbower installember servenpm test (Runs ember try:each to test your addon against multiple Ember versions)ember testember test --serverember buildFor more information on using ember-cli, visit https://ember-cli.com/.
FAQs
Provides an Ember wrapper around Acquia's http-hmac-javascript library.
We found that ember-http-hmac demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 5 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
The Socket Research Team has discovered six new malicious npm packages linked to North Korea’s Lazarus Group, designed to steal credentials and deploy backdoors.
Security News
Socket CEO Feross Aboukhadijeh discusses the open web, open source security, and how Socket tackles software supply chain attacks on The Pair Program podcast.
Security News
Opengrep continues building momentum with the alpha release of its Playground tool, demonstrating the project's rapid evolution just two months after its initial launch.