hawk - npm Package Compare versions

29

example/usage.js

		@@ -39,3 +39,3 @@ // Load modules
		'Content-Type': 'text/plain',
		'Server-Authorization': Hawk.server.header(artifacts, { payload: payload, contentType: 'text/plain' })
		'Server-Authorization': Hawk.server.header(credentials, artifacts, { payload: payload, contentType: 'text/plain' })
		};
		@@ -61,19 +61,20 @@

		var header = Hawk.client.header('http://127.0.0.1:8000/resource/1?b=1&a=2', 'GET', { credentials: internals.credentials.dh37fgj492je, ext: 'and welcome!' });
		var options = {
		uri: 'http://127.0.0.1:8000/resource/1?b=1&a=2',
		method: 'GET',
		headers: {
		authorization: header.field
		}
		};
		credentialsFunc('dh37fgj492je', function (err, credentials) {

		var header = Hawk.client.header('http://127.0.0.1:8000/resource/1?b=1&a=2', 'GET', { credentials: credentials, ext: 'and welcome!' });
		var options = {
		uri: 'http://127.0.0.1:8000/resource/1?b=1&a=2',
		method: 'GET',
		headers: {
		authorization: header.field
		}
		};

		Request(options, function (error, response, body) {
		Request(options, function (error, response, body) {

		var isValid = Hawk.client.authenticate(response, header.artifacts, { payload: body });
		console.log(response.statusCode + ': ' + body + (isValid ? ' (valid)' : ' (invalid)'));
		process.exit(0);
		var isValid = Hawk.client.authenticate(response, credentials, header.artifacts, { payload: body });
		console.log(response.statusCode + ': ' + body + (isValid ? ' (valid)' : ' (invalid)'));
		process.exit(0);
		});
		});

11

lib/client.js

		@@ -89,3 +89,2 @@ // Load modules
		var artifacts = {
		credentials: credentials,
		ts: timestamp,
		@@ -113,3 +112,3 @@ nonce: options.nonce \|\| Cryptiles.randomString(6),

		var mac = Crypto.calculateMac('header', artifacts);
		var mac = Crypto.calculateMac('header', credentials, artifacts);

		@@ -148,3 +147,3 @@ // Construct header

		exports.authenticate = function (res, artifacts, options) {
		exports.authenticate = function (res, credentials, artifacts, options) {

		@@ -164,3 +163,3 @@ artifacts = Hoek.clone(artifacts);
		if (attributes.ts) {
		var tsm = Crypto.calculateTsMac(attributes.ts, artifacts.credentials);
		var tsm = Crypto.calculateTsMac(attributes.ts, credentials);
		if (!Cryptiles.fixedTimeComparison(tsm, attributes.tsm)) {
		@@ -188,3 +187,3 @@ return false;

		var mac = Crypto.calculateMac('response', artifacts);
		var mac = Crypto.calculateMac('response', credentials, artifacts);
		if (!Cryptiles.fixedTimeComparison(mac, attributes.mac)) {
		@@ -202,5 +201,5 @@ return false;

		var calculatedHash = Crypto.calculateHash(options.payload, artifacts.credentials.algorithm, res.headers['content-type']);
		var calculatedHash = Crypto.calculateHash(options.payload, credentials.algorithm, res.headers['content-type']);
		return Cryptiles.fixedTimeComparison(calculatedHash, attributes.hash);
		};

14

lib/crypto.js

		@@ -26,8 +26,8 @@ // Load modules
		/*
		type: 'header' // 'header', 'bewit', 'response'
		type: 'header', // 'header', 'bewit', 'response'
		credentials: {
		key: 'aoijedoaijsdlaksjdl',
		algorithm: 'sha256' // 'sha1', 'sha256'
		},
		options: {
		credentials: {
		key: 'aoijedoaijsdlaksjdl',
		algorithm: 'sha256' // 'sha1', 'sha256'
		},
		method: 'GET',
		@@ -46,7 +46,7 @@ resource: '/resource?a=1&b=2',

		exports.calculateMac = function (type, options) {
		exports.calculateMac = function (type, credentials, options) {

		var normalized = exports.generateNormalizedString(type, options);

		var hmac = Crypto.createHmac(options.credentials.algorithm, options.credentials.key).update(normalized);
		var hmac = Crypto.createHmac(credentials.algorithm, credentials.key).update(normalized);
		var digest = hmac.digest('base64');
		@@ -53,0 +53,0 @@ return digest;

18

lib/server.js

		@@ -138,4 +138,2 @@ // Load modules

		artifacts.credentials = credentials;

		if (err) {
		@@ -161,3 +159,3 @@ return callback(err, credentials \|\| null, artifacts);

		var mac = Crypto.calculateMac('header', artifacts);
		var mac = Crypto.calculateMac('header', credentials, artifacts);
		if (!Cryptiles.fixedTimeComparison(mac, attributes.mac)) {
		@@ -211,10 +209,10 @@ return callback(Boom.unauthorized('Bad mac', 'Hawk'), credentials, artifacts);
		credentials: from authenticate callback
		hash: from authenticate callback (artifacts.hash)
		artifacts: from authenticate callback
		contentType: req.headers['content-type']
		*/

		exports.authenticatePayload = function (payload, credentials, hash, contentType) {
		exports.authenticatePayload = function (payload, credentials, artifacts, contentType) {

		var calculatedHash = Crypto.calculateHash(payload, credentials.algorithm, contentType);
		return Cryptiles.fixedTimeComparison(calculatedHash, hash);
		return Cryptiles.fixedTimeComparison(calculatedHash, artifacts.hash);
		};
		@@ -226,3 +224,4 @@
		/*
		artifacts: {} // Object received from authenticate(); 'mac', 'hash', and 'ext' - ignored
		credentials: {}, // Object received from authenticate()
		artifacts: {} // Object received from authenticate(); 'mac', 'hash', and 'ext' - ignored
		options: {
		@@ -236,3 +235,3 @@ ext: 'application-specific', // Application specific data sent via the ext attribute

		exports.header = function (artifacts, options) {
		exports.header = function (credentials, artifacts, options) {

		@@ -257,3 +256,2 @@ // Prepare inputs

		var credentials = artifacts.credentials;
		if (!credentials \|\|
		@@ -279,3 +277,3 @@ !credentials.key \|\|

		var mac = Crypto.calculateMac('response', artifacts);
		var mac = Crypto.calculateMac('response', credentials, artifacts);

		@@ -282,0 +280,0 @@ // Construct header

6

lib/uri.js

		@@ -130,4 +130,3 @@ // Load modules

		var mac = Crypto.calculateMac('bewit', {
		credentials: credentials,
		var mac = Crypto.calculateMac('bewit', credentials, {
		ts: bewit.exp,
		@@ -222,4 +221,3 @@ nonce: '',
		var exp = Math.floor(now / 1000) + options.ttlSec;
		var mac = Crypto.calculateMac('bewit', {
		credentials: credentials,
		var mac = Crypto.calculateMac('bewit', credentials, {
		ts: exp,
		@@ -226,0 +224,0 @@ nonce: '',

0

lib/utils.js

@@ -0,0 +0,0 @@ // Load modules

2

package.json

		{
		"name": "hawk",
		"description": "HTTP Hawk Authentication Scheme",
		"version": "0.10.2",
		"version": "0.11.0",
		"author": "Eran Hammer <eran@hueniverse.com> (http://hueniverse.com)",
		@@ -6,0 +6,0 @@ "contributors": [],

8

README.md

		@@ -6,3 +6,3 @@ ![hawk Logo](https://raw.github.com/hueniverse/hawk/master/images/hawk.png)

		Current version: 0.10.1
		Current version: 0.11.0

		@@ -133,3 +133,3 @@ [![Build Status](https://secure.travis-ci.org/hueniverse/hawk.png)](http://travis-ci.org/hueniverse/hawk)

		var header = Hawk.server.header(artifacts, { payload: payload, contentType: headers['Content-Type'] });
		var header = Hawk.server.header(credentials, artifacts, { payload: payload, contentType: headers['Content-Type'] });
		headers['Server-Authorization'] = header;
		@@ -183,3 +183,3 @@

		var isValid = Hawk.client.authenticate(response, header.artifacts, { payload: body });
		var isValid = Hawk.client.authenticate(response, credentials, header.artifacts, { payload: body });

		@@ -597,3 +597,3 @@ // Output results
		Hawk provides a simple HTTP authentication scheme for making client-server requests. It does not address the OAuth use case
		of delegating access to a third party. If you are looking for an OAuth alternative, check out [Oz](/hueniverse/oz).
		of delegating access to a third party. If you are looking for an OAuth alternative, check out [Oz](https://github.com/hueniverse/oz).

		@@ -600,0 +600,0 @@

46

test/client.js

		@@ -135,13 +135,13 @@ // Load modules
		mac: 'BlmSe8K+pbKIb6YsZCnt4E1GrYvY1AaYayNR82dGpIk=',
		id: '123456'
		};

		var credentials = {
		id: '123456',
		credentials:
		{
		id: '123456',
		key: 'werxhqb98rpaxn39848xrunpaw3489ruxnpa98w4rxn',
		algorithm: 'sha256',
		user: 'steve'
		}
		key: 'werxhqb98rpaxn39848xrunpaw3489ruxnpa98w4rxn',
		algorithm: 'sha256',
		user: 'steve'
		};

		expect(Hawk.client.authenticate(res, artifacts)).to.equal(false);
		expect(Hawk.client.authenticate(res, credentials, artifacts)).to.equal(false);
		done();
		@@ -171,13 +171,13 @@ });
		mac: 'BlmSe8K+pbKIb6YsZCnt4E1GrYvY1AaYayNR82dGpIk=',
		id: '123456'
		};

		var credentials = {
		id: '123456',
		credentials:
		{
		id: '123456',
		key: 'werxhqb98rpaxn39848xrunpaw3489ruxnpa98w4rxn',
		algorithm: 'sha256',
		user: 'steve'
		}
		key: 'werxhqb98rpaxn39848xrunpaw3489ruxnpa98w4rxn',
		algorithm: 'sha256',
		user: 'steve'
		};

		expect(Hawk.client.authenticate(res, artifacts)).to.equal(true);
		expect(Hawk.client.authenticate(res, credentials, artifacts)).to.equal(true);
		done();
		@@ -195,13 +195,11 @@ });

		var artifacts = {
		credentials: {
		id: '123456',
		key: 'werxhqb98rpaxn39848xrunpaw3489ruxnpa98w4rxn',
		algorithm: 'sha256',
		user: 'steve'
		}
		var credentials = {
		id: '123456',
		key: 'werxhqb98rpaxn39848xrunpaw3489ruxnpa98w4rxn',
		algorithm: 'sha256',
		user: 'steve'
		};

		var header = 'Hawk ts="1362346425875", tsm="hwayS28vtnn3qbv0mqRBYSXebN/zggEtucfeZ620Zo=", error="Stale timestamp"';
		expect(Hawk.client.authenticate({ headers: { 'www-authenticate': header } }, artifacts)).to.equal(false);
		expect(Hawk.client.authenticate({ headers: { 'www-authenticate': header } }, credentials)).to.equal(false);
		done();
		@@ -208,0 +206,0 @@ });

0

test/crypto.js

@@ -0,0 +0,0 @@ // Load modules

22

test/index.js

		@@ -83,3 +83,3 @@ // Load modules
		expect(artifacts.ext).to.equal('some-app-data');
		expect(Hawk.server.authenticatePayload(payload, credentials, artifacts.hash, req.headers['content-type'])).to.equal(true);
		expect(Hawk.server.authenticatePayload(payload, credentials, artifacts, req.headers['content-type'])).to.equal(true);

		@@ -92,6 +92,6 @@ var res = {

		res.headers['server-authorization'] = Hawk.server.header(artifacts, { payload: 'some reply', contentType: 'text/plain', ext: 'response-specific' });
		res.headers['server-authorization'] = Hawk.server.header(credentials, artifacts, { payload: 'some reply', contentType: 'text/plain', ext: 'response-specific' });
		expect(res.headers['server-authorization']).to.exist;

		expect(Hawk.client.authenticate(res, artifacts, { payload: 'some reply' })).to.equal(true);
		expect(Hawk.client.authenticate(res, credentials, artifacts, { payload: 'some reply' })).to.equal(true);
		done();
		@@ -125,3 +125,3 @@ });
		expect(artifacts.ext).to.equal('some-app-data');
		expect(Hawk.server.authenticatePayload(payload, credentials, artifacts.hash, req.headers['content-type'])).to.equal(true);
		expect(Hawk.server.authenticatePayload(payload, credentials, artifacts, req.headers['content-type'])).to.equal(true);

		@@ -134,6 +134,6 @@ var res = {

		res.headers['server-authorization'] = Hawk.server.header(artifacts);
		res.headers['server-authorization'] = Hawk.server.header(credentials, artifacts);
		expect(res.headers['server-authorization']).to.exist;

		expect(Hawk.client.authenticate(res, artifacts)).to.equal(true);
		expect(Hawk.client.authenticate(res, credentials, artifacts)).to.equal(true);
		done();
		@@ -167,3 +167,3 @@ });
		expect(artifacts.ext).to.equal('some-app-data');
		expect(Hawk.server.authenticatePayload(payload, credentials, artifacts.hash, req.headers['content-type'])).to.equal(true);
		expect(Hawk.server.authenticatePayload(payload, credentials, artifacts, req.headers['content-type'])).to.equal(true);

		@@ -176,6 +176,6 @@ var res = {

		res.headers['server-authorization'] = Hawk.server.header(artifacts);
		res.headers['server-authorization'] = Hawk.server.header(credentials, artifacts);
		expect(res.headers['server-authorization']).to.exist;

		expect(Hawk.client.authenticate(res, artifacts, { payload: 'some reply' })).to.equal(false);
		expect(Hawk.client.authenticate(res, credentials, artifacts, { payload: 'some reply' })).to.equal(false);
		done();
		@@ -225,4 +225,4 @@ });
		expect(artifacts.ext).to.equal('some-app-data');
		expect(Hawk.server.authenticatePayload('hola!', credentials, artifacts.hash)).to.be.true;
		expect(Hawk.server.authenticatePayload('hello!', credentials, artifacts.hash)).to.be.false;
		expect(Hawk.server.authenticatePayload('hola!', credentials, artifacts)).to.be.true;
		expect(Hawk.server.authenticatePayload('hello!', credentials, artifacts)).to.be.false;
		done();
		@@ -229,0 +229,0 @@ });

0

test/readme.js

@@ -0,0 +0,0 @@ // Load modules

30

test/server.js

		@@ -137,3 +137,3 @@ // Load modules

		expect(Hawk.client.authenticate(res, artifacts)).to.equal(true);
		expect(Hawk.client.authenticate(res, credentials, artifacts)).to.equal(true);
		done();
		@@ -614,11 +614,16 @@ });

		it('should return an empty authorization header on missing credentials', function (done) {

		var header = Hawk.server.header(null, {});
		expect(header).to.equal('');
		done();
		});

		it('should return an empty authorization header on invalid credentials', function (done) {

		var artifacts = {
		credentials: {
		key: '2983d45yun89q'
		}
		var credentials = {
		key: '2983d45yun89q'
		};

		var header = Hawk.server.header(artifacts);
		var header = Hawk.server.header(credentials);
		expect(header).to.equal('');
		@@ -631,10 +636,11 @@ done();
		var artifacts = {
		id: '123456',
		credentials: {
		key: '2983d45yun89q',
		algorithm: 'hmac-sha-0'
		}
		id: '123456'
		};

		var header = Hawk.server.header(artifacts);
		var credentials = {
		key: '2983d45yun89q',
		algorithm: 'hmac-sha-0'
		};

		var header = Hawk.server.header(credentials, artifacts);
		expect(header).to.equal('');
		@@ -641,0 +647,0 @@ done();

3

test/uri.js

		@@ -170,4 +170,3 @@ // Load modules
		var ext = 'some-app-data';
		var mac = Hawk.crypto.calculateMac('bewit', {
		credentials: credentials,
		var mac = Hawk.crypto.calculateMac('bewit', credentials, {
		timestamp: exp,
		@@ -174,0 +173,0 @@ nonce: '',

0

test/utils.js

@@ -0,0 +0,0 @@ // Load modules

Makefile

Sorry, the diff of this file is not supported yet

New alerts

Fixed alerts

Worsened metrics