hawk - npm Package Compare versions

Comparing version 3.1.1 to 4.0.0

bower.json

 {
   "name": "hawk",
-  "main": "lib/browser.js",
+  "main": "dist/browser.js",
   "license": "./LICENSE",
   "ignore": [
-    "!lib",
     "lib/*",
-    "!lib/browser.js",
-    "index.js"
+    "!dist",
+    "!dist/browser.js"
   ],
@@ -11,0 +10,0 @@ "keywords": [

component.json

@@ -15,6 +15,6 @@ {
   "license": "BSD",
-  "main": "lib/browser.js",
+  "main": "dist/browser.js",
   "scripts": [
-    "lib/browser.js"
+    "dist/browser.js"
   ]
-}
+}

example/usage.js

@@ -0,6 +1,8 @@
+'use strict';
+
 // Load modules
 
-var Http = require('http');
-var Request = require('request');
-var Hawk = require('../lib');
+const Http = require('http');
+const Request = require('request');
+const Hawk = require('../lib');
 
@@ -10,3 +12,3 @@
 
-var internals = {
+const internals = {
     credentials: {
@@ -25,3 +27,3 @@ dh37fgj492je: {
 
-var credentialsFunc = function (id, callback) {
+const credentialsFunc = function (id, callback) {
 
@@ -34,8 +36,8 @@ return callback(null, internals.credentials[id]);
 
-var handler = function (req, res) {
+const handler = function (req, res) {
 
-    Hawk.server.authenticate(req, credentialsFunc, {}, function (err, credentials, artifacts) {
+    Hawk.server.authenticate(req, credentialsFunc, {}, (err, credentials, artifacts) => {
 
-        var payload = (!err ? 'Hello ' + credentials.user + ' ' + artifacts.ext : 'Shoosh!');
-        var headers = {
+        const payload = (!err ? 'Hello ' + credentials.user + ' ' + artifacts.ext : 'Shoosh!');
+        const headers = {
             'Content-Type': 'text/plain',
@@ -55,3 +57,3 @@ 'Server-Authorization': Hawk.server.header(credentials, artifacts, { payload: payload, contentType: 'text/plain' })
 
-Request('http://127.0.0.1:8000/resource/1?b=1&a=2', function (error, response, body) {
+Request('http://127.0.0.1:8000/resource/1?b=1&a=2', (error, response, body) => {
 
@@ -64,6 +66,6 @@ console.log(response.statusCode + ': ' + body);
 
-credentialsFunc('dh37fgj492je', function (err, credentials) {
+credentialsFunc('dh37fgj492je', (err, credentials) => {
 
-    var header = Hawk.client.header('http://127.0.0.1:8000/resource/1?b=1&a=2', 'GET', { credentials: credentials, ext: 'and welcome!' });
-    var options = {
+    const header = Hawk.client.header('http://127.0.0.1:8000/resource/1?b=1&a=2', 'GET', { credentials: credentials, ext: 'and welcome!' });
+    const options = {
         uri: 'http://127.0.0.1:8000/resource/1?b=1&a=2',
@@ -76,5 +78,5 @@ method: 'GET',
 
-    Request(options, function (error, response, body) {
+    Request(options, (error, response, body) => {
 
-        var isValid = Hawk.client.authenticate(response, credentials, header.artifacts, { payload: body });
+        const isValid = Hawk.client.authenticate(response, credentials, header.artifacts, { payload: body });
         console.log(response.statusCode + ': ' + body + (isValid ? ' (valid)' : ' (invalid)'));
@@ -81,0 +83,0 @@ process.exit(0);

lib/browser.js

@@ -0,1 +1,3 @@
+'use strict';
+
 /*
@@ -10,3 +12,3 @@ HTTP Hawk Authentication Scheme
 
-var hawk = {
+const hawk = {
     internals: {}
@@ -49,3 +51,3 @@ };
 
-        var result = {
+        const result = {
             field: '',
@@ -67,7 +69,7 @@ artifacts: {}
 
-        var timestamp = options.timestamp || hawk.utils.now(options.localtimeOffsetMsec);
+        const timestamp = options.timestamp || hawk.utils.now(options.localtimeOffsetMsec);
 
         // Validate credentials
 
-        var credentials = options.credentials;
+        const credentials = options.credentials;
         if (!credentials ||
@@ -95,3 +97,3 @@ !credentials.id ||
 
-        var artifacts = {
+        const artifacts = {
             ts: timestamp,
@@ -119,8 +121,8 @@ nonce: options.nonce || hawk.utils.randomString(6),
 
-        var mac = hawk.crypto.calculateMac('header', credentials, artifacts);
+        const mac = hawk.crypto.calculateMac('header', credentials, artifacts);
 
         // Construct header
 
-        var hasExt = artifacts.ext !== null && artifacts.ext !== undefined && artifacts.ext !== '';       // Other falsey values allowed
-        var header = 'Hawk id="' + credentials.id +
+        const hasExt = artifacts.ext !== null && artifacts.ext !== undefined && artifacts.ext !== '';       // Other falsey values allowed
+        let header = 'Hawk id="' + credentials.id +
                      '", ts="' + artifacts.ts +
@@ -181,7 +183,7 @@ '", nonce="' + artifacts.nonce +
 
-        var now = hawk.utils.now(options.localtimeOffsetMsec);
+        const now = hawk.utils.now(options.localtimeOffsetMsec);
 
         // Validate credentials
 
-        var credentials = options.credentials;
+        const credentials = options.credentials;
         if (!credentials ||
@@ -205,4 +207,4 @@ !credentials.id ||
 
-        var exp = now + options.ttlSec;
-        var mac = hawk.crypto.calculateMac('bewit', credentials, {
+        const exp = now + options.ttlSec;
+        const mac = hawk.crypto.calculateMac('bewit', credentials, {
             ts: exp,
@@ -219,3 +221,3 @@ nonce: '',
 
-        var bewit = credentials.id + '\\' + exp + '\\' + mac + '\\' + options.ext;
+        const bewit = credentials.id + '\\' + exp + '\\' + mac + '\\' + options.ext;
         return hawk.utils.base64urlEncode(bewit);
@@ -239,3 +241,3 @@ },
 
-        var getHeader = function (name) {
+        const getHeader = function (name) {
 
@@ -245,3 +247,3 @@ return request.getResponseHeader ? request.getResponseHeader(name) : request.getHeader(name);
 
-        var wwwAuthenticate = getHeader('www-authenticate');
+        const wwwAuthenticate = getHeader('www-authenticate');
         if (wwwAuthenticate) {
@@ -251,3 +253,3 @@
 
-            var wwwAttributes = hawk.utils.parseAuthorizationHeader(wwwAuthenticate, ['ts', 'tsm', 'error']);
+            const wwwAttributes = hawk.utils.parseAuthorizationHeader(wwwAuthenticate, ['ts', 'tsm', 'error']);
             if (!wwwAttributes) {
@@ -258,3 +260,3 @@ return false;
             if (wwwAttributes.ts) {
-                var tsm = hawk.crypto.calculateTsMac(wwwAttributes.ts, credentials);
+                const tsm = hawk.crypto.calculateTsMac(wwwAttributes.ts, credentials);
                 if (tsm !== wwwAttributes.tsm) {
@@ -270,3 +272,3 @@ return false;
 
-        var serverAuthorization = getHeader('server-authorization');
+        const serverAuthorization = getHeader('server-authorization');
         if (!serverAuthorization &&
@@ -278,3 +280,3 @@ !options.required) {
 
-        var attributes = hawk.utils.parseAuthorizationHeader(serverAuthorization, ['mac', 'ext', 'hash']);
+        const attributes = hawk.utils.parseAuthorizationHeader(serverAuthorization, ['mac', 'ext', 'hash']);
         if (!attributes) {
@@ -284,3 +286,3 @@ return false;
 
-        var modArtifacts = {
+        const modArtifacts = {
             ts: artifacts.ts,
@@ -298,3 +300,3 @@ nonce: artifacts.nonce,
 
-        var mac = hawk.crypto.calculateMac('response', credentials, modArtifacts);
+        const mac = hawk.crypto.calculateMac('response', credentials, modArtifacts);
         if (mac !== attributes.mac) {
@@ -314,3 +316,3 @@ return false;
 
-        var calculatedHash = hawk.crypto.calculatePayloadHash(options.payload, credentials.algorithm, getHeader('content-type'));
+        const calculatedHash = hawk.crypto.calculatePayloadHash(options.payload, credentials.algorithm, getHeader('content-type'));
         return (calculatedHash === attributes.hash);
@@ -333,7 +335,7 @@ },
 
-        var timestamp = options.timestamp || hawk.utils.now(options.localtimeOffsetMsec);
+        const timestamp = options.timestamp || hawk.utils.now(options.localtimeOffsetMsec);
 
         // Validate credentials
 
-        var credentials = options.credentials;
+        const credentials = options.credentials;
         if (!credentials ||
@@ -354,3 +356,3 @@ !credentials.id ||
 
-        var artifacts = {
+        const artifacts = {
             ts: timestamp,
@@ -365,3 +367,3 @@ nonce: options.nonce || hawk.utils.randomString(6),
 
-        var result = {
+        const result = {
             id: credentials.id,
@@ -379,3 +381,3 @@ ts: artifacts.ts,
 
-        var tsm = hawk.crypto.calculateTsMac(message.ts, credentials);
+        const tsm = hawk.crypto.calculateTsMac(message.ts, credentials);
         if (tsm !== message.tsm) {
@@ -402,5 +404,5 @@ return false;
 
-        var normalized = hawk.crypto.generateNormalizedString(type, options);
+        const normalized = hawk.crypto.generateNormalizedString(type, options);
 
-        var hmac = CryptoJS['Hmac' + credentials.algorithm.toUpperCase()](normalized, credentials.key);
+        const hmac = CryptoJS['Hmac' + credentials.algorithm.toUpperCase()](normalized, credentials.key);
         return hmac.toString(CryptoJS.enc.Base64);
@@ -411,3 +413,3 @@ },
 
-        var normalized = 'hawk.' + hawk.crypto.headerVersion + '.' + type + '\n' +
+        let normalized = 'hawk.' + hawk.crypto.headerVersion + '.' + type + '\n' +
                          options.ts + '\n' +
@@ -437,3 +439,3 @@ options.nonce + '\n' +
 
-        var hash = CryptoJS.algo[algorithm.toUpperCase()].create();
+        const hash = CryptoJS.algo[algorithm.toUpperCase()].create();
         hash.update('hawk.' + hawk.crypto.headerVersion + '.payload\n');
@@ -448,3 +450,3 @@ hash.update(hawk.utils.parseContentType(contentType) + '\n');
 
-        var hash = CryptoJS['Hmac' + credentials.algorithm.toUpperCase()]('hawk.' + hawk.crypto.headerVersion + '.ts\n' + ts + '\n', credentials.key);
+        const hash = CryptoJS['Hmac' + credentials.algorithm.toUpperCase()]('hawk.' + hawk.crypto.headerVersion + '.ts\n' + ts + '\n', credentials.key);
         return hash.toString(CryptoJS.enc.Base64);
@@ -498,3 +500,3 @@ }
 
-        var ntpOffset = hawk.utils.storage.getItem('hawk_ntp_offset');
+        const ntpOffset = hawk.utils.storage.getItem('hawk_ntp_offset');
         hawk.utils.storage = storage;
@@ -519,3 +521,3 @@ if (ntpOffset) {
 
-        var offset = hawk.utils.storage.getItem('hawk_ntp_offset');
+        const offset = hawk.utils.storage.getItem('hawk_ntp_offset');
         if (!offset) {
@@ -553,3 +555,3 @@ return 0;
 
-        var headerParts = header.match(/^(\w+)(?:\s+(.*))?$/);       // Header: scheme[ something]
+        const headerParts = header.match(/^(\w+)(?:\s+(.*))?$/);       // Header: scheme[ something]
         if (!headerParts) {
@@ -559,3 +561,3 @@ return null;
 
-        var scheme = headerParts[1];
+        const scheme = headerParts[1];
         if (scheme.toLowerCase() !== 'hawk') {
@@ -565,3 +567,3 @@ return null;
 
-        var attributesString = headerParts[2];
+        const attributesString = headerParts[2];
         if (!attributesString) {
@@ -571,4 +573,4 @@ return null;
 
-        var attributes = {};
-        var verify = attributesString.replace(/(\w+)="([^"\\]*)"\s*(?:,\s*|$)/g, function ($0, $1, $2) {
+        const attributes = {};
+        const verify = attributesString.replace(/(\w+)="([^"\\]*)"\s*(?:,\s*|$)/g, ($0, $1, $2) => {
 
@@ -606,7 +608,7 @@ // Check valid attribute names
 
-        var randomSource = 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789';
-        var len = randomSource.length;
+        const randomSource = 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789';
+        const len = randomSource.length;
 
-        var result = [];
-        for (var i = 0; i < size; ++i) {
+        const result = [];
+        for (let i = 0; i < size; ++i) {
             result[i] = randomSource[Math.floor(Math.random() * len)];
@@ -621,3 +623,3 @@ }
 
-        var parts = input.match(hawk.utils.uriRegex);
+        const parts = input.match(hawk.utils.uriRegex);
         if (!parts) {
@@ -627,4 +629,4 @@ return { host: '', port: '', resource: '' };
 
-        var scheme = parts[1].toLowerCase();
-        var uri = {
+        const scheme = parts[1].toLowerCase();
+        const uri = {
             host: parts[2],
@@ -640,4 +642,4 @@ port: parts[3] || (scheme === 'http' ? '80' : (scheme === 'https' ? '443' : '')),
 
-        var wordArray = CryptoJS.enc.Utf8.parse(value);
-        var encoded = CryptoJS.enc.Base64.stringify(wordArray);
+        const wordArray = CryptoJS.enc.Utf8.parse(value);
+        const encoded = CryptoJS.enc.Base64.stringify(wordArray);
         return encoded.replace(/\+/g, '-').replace(/\//g, '_').replace(/\=/g, '');
@@ -656,7 +658,7 @@ }
 
-var CryptoJS = CryptoJS || function (h, r) { var k = {}, l = k.lib = {}, n = function () { }, f = l.Base = { extend: function (a) { n.prototype = this; var b = new n; a && b.mixIn(a); b.hasOwnProperty("init") || (b.init = function () { b.$super.init.apply(this, arguments) }); b.init.prototype = b; b.$super = this; return b }, create: function () { var a = this.extend(); a.init.apply(a, arguments); return a }, init: function () { }, mixIn: function (a) { for (var b in a) a.hasOwnProperty(b) && (this[b] = a[b]); a.hasOwnProperty("toString") && (this.toString = a.toString) }, clone: function () { return this.init.prototype.extend(this) } }, j = l.WordArray = f.extend({ init: function (a, b) { a = this.words = a || []; this.sigBytes = b != r ? b : 4 * a.length }, toString: function (a) { return (a || s).stringify(this) }, concat: function (a) { var b = this.words, d = a.words, c = this.sigBytes; a = a.sigBytes; this.clamp(); if (c % 4) for (var e = 0; e < a; e++) b[c + e >>> 2] |= (d[e >>> 2] >>> 24 - 8 * (e % 4) & 255) << 24 - 8 * ((c + e) % 4); else if (65535 < d.length) for (e = 0; e < a; e += 4) b[c + e >>> 2] = d[e >>> 2]; else b.push.apply(b, d); this.sigBytes += a; return this }, clamp: function () { var a = this.words, b = this.sigBytes; a[b >>> 2] &= 4294967295 << 32 - 8 * (b % 4); a.length = h.ceil(b / 4) }, clone: function () { var a = f.clone.call(this); a.words = this.words.slice(0); return a }, random: function (a) { for (var b = [], d = 0; d < a; d += 4) b.push(4294967296 * h.random() | 0); return new j.init(b, a) } }), m = k.enc = {}, s = m.Hex = { stringify: function (a) { var b = a.words; a = a.sigBytes; for (var d = [], c = 0; c < a; c++) { var e = b[c >>> 2] >>> 24 - 8 * (c % 4) & 255; d.push((e >>> 4).toString(16)); d.push((e & 15).toString(16)) } return d.join("") }, parse: function (a) { for (var b = a.length, d = [], c = 0; c < b; c += 2) d[c >>> 3] |= parseInt(a.substr(c, 2), 16) << 24 - 4 * (c % 8); return new j.init(d, b / 2) } }, p = m.Latin1 = { stringify: function (a) { var b = a.words; a = a.sigBytes; for (var d = [], c = 0; c < a; c++) d.push(String.fromCharCode(b[c >>> 2] >>> 24 - 8 * (c % 4) & 255)); return d.join("") }, parse: function (a) { for (var b = a.length, d = [], c = 0; c < b; c++) d[c >>> 2] |= (a.charCodeAt(c) & 255) << 24 - 8 * (c % 4); return new j.init(d, b) } }, t = m.Utf8 = { stringify: function (a) { try { return decodeURIComponent(escape(p.stringify(a))) } catch (b) { throw Error("Malformed UTF-8 data"); } }, parse: function (a) { return p.parse(unescape(encodeURIComponent(a))) } }, q = l.BufferedBlockAlgorithm = f.extend({ reset: function () { this._data = new j.init; this._nDataBytes = 0 }, _append: function (a) { "string" == typeof a && (a = t.parse(a)); this._data.concat(a); this._nDataBytes += a.sigBytes }, _process: function (a) { var b = this._data, d = b.words, c = b.sigBytes, e = this.blockSize, f = c / (4 * e), f = a ? h.ceil(f) : h.max((f | 0) - this._minBufferSize, 0); a = f * e; c = h.min(4 * a, c); if (a) { for (var g = 0; g < a; g += e) this._doProcessBlock(d, g); g = d.splice(0, a); b.sigBytes -= c } return new j.init(g, c) }, clone: function () { var a = f.clone.call(this); a._data = this._data.clone(); return a }, _minBufferSize: 0 }); l.Hasher = q.extend({ cfg: f.extend(), init: function (a) { this.cfg = this.cfg.extend(a); this.reset() }, reset: function () { q.reset.call(this); this._doReset() }, update: function (a) { this._append(a); this._process(); return this }, finalize: function (a) { a && this._append(a); return this._doFinalize() }, blockSize: 16, _createHelper: function (a) { return function (b, d) { return (new a.init(d)).finalize(b) } }, _createHmacHelper: function (a) { return function (b, d) { return (new u.HMAC.init(a, d)).finalize(b) } } }); var u = k.algo = {}; return k }(Math);
-(function () { var k = CryptoJS, b = k.lib, m = b.WordArray, l = b.Hasher, d = [], b = k.algo.SHA1 = l.extend({ _doReset: function () { this._hash = new m.init([1732584193, 4023233417, 2562383102, 271733878, 3285377520]) }, _doProcessBlock: function (n, p) { for (var a = this._hash.words, e = a[0], f = a[1], h = a[2], j = a[3], b = a[4], c = 0; 80 > c; c++) { if (16 > c) d[c] = n[p + c] | 0; else { var g = d[c - 3] ^ d[c - 8] ^ d[c - 14] ^ d[c - 16]; d[c] = g << 1 | g >>> 31 } g = (e << 5 | e >>> 27) + b + d[c]; g = 20 > c ? g + ((f & h | ~f & j) + 1518500249) : 40 > c ? g + ((f ^ h ^ j) + 1859775393) : 60 > c ? g + ((f & h | f & j | h & j) - 1894007588) : g + ((f ^ h ^ j) - 899497514); b = j; j = h; h = f << 30 | f >>> 2; f = e; e = g } a[0] = a[0] + e | 0; a[1] = a[1] + f | 0; a[2] = a[2] + h | 0; a[3] = a[3] + j | 0; a[4] = a[4] + b | 0 }, _doFinalize: function () { var b = this._data, d = b.words, a = 8 * this._nDataBytes, e = 8 * b.sigBytes; d[e >>> 5] |= 128 << 24 - e % 32; d[(e + 64 >>> 9 << 4) + 14] = Math.floor(a / 4294967296); d[(e + 64 >>> 9 << 4) + 15] = a; b.sigBytes = 4 * d.length; this._process(); return this._hash }, clone: function () { var b = l.clone.call(this); b._hash = this._hash.clone(); return b } }); k.SHA1 = l._createHelper(b); k.HmacSHA1 = l._createHmacHelper(b) })();
+var CryptoJS = CryptoJS || function (h, r) { var k = {}, l = k.lib = {}, n = function () { }, f = l.Base = { extend: function (a) { n.prototype = this; var b = new n; a && b.mixIn(a); b.hasOwnProperty("init") || (b.init = function () { b.$super.init.apply(this, arguments) }); b.init.prototype = b; b.$super = this; return b }, create: function () { var a = this.extend(); a.init.apply(a, arguments); return a }, init: function () { }, mixIn: function (a) { for (let b in a) a.hasOwnProperty(b) && (this[b] = a[b]); a.hasOwnProperty("toString") && (this.toString = a.toString) }, clone: function () { return this.init.prototype.extend(this) } }, j = l.WordArray = f.extend({ init: function (a, b) { a = this.words = a || []; this.sigBytes = b != r ? b : 4 * a.length }, toString: function (a) { return (a || s).stringify(this) }, concat: function (a) { var b = this.words, d = a.words, c = this.sigBytes; a = a.sigBytes; this.clamp(); if (c % 4) for (let e = 0; e < a; e++) b[c + e >>> 2] |= (d[e >>> 2] >>> 24 - 8 * (e % 4) & 255) << 24 - 8 * ((c + e) % 4); else if (65535 < d.length) for (e = 0; e < a; e += 4) b[c + e >>> 2] = d[e >>> 2]; else b.push.apply(b, d); this.sigBytes += a; return this }, clamp: function () { var a = this.words, b = this.sigBytes; a[b >>> 2] &= 4294967295 << 32 - 8 * (b % 4); a.length = h.ceil(b / 4) }, clone: function () { var a = f.clone.call(this); a.words = this.words.slice(0); return a }, random: function (a) { for (let b = [], d = 0; d < a; d += 4) b.push(4294967296 * h.random() | 0); return new j.init(b, a) } }), m = k.enc = {}, s = m.Hex = { stringify: function (a) { var b = a.words; a = a.sigBytes; for (var d = [], c = 0; c < a; c++) { var e = b[c >>> 2] >>> 24 - 8 * (c % 4) & 255; d.push((e >>> 4).toString(16)); d.push((e & 15).toString(16)) } return d.join("") }, parse: function (a) { for (var b = a.length, d = [], c = 0; c < b; c += 2) d[c >>> 3] |= parseInt(a.substr(c, 2), 16) << 24 - 4 * (c % 8); return new j.init(d, b / 2) } }, p = m.Latin1 = { stringify: function (a) { var b = a.words; a = a.sigBytes; for (var d = [], c = 0; c < a; c++) d.push(String.fromCharCode(b[c >>> 2] >>> 24 - 8 * (c % 4) & 255)); return d.join("") }, parse: function (a) { for (var b = a.length, d = [], c = 0; c < b; c++) d[c >>> 2] |= (a.charCodeAt(c) & 255) << 24 - 8 * (c % 4); return new j.init(d, b) } }, t = m.Utf8 = { stringify: function (a) { try { return decodeURIComponent(escape(p.stringify(a))) } catch (b) { throw Error("Malformed UTF-8 data"); } }, parse: function (a) { return p.parse(unescape(encodeURIComponent(a))) } }, q = l.BufferedBlockAlgorithm = f.extend({ reset: function () { this._data = new j.init; this._nDataBytes = 0 }, _append: function (a) { "string" == typeof a && (a = t.parse(a)); this._data.concat(a); this._nDataBytes += a.sigBytes }, _process: function (a) { var b = this._data, d = b.words, c = b.sigBytes, e = this.blockSize, f = c / (4 * e), f = a ? h.ceil(f) : h.max((f | 0) - this._minBufferSize, 0); a = f * e; c = h.min(4 * a, c); if (a) { for (var g = 0; g < a; g += e) this._doProcessBlock(d, g); g = d.splice(0, a); b.sigBytes -= c } return new j.init(g, c) }, clone: function () { var a = f.clone.call(this); a._data = this._data.clone(); return a }, _minBufferSize: 0 }); l.Hasher = q.extend({ cfg: f.extend(), init: function (a) { this.cfg = this.cfg.extend(a); this.reset() }, reset: function () { q.reset.call(this); this._doReset() }, update: function (a) { this._append(a); this._process(); return this }, finalize: function (a) { a && this._append(a); return this._doFinalize() }, blockSize: 16, _createHelper: function (a) { return function (b, d) { return (new a.init(d)).finalize(b) } }, _createHmacHelper: function (a) { return function (b, d) { return (new u.HMAC.init(a, d)).finalize(b) } } }); var u = k.algo = {}; return k }(Math);
+(() => { var k = CryptoJS, b = k.lib, m = b.WordArray, l = b.Hasher, d = [], b = k.algo.SHA1 = l.extend({ _doReset: function () { this._hash = new m.init([1732584193, 4023233417, 2562383102, 271733878, 3285377520]) }, _doProcessBlock: function (n, p) { for (var a = this._hash.words, e = a[0], f = a[1], h = a[2], j = a[3], b = a[4], c = 0; 80 > c; c++) { if (16 > c) d[c] = n[p + c] | 0; else { var g = d[c - 3] ^ d[c - 8] ^ d[c - 14] ^ d[c - 16]; d[c] = g << 1 | g >>> 31 } g = (e << 5 | e >>> 27) + b + d[c]; g = 20 > c ? g + ((f & h | ~f & j) + 1518500249) : 40 > c ? g + ((f ^ h ^ j) + 1859775393) : 60 > c ? g + ((f & h | f & j | h & j) - 1894007588) : g + ((f ^ h ^ j) - 899497514); b = j; j = h; h = f << 30 | f >>> 2; f = e; e = g } a[0] = a[0] + e | 0; a[1] = a[1] + f | 0; a[2] = a[2] + h | 0; a[3] = a[3] + j | 0; a[4] = a[4] + b | 0 }, _doFinalize: function () { var b = this._data, d = b.words, a = 8 * this._nDataBytes, e = 8 * b.sigBytes; d[e >>> 5] |= 128 << 24 - e % 32; d[(e + 64 >>> 9 << 4) + 14] = Math.floor(a / 4294967296); d[(e + 64 >>> 9 << 4) + 15] = a; b.sigBytes = 4 * d.length; this._process(); return this._hash }, clone: function () { var b = l.clone.call(this); b._hash = this._hash.clone(); return b } }); k.SHA1 = l._createHelper(b); k.HmacSHA1 = l._createHmacHelper(b) })();
 (function (k) { for (var g = CryptoJS, h = g.lib, v = h.WordArray, j = h.Hasher, h = g.algo, s = [], t = [], u = function (q) { return 4294967296 * (q - (q | 0)) | 0 }, l = 2, b = 0; 64 > b;) { var d; a: { d = l; for (var w = k.sqrt(d), r = 2; r <= w; r++) if (!(d % r)) { d = !1; break a } d = !0 } d && (8 > b && (s[b] = u(k.pow(l, 0.5))), t[b] = u(k.pow(l, 1 / 3)), b++); l++ } var n = [], h = h.SHA256 = j.extend({ _doReset: function () { this._hash = new v.init(s.slice(0)) }, _doProcessBlock: function (q, h) { for (var a = this._hash.words, c = a[0], d = a[1], b = a[2], k = a[3], f = a[4], g = a[5], j = a[6], l = a[7], e = 0; 64 > e; e++) { if (16 > e) n[e] = q[h + e] | 0; else { var m = n[e - 15], p = n[e - 2]; n[e] = ((m << 25 | m >>> 7) ^ (m << 14 | m >>> 18) ^ m >>> 3) + n[e - 7] + ((p << 15 | p >>> 17) ^ (p << 13 | p >>> 19) ^ p >>> 10) + n[e - 16] } m = l + ((f << 26 | f >>> 6) ^ (f << 21 | f >>> 11) ^ (f << 7 | f >>> 25)) + (f & g ^ ~f & j) + t[e] + n[e]; p = ((c << 30 | c >>> 2) ^ (c << 19 | c >>> 13) ^ (c << 10 | c >>> 22)) + (c & d ^ c & b ^ d & b); l = j; j = g; g = f; f = k + m | 0; k = b; b = d; d = c; c = m + p | 0 } a[0] = a[0] + c | 0; a[1] = a[1] + d | 0; a[2] = a[2] + b | 0; a[3] = a[3] + k | 0; a[4] = a[4] + f | 0; a[5] = a[5] + g | 0; a[6] = a[6] + j | 0; a[7] = a[7] + l | 0 }, _doFinalize: function () { var d = this._data, b = d.words, a = 8 * this._nDataBytes, c = 8 * d.sigBytes; b[c >>> 5] |= 128 << 24 - c % 32; b[(c + 64 >>> 9 << 4) + 14] = k.floor(a / 4294967296); b[(c + 64 >>> 9 << 4) + 15] = a; d.sigBytes = 4 * b.length; this._process(); return this._hash }, clone: function () { var b = j.clone.call(this); b._hash = this._hash.clone(); return b } }); g.SHA256 = j._createHelper(h); g.HmacSHA256 = j._createHmacHelper(h) })(Math);
-(function () { var c = CryptoJS, k = c.enc.Utf8; c.algo.HMAC = c.lib.Base.extend({ init: function (a, b) { a = this._hasher = new a.init; "string" == typeof b && (b = k.parse(b)); var c = a.blockSize, e = 4 * c; b.sigBytes > e && (b = a.finalize(b)); b.clamp(); for (var f = this._oKey = b.clone(), g = this._iKey = b.clone(), h = f.words, j = g.words, d = 0; d < c; d++) h[d] ^= 1549556828, j[d] ^= 909522486; f.sigBytes = g.sigBytes = e; this.reset() }, reset: function () { var a = this._hasher; a.reset(); a.update(this._iKey) }, update: function (a) { this._hasher.update(a); return this }, finalize: function (a) { var b = this._hasher; a = b.finalize(a); b.reset(); return b.finalize(this._oKey.clone().concat(a)) } }) })();
-(function () { var h = CryptoJS, j = h.lib.WordArray; h.enc.Base64 = { stringify: function (b) { var e = b.words, f = b.sigBytes, c = this._map; b.clamp(); b = []; for (var a = 0; a < f; a += 3) for (var d = (e[a >>> 2] >>> 24 - 8 * (a % 4) & 255) << 16 | (e[a + 1 >>> 2] >>> 24 - 8 * ((a + 1) % 4) & 255) << 8 | e[a + 2 >>> 2] >>> 24 - 8 * ((a + 2) % 4) & 255, g = 0; 4 > g && a + 0.75 * g < f; g++) b.push(c.charAt(d >>> 6 * (3 - g) & 63)); if (e = c.charAt(64)) for (; b.length % 4;) b.push(e); return b.join("") }, parse: function (b) { var e = b.length, f = this._map, c = f.charAt(64); c && (c = b.indexOf(c), -1 != c && (e = c)); for (var c = [], a = 0, d = 0; d < e; d++) if (d % 4) { var g = f.indexOf(b.charAt(d - 1)) << 2 * (d % 4), h = f.indexOf(b.charAt(d)) >>> 6 - 2 * (d % 4); c[a >>> 2] |= (g | h) << 24 - 8 * (a % 4); a++ } return j.create(c, a) }, _map: "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=" } })();
+(() => { var c = CryptoJS, k = c.enc.Utf8; c.algo.HMAC = c.lib.Base.extend({ init: function (a, b) { a = this._hasher = new a.init; "string" == typeof b && (b = k.parse(b)); var c = a.blockSize, e = 4 * c; b.sigBytes > e && (b = a.finalize(b)); b.clamp(); for (var f = this._oKey = b.clone(), g = this._iKey = b.clone(), h = f.words, j = g.words, d = 0; d < c; d++) h[d] ^= 1549556828, j[d] ^= 909522486; f.sigBytes = g.sigBytes = e; this.reset() }, reset: function () { var a = this._hasher; a.reset(); a.update(this._iKey) }, update: function (a) { this._hasher.update(a); return this }, finalize: function (a) { var b = this._hasher; a = b.finalize(a); b.reset(); return b.finalize(this._oKey.clone().concat(a)) } }) })();
+(() => { var h = CryptoJS, j = h.lib.WordArray; h.enc.Base64 = { stringify: function (b) { var e = b.words, f = b.sigBytes, c = this._map; b.clamp(); b = []; for (var a = 0; a < f; a += 3) for (var d = (e[a >>> 2] >>> 24 - 8 * (a % 4) & 255) << 16 | (e[a + 1 >>> 2] >>> 24 - 8 * ((a + 1) % 4) & 255) << 8 | e[a + 2 >>> 2] >>> 24 - 8 * ((a + 2) % 4) & 255, g = 0; 4 > g && a + 0.75 * g < f; g++) b.push(c.charAt(d >>> 6 * (3 - g) & 63)); if (e = c.charAt(64)) for (; b.length % 4;) b.push(e); return b.join("") }, parse: function (b) { var e = b.length, f = this._map, c = f.charAt(64); c && (c = b.indexOf(c), -1 != c && (e = c)); for (var c = [], a = 0, d = 0; d < e; d++) if (d % 4) { var g = f.indexOf(b.charAt(d - 1)) << 2 * (d % 4), h = f.indexOf(b.charAt(d)) >>> 6 - 2 * (d % 4); c[a >>> 2] |= (g | h) << 24 - 8 * (a % 4); a++ } return j.create(c, a) }, _map: "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=" } })();
 
@@ -663,0 +665,0 @@ hawk.crypto.internals = CryptoJS;

lib/client.js

@@ -0,8 +1,10 @@
+'use strict';
+
 // Load modules
 
-var Url = require('url');
-var Hoek = require('hoek');
-var Cryptiles = require('cryptiles');
-var Crypto = require('./crypto');
-var Utils = require('./utils');
+const Url = require('url');
+const Hoek = require('hoek');
+const Cryptiles = require('cryptiles');
+const Crypto = require('./crypto');
+const Utils = require('./utils');
 
@@ -12,3 +14,3 @@
 
-var internals = {};
+const internals = {};
 
@@ -47,3 +49,3 @@
 
-    var result = {
+    const result = {
         field: '',
@@ -65,7 +67,7 @@ artifacts: {}
 
-    var timestamp = options.timestamp || Utils.nowSecs(options.localtimeOffsetMsec);
+    const timestamp = options.timestamp || Utils.nowSecs(options.localtimeOffsetMsec);
 
     // Validate credentials
 
-    var credentials = options.credentials;
+    const credentials = options.credentials;
     if (!credentials ||
@@ -93,3 +95,3 @@ !credentials.id ||
 
-    var artifacts = {
+    const artifacts = {
         ts: timestamp,
@@ -117,8 +119,8 @@ nonce: options.nonce || Cryptiles.randomString(6),
 
-    var mac = Crypto.calculateMac('header', credentials, artifacts);
+    const mac = Crypto.calculateMac('header', credentials, artifacts);
 
     // Construct header
 
-    var hasExt = artifacts.ext !== null && artifacts.ext !== undefined && artifacts.ext !== '';       // Other falsey values allowed
-    var header = 'Hawk id="' + credentials.id +
+    const hasExt = artifacts.ext !== null && artifacts.ext !== undefined && artifacts.ext !== '';       // Other falsey values allowed
+    let header = 'Hawk id="' + credentials.id +
                  '", ts="' + artifacts.ts +
@@ -131,3 +133,3 @@ '", nonce="' + artifacts.nonce +
     if (artifacts.app) {
-        header += ', app="' + artifacts.app +
+        header = header + ', app="' + artifacts.app +
                   (artifacts.dlg ? '", dlg="' + artifacts.dlg : '') + '"';
@@ -162,3 +164,3 @@ }
 
-        var wwwAttributes = Utils.parseAuthorizationHeader(res.headers['www-authenticate'], ['ts', 'tsm', 'error']);
+        const wwwAttributes = Utils.parseAuthorizationHeader(res.headers['www-authenticate'], ['ts', 'tsm', 'error']);
         if (wwwAttributes instanceof Error) {
@@ -171,3 +173,3 @@ return false;
         if (wwwAttributes.ts) {
-            var tsm = Crypto.calculateTsMac(wwwAttributes.ts, credentials);
+            const tsm = Crypto.calculateTsMac(wwwAttributes.ts, credentials);
             if (tsm !== wwwAttributes.tsm) {
@@ -187,3 +189,3 @@ return false;
 
-    var attributes = Utils.parseAuthorizationHeader(res.headers['server-authorization'], ['mac', 'ext', 'hash']);
+    const attributes = Utils.parseAuthorizationHeader(res.headers['server-authorization'], ['mac', 'ext', 'hash']);
     if (attributes instanceof Error) {
@@ -196,3 +198,3 @@ return false;
 
-    var mac = Crypto.calculateMac('response', credentials, artifacts);
+    const mac = Crypto.calculateMac('response', credentials, artifacts);
     if (mac !== attributes.mac) {
@@ -212,3 +214,3 @@ return false;
 
-    var calculatedHash = Crypto.calculatePayloadHash(options.payload, credentials.algorithm, res.headers['content-type']);
+    const calculatedHash = Crypto.calculatePayloadHash(options.payload, credentials.algorithm, res.headers['content-type']);
     return (calculatedHash === attributes.hash);
@@ -257,7 +259,7 @@ };
 
-    var now = Utils.now(options.localtimeOffsetMsec);
+    const now = Utils.now(options.localtimeOffsetMsec);
 
     // Validate credentials
 
-    var credentials = options.credentials;
+    const credentials = options.credentials;
     if (!credentials ||
@@ -283,4 +285,4 @@ !credentials.id ||
 
-    var exp = Math.floor(now / 1000) + options.ttlSec;
-    var mac = Crypto.calculateMac('bewit', credentials, {
+    const exp = Math.floor(now / 1000) + options.ttlSec;
+    const mac = Crypto.calculateMac('bewit', credentials, {
         ts: exp,
@@ -297,3 +299,3 @@ nonce: '',
 
-    var bewit = credentials.id + '\\' + exp + '\\' + mac + '\\' + options.ext;
+    const bewit = credentials.id + '\\' + exp + '\\' + mac + '\\' + options.ext;
     return Hoek.base64urlEncode(bewit);
@@ -341,7 +343,7 @@ };
 
-    var timestamp = options.timestamp || Utils.nowSecs(options.localtimeOffsetMsec);
+    const timestamp = options.timestamp || Utils.nowSecs(options.localtimeOffsetMsec);
 
     // Validate credentials
 
-    var credentials = options.credentials;
+    const credentials = options.credentials;
     if (!credentials ||
@@ -362,3 +364,3 @@ !credentials.id ||
 
-    var artifacts = {
+    const artifacts = {
         ts: timestamp,
@@ -373,3 +375,3 @@ nonce: options.nonce || Cryptiles.randomString(6),
 
-    var result = {
+    const result = {
         id: credentials.id,
@@ -376,0 +378,0 @@ ts: artifacts.ts,

lib/crypto.js

@@ -0,6 +1,8 @@
+'use strict';
+
 // Load modules
 
-var Crypto = require('crypto');
-var Url = require('url');
-var Utils = require('./utils');
+const Crypto = require('crypto');
+const Url = require('url');
+const Utils = require('./utils');
 
@@ -10,3 +12,3 @@
 
-var internals = {};
+const internals = {};
 
@@ -48,6 +50,6 @@
 
-    var normalized = exports.generateNormalizedString(type, options);
+    const normalized = exports.generateNormalizedString(type, options);
 
-    var hmac = Crypto.createHmac(credentials.algorithm, credentials.key).update(normalized);
-    var digest = hmac.digest('base64');
+    const hmac = Crypto.createHmac(credentials.algorithm, credentials.key).update(normalized);
+    const digest = hmac.digest('base64');
     return digest;
@@ -59,11 +61,11 @@ };
 
-    var resource = options.resource || '';
+    let resource = options.resource || '';
     if (resource &&
         resource[0] !== '/') {
 
-        var url = Url.parse(resource, false);
+        const url = Url.parse(resource, false);
         resource = url.path;                        // Includes query
     }
 
-    var normalized = 'hawk.' + exports.headerVersion + '.' + type + '\n' +
+    let normalized = 'hawk.' + exports.headerVersion + '.' + type + '\n' +
                      options.ts + '\n' +
@@ -78,10 +80,10 @@ options.nonce + '\n' +
     if (options.ext) {
-        normalized += options.ext.replace('\\', '\\\\').replace('\n', '\\n');
+        normalized = normalized + options.ext.replace('\\', '\\\\').replace('\n', '\\n');
     }
 
-    normalized += '\n';
+    normalized = normalized + '\n';
 
     if (options.app) {
-        normalized += options.app + '\n' +
-                      (options.dlg || '') + '\n';
+        normalized = normalized + options.app + '\n' +
+                                  (options.dlg || '') + '\n';
     }
@@ -95,3 +97,3 @@
 
-    var hash = exports.initializePayloadHash(algorithm, contentType);
+    const hash = exports.initializePayloadHash(algorithm, contentType);
     hash.update(payload || '');
@@ -104,3 +106,3 @@ return exports.finalizePayloadHash(hash);
 
-    var hash = Crypto.createHash(algorithm);
+    const hash = Crypto.createHash(algorithm);
     hash.update('hawk.' + exports.headerVersion + '.payload\n');
@@ -121,3 +123,3 @@ hash.update(Utils.parseContentType(contentType) + '\n');
 
-    var hmac = Crypto.createHmac(credentials.algorithm, credentials.key);
+    const hmac = Crypto.createHmac(credentials.algorithm, credentials.key);
     hmac.update('hawk.' + exports.headerVersion + '.ts\n' + ts + '\n');
@@ -130,5 +132,5 @@ return hmac.digest('base64');
 
-    var now = Utils.nowSecs(localtimeOffsetMsec);
-    var tsm = exports.calculateTsMac(now, credentials);
+    const now = Utils.nowSecs(localtimeOffsetMsec);
+    const tsm = exports.calculateTsMac(now, credentials);
     return { ts: now, tsm: tsm };
 };

lib/index.js

@@ -0,1 +1,3 @@
+'use strict';
+
 // Export sub-modules
@@ -2,0 +4,0 @@

lib/server.js

@@ -0,8 +1,10 @@
+'use strict';
+
 // Load modules
 
-var Boom = require('boom');
-var Hoek = require('hoek');
-var Cryptiles = require('cryptiles');
-var Crypto = require('./crypto');
-var Utils = require('./utils');
+const Boom = require('boom');
+const Hoek = require('hoek');
+const Cryptiles = require('cryptiles');
+const Crypto = require('./crypto');
+const Utils = require('./utils');
 
@@ -12,3 +14,3 @@
 
-var internals = {};
+const internals = {};
 
@@ -21,3 +23,3 @@
 
-                        var request = {
+                        const request = {
                             method: 'GET',
@@ -35,3 +37,3 @@ url: '/resource/4?a=1&b=2',
 
-                        var credentialsFunc = function (id, callback) {
+                        const credentialsFunc = function (id, callback) {
 
@@ -45,3 +47,3 @@ // Lookup credentials in database
 
-                                var credentials = {
+                                const credentials = {
                                     // Required
@@ -100,7 +102,7 @@ key: item.key,
 
-    var now = Utils.now(options.localtimeOffsetMsec);                           // Measure now before any other processing
+    const now = Utils.now(options.localtimeOffsetMsec);                           // Measure now before any other processing
 
     // Convert node Http request object to a request configuration object
 
-    var request = Utils.parseRequest(req, options);
+    const request = Utils.parseRequest(req, options);
     if (request instanceof Error) {
@@ -112,3 +114,3 @@ return callback(Boom.badRequest(request.message));
 
-    var attributes = Utils.parseAuthorizationHeader(request.authorization);
+    const attributes = Utils.parseAuthorizationHeader(request.authorization);
     if (attributes instanceof Error) {
@@ -120,3 +122,3 @@ return callback(attributes);
 
-    var artifacts = {
+    const artifacts = {
         method: request.method,
@@ -148,3 +150,3 @@ host: request.host,
 
-    credentialsFunc(attributes.id, function (err, credentials) {
+    credentialsFunc(attributes.id, (err, credentials) => {
 
@@ -171,3 +173,3 @@ if (err) {
 
-        var mac = Crypto.calculateMac('header', credentials, artifacts);
+        const mac = Crypto.calculateMac('header', credentials, artifacts);
         if (!Cryptiles.fixedTimeComparison(mac, attributes.mac)) {
@@ -186,3 +188,3 @@ return callback(Boom.unauthorized('Bad mac', 'Hawk'), credentials, artifacts);
 
-            var hash = Crypto.calculatePayloadHash(options.payload, credentials.algorithm, request.contentType);
+            const hash = Crypto.calculatePayloadHash(options.payload, credentials.algorithm, request.contentType);
             if (!Cryptiles.fixedTimeComparison(hash, attributes.hash)) {
@@ -195,3 +197,3 @@ return callback(Boom.unauthorized('Bad payload hash', 'Hawk'), credentials, artifacts);
 
-        options.nonceFunc(credentials.key, attributes.nonce, attributes.ts, function (err) {
+        options.nonceFunc(credentials.key, attributes.nonce, attributes.ts, (err) => {
 
@@ -205,3 +207,3 @@ if (err) {
             if (Math.abs((attributes.ts * 1000) - now) > (options.timestampSkewSec * 1000)) {
-                var tsm = Crypto.timestampMessage(credentials, options.localtimeOffsetMsec);
+                const tsm = Crypto.timestampMessage(credentials, options.localtimeOffsetMsec);
                 return callback(Boom.unauthorized('Stale timestamp', 'Hawk', tsm), credentials, artifacts);
@@ -229,3 +231,3 @@ }
 
-    var calculatedHash = Crypto.calculatePayloadHash(payload, credentials.algorithm, contentType);
+    const calculatedHash = Crypto.calculatePayloadHash(payload, credentials.algorithm, contentType);
     return Cryptiles.fixedTimeComparison(calculatedHash, artifacts.hash);
@@ -301,7 +303,7 @@ };
 
-    var mac = Crypto.calculateMac('response', credentials, artifacts);
+    const mac = Crypto.calculateMac('response', credentials, artifacts);
 
     // Construct header
 
-    var header = 'Hawk mac="' + mac + '"' +
+    let header = 'Hawk mac="' + mac + '"' +
                  (artifacts.hash ? ', hash="' + artifacts.hash + '"' : '');
@@ -313,3 +315,3 @@
 
-        header += ', ext="' + Hoek.escapeHeaderAttribute(artifacts.ext) + '"';
+        header = header + ', ext="' + Hoek.escapeHeaderAttribute(artifacts.ext) + '"';
     }
@@ -332,7 +334,7 @@
 
-    var now = Utils.now(options.localtimeOffsetMsec);
+    const now = Utils.now(options.localtimeOffsetMsec);
 
     // Convert node Http request object to a request configuration object
 
-    var request = Utils.parseRequest(req, options);
+    const request = Utils.parseRequest(req, options);
     if (request instanceof Error) {
@@ -345,3 +347,3 @@ return callback(Boom.badRequest(request.message));
     //                                 1     2             3           4
-    var resource = request.url.match(/^(\/.*)([\?&])bewit\=([^&$]*)(?:&(.+))?$/);
+    const resource = request.url.match(/^(\/.*)([\?&])bewit\=([^&$]*)(?:&(.+))?$/);
     if (!resource) {
@@ -373,3 +375,3 @@ return callback(Boom.unauthorized(null, 'Hawk'));
 
-    var bewitString = Hoek.base64urlDecode(resource[3]);
+    const bewitString = Hoek.base64urlDecode(resource[3]);
     if (bewitString instanceof Error) {
@@ -381,3 +383,3 @@ return callback(Boom.badRequest('Invalid bewit encoding'));
 
-    var bewitParts = bewitString.split('\\');
+    const bewitParts = bewitString.split('\\');
     if (bewitParts.length !== 4) {
@@ -387,3 +389,3 @@ return callback(Boom.badRequest('Invalid bewit structure'));
 
-    var bewit = {
+    const bewit = {
         id: bewitParts[0],
@@ -404,5 +406,5 @@ exp: parseInt(bewitParts[1], 10),
 
-    var url = resource[1];
+    let url = resource[1];
     if (resource[4]) {
-        url += resource[2] + resource[4];
+        url = url + resource[2] + resource[4];
     }
@@ -418,3 +420,3 @@
 
-    credentialsFunc(bewit.id, function (err, credentials) {
+    credentialsFunc(bewit.id, (err, credentials) => {
 
@@ -441,3 +443,3 @@ if (err) {
 
-        var mac = Crypto.calculateMac('bewit', credentials, {
+        const mac = Crypto.calculateMac('bewit', credentials, {
             ts: bewit.exp,
@@ -479,3 +481,3 @@ nonce: '',
 
-    var now = Utils.now(options.localtimeOffsetMsec);                       // Measure now before any other processing
+    const now = Utils.now(options.localtimeOffsetMsec);                       // Measure now before any other processing
 
@@ -495,3 +497,3 @@ // Validate authorization
 
-    credentialsFunc(authorization.id, function (err, credentials) {
+    credentialsFunc(authorization.id, (err, credentials) => {
 
@@ -518,3 +520,3 @@ if (err) {
 
-        var artifacts = {
+        const artifacts = {
             ts: authorization.ts,
@@ -529,3 +531,3 @@ nonce: authorization.nonce,
 
-        var mac = Crypto.calculateMac('message', credentials, artifacts);
+        const mac = Crypto.calculateMac('message', credentials, artifacts);
         if (!Cryptiles.fixedTimeComparison(mac, authorization.mac)) {
@@ -537,3 +539,3 @@ return callback(Boom.unauthorized('Bad mac', 'Hawk'), credentials);
 
-        var hash = Crypto.calculatePayloadHash(message, credentials.algorithm);
+        const hash = Crypto.calculatePayloadHash(message, credentials.algorithm);
         if (!Cryptiles.fixedTimeComparison(hash, authorization.hash)) {
@@ -545,3 +547,3 @@ return callback(Boom.unauthorized('Bad message hash', 'Hawk'), credentials);
 
-        options.nonceFunc(credentials.key, authorization.nonce, authorization.ts, function (err) {
+        options.nonceFunc(credentials.key, authorization.nonce, authorization.ts, (err) => {
 
@@ -548,0 +550,0 @@ if (err) {

lib/utils.js

@@ -0,5 +1,7 @@
+'use strict';
+
 // Load modules
 
-var Sntp = require('sntp');
-var Boom = require('boom');
+const Sntp = require('sntp');
+const Boom = require('boom');
 
@@ -9,3 +11,3 @@
 
-var internals = {};
+const internals = {};
 
@@ -28,3 +30,3 @@
     hostHeaderName = (hostHeaderName ? hostHeaderName.toLowerCase() : 'host');
-    var hostHeader = req.headers[hostHeaderName];
+    const hostHeader = req.headers[hostHeaderName];
     if (!hostHeader) {
@@ -34,3 +36,3 @@ return null;
 
-    var hostParts = hostHeader.match(internals.hostHeaderRegex);
+    const hostParts = hostHeader.match(internals.hostHeaderRegex);
     if (!hostParts) {
@@ -69,4 +71,7 @@ return null;
 
-    if (!options.host || !options.port) {
-        var host = exports.parseHost(req, options.hostHeaderName);
+    let host;
+    if (!options.host ||
+        !options.port) {
+
+        host = exports.parseHost(req, options.hostHeaderName);
         if (!host) {
@@ -77,3 +82,3 @@ return new Error('Invalid Host header');
 
-    var request = {
+    const request = {
         method: req.method,
@@ -113,3 +118,3 @@ url: req.url,
 
-    var headerParts = header.match(/^(\w+)(?:\s+(.*))?$/);       // Header: scheme[ something]
+    const headerParts = header.match(/^(\w+)(?:\s+(.*))?$/);       // Header: scheme[ something]
     if (!headerParts) {
@@ -119,3 +124,3 @@ return Boom.badRequest('Invalid header syntax');
 
-    var scheme = headerParts[1];
+    const scheme = headerParts[1];
     if (scheme.toLowerCase() !== 'hawk') {
@@ -125,3 +130,3 @@ return Boom.unauthorized(null, 'Hawk');
 
-    var attributesString = headerParts[2];
+    const attributesString = headerParts[2];
     if (!attributesString) {
@@ -131,5 +136,5 @@ return Boom.badRequest('Invalid header syntax');
 
-    var attributes = {};
-    var errorMessage = '';
-    var verify = attributesString.replace(/(\w+)="([^"\\]*)"\s*(?:,\s*|$)/g, function ($0, $1, $2) {
+    const attributes = {};
+    let errorMessage = '';
+    const verify = attributesString.replace(/(\w+)="([^"\\]*)"\s*(?:,\s*|$)/g, ($0, $1, $2) => {
 
@@ -136,0 +141,0 @@ // Check valid attribute names

package.json

 {
   "name": "hawk",
   "description": "HTTP Hawk Authentication Scheme",
-  "version": "3.1.1",
+  "version": "4.0.0",
   "author": "Eran Hammer <eran@hammer.io> (http://hueniverse.com)",
-  "contributors": [],
   "repository": "git://github.com/hueniverse/hawk",
   "main": "lib/index.js",
+  "browser": "dist/browser.js",
   "keywords": [
@@ -16,16 +16,22 @@ "http",
   "engines": {
-    "node": ">=0.10.32"
+    "node": ">=4.0.0"
   },
-  "browser": "./lib/browser.js",
   "dependencies": {
-    "hoek": "2.x.x",
-    "boom": "^2.8.x",
-    "cryptiles": "2.x.x",
-    "sntp": "1.x.x"
+    "hoek": "3.x.x",
+    "boom": "3.x.x",
+    "cryptiles": "3.x.x",
+    "sntp": "2.x.x"
   },
   "devDependencies": {
-    "code": "1.x.x",
-    "lab": "5.x.x"
+    "babel-cli": "^6.1.2",
+    "babel-preset-es2015": "^6.1.2",
+    "code": "2.x.x",
+    "lab": "7.x.x"
   },
+  "babel": {
+    "presets": ["es2015"]
+  },
   "scripts": {
+    "build-client": "mkdir -p dist; babel lib/client.js --out-file dist/client.js",
+    "prepublish": "npm run-script build-client",
     "test": "lab -a code -t 100 -L",
@@ -32,0 +38,0 @@ "test-cov-html": "lab -a code -r html -o coverage.html"

test/browser.js

@@ -0,9 +1,10 @@
+'use strict';
+
 // Load modules
 
-var Url = require('url');
-var Code = require('code');
-var Hawk = require('../lib');
-var Hoek = require('hoek');
-var Lab = require('lab');
-var Browser = require('../lib/browser');
+const Code = require('code');
+const Hawk = require('../lib');
+const Hoek = require('hoek');
+const Lab = require('lab');
+const Browser = require('../lib/browser');
 
@@ -13,3 +14,3 @@
 
-var internals = {};
+const internals = {};
 
@@ -19,13 +20,13 @@
 
-var lab = exports.lab = Lab.script();
-var describe = lab.experiment;
-var it = lab.test;
-var expect = Code.expect;
+const lab = exports.lab = Lab.script();
+const describe = lab.experiment;
+const it = lab.test;
+const expect = Code.expect;
 
 
-describe('Browser', function () {
+describe('Browser', () => {
 
-    var credentialsFunc = function (id, callback) {
+    const credentialsFunc = function (id, callback) {
 
-        var credentials = {
+        const credentials = {
             id: id,
@@ -40,5 +41,5 @@ key: 'werxhqb98rpaxn39848xrunpaw3489ruxnpa98w4rxn',
 
-    it('should generate a bewit then successfully authenticate it', function (done) {
+    it('should generate a bewit then successfully authenticate it', (done) => {
 
-        var req = {
+        const req = {
             method: 'GET',
@@ -50,8 +51,8 @@ url: '/resource/4?a=1&b=2',
 
-        credentialsFunc('123456', function (err, credentials1) {
+        credentialsFunc('123456', (err, credentials1) => {
 
-            var bewit = Browser.client.bewit('http://example.com/resource/4?a=1&b=2', { credentials: credentials1, ttlSec: 60 * 60 * 24 * 365 * 100, ext: 'some-app-data' });
+            const bewit = Browser.client.bewit('http://example.com/resource/4?a=1&b=2', { credentials: credentials1, ttlSec: 60 * 60 * 24 * 365 * 100, ext: 'some-app-data' });
             req.url += '&bewit=' + bewit;
 
-            Hawk.uri.authenticate(req, credentialsFunc, {}, function (err, credentials2, attributes) {
+            Hawk.uri.authenticate(req, credentialsFunc, {}, (err, credentials2, attributes) => {
 
@@ -66,5 +67,5 @@ expect(err).to.not.exist();
 
-    it('should generate a bewit then successfully authenticate it (no ext)', function (done) {
+    it('should generate a bewit then successfully authenticate it (no ext)', (done) => {
 
-        var req = {
+        const req = {
             method: 'GET',
@@ -76,8 +77,8 @@ url: '/resource/4?a=1&b=2',
 
-        credentialsFunc('123456', function (err, credentials1) {
+        credentialsFunc('123456', (err, credentials1) => {
 
-            var bewit = Browser.client.bewit('http://example.com/resource/4?a=1&b=2', { credentials: credentials1, ttlSec: 60 * 60 * 24 * 365 * 100 });
+            const bewit = Browser.client.bewit('http://example.com/resource/4?a=1&b=2', { credentials: credentials1, ttlSec: 60 * 60 * 24 * 365 * 100 });
             req.url += '&bewit=' + bewit;
 
-            Hawk.uri.authenticate(req, credentialsFunc, {}, function (err, credentials2, attributes) {
+            Hawk.uri.authenticate(req, credentialsFunc, {}, (err, credentials2, attributes) => {
 
@@ -91,7 +92,7 @@ expect(err).to.not.exist();
 
-    describe('bewit()', function () {
+    describe('bewit()', () => {
 
-        it('returns a valid bewit value', function (done) {
+        it('returns a valid bewit value', (done) => {
 
-            var credentials = {
+            const credentials = {
                 id: '123456',
@@ -102,3 +103,3 @@ key: '2983d45yun89q',
 
-            var bewit = Browser.client.bewit('https://example.com/somewhere/over/the/rainbow', { credentials: credentials, ttlSec: 300, localtimeOffsetMsec: 1356420407232 - Hawk.utils.now(), ext: 'xandyandz' });
+            const bewit = Browser.client.bewit('https://example.com/somewhere/over/the/rainbow', { credentials: credentials, ttlSec: 300, localtimeOffsetMsec: 1356420407232 - Hawk.utils.now(), ext: 'xandyandz' });
             expect(bewit).to.equal('MTIzNDU2XDEzNTY0MjA3MDdca3NjeHdOUjJ0SnBQMVQxekRMTlBiQjVVaUtJVTl0T1NKWFRVZEc3WDloOD1ceGFuZHlhbmR6');
@@ -108,5 +109,5 @@ done();
 
-        it('returns a valid bewit value (explicit HTTP port)', function (done) {
+        it('returns a valid bewit value (explicit HTTP port)', (done) => {
 
-            var credentials = {
+            const credentials = {
                 id: '123456',
@@ -117,3 +118,3 @@ key: '2983d45yun89q',
 
-            var bewit = Browser.client.bewit('http://example.com:8080/somewhere/over/the/rainbow', { credentials: credentials, ttlSec: 300, localtimeOffsetMsec: 1356420407232 - Hawk.utils.now(), ext: 'xandyandz' });
+            const bewit = Browser.client.bewit('http://example.com:8080/somewhere/over/the/rainbow', { credentials: credentials, ttlSec: 300, localtimeOffsetMsec: 1356420407232 - Hawk.utils.now(), ext: 'xandyandz' });
             expect(bewit).to.equal('MTIzNDU2XDEzNTY0MjA3MDdcaFpiSjNQMmNLRW80a3kwQzhqa1pBa1J5Q1p1ZWc0V1NOYnhWN3ZxM3hIVT1ceGFuZHlhbmR6');
@@ -123,5 +124,5 @@ done();
 
-        it('returns a valid bewit value (explicit HTTPS port)', function (done) {
+        it('returns a valid bewit value (explicit HTTPS port)', (done) => {
 
-            var credentials = {
+            const credentials = {
                 id: '123456',
@@ -132,3 +133,3 @@ key: '2983d45yun89q',
 
-            var bewit = Browser.client.bewit('https://example.com:8043/somewhere/over/the/rainbow', { credentials: credentials, ttlSec: 300, localtimeOffsetMsec: 1356420407232 - Hawk.utils.now(), ext: 'xandyandz' });
+            const bewit = Browser.client.bewit('https://example.com:8043/somewhere/over/the/rainbow', { credentials: credentials, ttlSec: 300, localtimeOffsetMsec: 1356420407232 - Hawk.utils.now(), ext: 'xandyandz' });
             expect(bewit).to.equal('MTIzNDU2XDEzNTY0MjA3MDdcL2t4UjhwK0xSaTdvQTRnUXc3cWlxa3BiVHRKYkR4OEtRMC9HRUwvVytTUT1ceGFuZHlhbmR6');
@@ -138,5 +139,5 @@ done();
 
-        it('returns a valid bewit value (null ext)', function (done) {
+        it('returns a valid bewit value (null ext)', (done) => {
 
-            var credentials = {
+            const credentials = {
                 id: '123456',
@@ -147,3 +148,3 @@ key: '2983d45yun89q',
 
-            var bewit = Browser.client.bewit('https://example.com/somewhere/over/the/rainbow', { credentials: credentials, ttlSec: 300, localtimeOffsetMsec: 1356420407232 - Hawk.utils.now(), ext: null });
+            const bewit = Browser.client.bewit('https://example.com/somewhere/over/the/rainbow', { credentials: credentials, ttlSec: 300, localtimeOffsetMsec: 1356420407232 - Hawk.utils.now(), ext: null });
             expect(bewit).to.equal('MTIzNDU2XDEzNTY0MjA3MDdcSUdZbUxnSXFMckNlOEN4dktQczRKbFdJQStValdKSm91d2dBUmlWaENBZz1c');
@@ -153,11 +154,5 @@ done();
 
-        it('errors on invalid options', function (done) {
+        it('errors on invalid options', (done) => {
 
-            var credentials = {
-                id: '123456',
-                key: '2983d45yun89q',
-                algorithm: 'sha256'
-            };
-
-            var bewit = Browser.client.bewit('https://example.com/somewhere/over/the/rainbow', 4);
+            const bewit = Browser.client.bewit('https://example.com/somewhere/over/the/rainbow', 4);
             expect(bewit).to.equal('');
@@ -167,5 +162,5 @@ done();
 
-        it('errors on missing uri', function (done) {
+        it('errors on missing uri', (done) => {
 
-            var credentials = {
+            const credentials = {
                 id: '123456',
@@ -176,3 +171,3 @@ key: '2983d45yun89q',
 
-            var bewit = Browser.client.bewit('', { credentials: credentials, ttlSec: 300, localtimeOffsetMsec: 1356420407232 - Hawk.utils.now(), ext: 'xandyandz' });
+            const bewit = Browser.client.bewit('', { credentials: credentials, ttlSec: 300, localtimeOffsetMsec: 1356420407232 - Hawk.utils.now(), ext: 'xandyandz' });
             expect(bewit).to.equal('');
@@ -182,5 +177,5 @@ done();
 
-        it('errors on invalid uri', function (done) {
+        it('errors on invalid uri', (done) => {
 
-            var credentials = {
+            const credentials = {
                 id: '123456',
@@ -191,3 +186,3 @@ key: '2983d45yun89q',
 
-            var bewit = Browser.client.bewit(5, { credentials: credentials, ttlSec: 300, localtimeOffsetMsec: 1356420407232 - Hawk.utils.now(), ext: 'xandyandz' });
+            const bewit = Browser.client.bewit(5, { credentials: credentials, ttlSec: 300, localtimeOffsetMsec: 1356420407232 - Hawk.utils.now(), ext: 'xandyandz' });
             expect(bewit).to.equal('');
@@ -197,5 +192,5 @@ done();
 
-        it('errors on invalid credentials (id)', function (done) {
+        it('errors on invalid credentials (id)', (done) => {
 
-            var credentials = {
+            const credentials = {
                 key: '2983d45yun89q',
@@ -205,3 +200,3 @@ algorithm: 'sha256'
 
-            var bewit = Browser.client.bewit('https://example.com/somewhere/over/the/rainbow', { credentials: credentials, ttlSec: 3000, ext: 'xandyandz' });
+            const bewit = Browser.client.bewit('https://example.com/somewhere/over/the/rainbow', { credentials: credentials, ttlSec: 3000, ext: 'xandyandz' });
             expect(bewit).to.equal('');
@@ -211,5 +206,5 @@ done();
 
-        it('errors on missing credentials', function (done) {
+        it('errors on missing credentials', (done) => {
 
-            var bewit = Browser.client.bewit('https://example.com/somewhere/over/the/rainbow', { ttlSec: 3000, ext: 'xandyandz' });
+            const bewit = Browser.client.bewit('https://example.com/somewhere/over/the/rainbow', { ttlSec: 3000, ext: 'xandyandz' });
             expect(bewit).to.equal('');
@@ -219,5 +214,5 @@ done();
 
-        it('errors on invalid credentials (key)', function (done) {
+        it('errors on invalid credentials (key)', (done) => {
 
-            var credentials = {
+            const credentials = {
                 id: '123456',
@@ -227,3 +222,3 @@ algorithm: 'sha256'
 
-            var bewit = Browser.client.bewit('https://example.com/somewhere/over/the/rainbow', { credentials: credentials, ttlSec: 3000, ext: 'xandyandz' });
+            const bewit = Browser.client.bewit('https://example.com/somewhere/over/the/rainbow', { credentials: credentials, ttlSec: 3000, ext: 'xandyandz' });
             expect(bewit).to.equal('');
@@ -233,5 +228,5 @@ done();
 
-        it('errors on invalid algorithm', function (done) {
+        it('errors on invalid algorithm', (done) => {
 
-            var credentials = {
+            const credentials = {
                 id: '123456',
@@ -242,3 +237,3 @@ key: '2983d45yun89q',
 
-            var bewit = Browser.client.bewit('https://example.com/somewhere/over/the/rainbow', { credentials: credentials, ttlSec: 300, ext: 'xandyandz' });
+            const bewit = Browser.client.bewit('https://example.com/somewhere/over/the/rainbow', { credentials: credentials, ttlSec: 300, ext: 'xandyandz' });
             expect(bewit).to.equal('');
@@ -248,11 +243,5 @@ done();
 
-        it('errors on missing options', function (done) {
+        it('errors on missing options', (done) => {
 
-            var credentials = {
-                id: '123456',
-                key: '2983d45yun89q',
-                algorithm: 'hmac-sha-0'
-            };
-
-            var bewit = Browser.client.bewit('https://example.com/somewhere/over/the/rainbow');
+            const bewit = Browser.client.bewit('https://example.com/somewhere/over/the/rainbow');
             expect(bewit).to.equal('');
@@ -263,5 +252,5 @@ done();
 
-    it('generates a header then successfully parse it (configuration)', function (done) {
+    it('generates a header then successfully parse it (configuration)', (done) => {
 
-        var req = {
+        const req = {
             method: 'GET',
@@ -273,3 +262,3 @@ url: '/resource/4?filter=a',
 
-        credentialsFunc('123456', function (err, credentials1) {
+        credentialsFunc('123456', (err, credentials1) => {
 
@@ -279,3 +268,3 @@ req.authorization = Browser.client.header('http://example.com:8080/resource/4?filter=a', req.method, { credentials: credentials1, ext: 'some-app-data' }).field;
 
-            Hawk.server.authenticate(req, credentialsFunc, {}, function (err, credentials2, artifacts) {
+            Hawk.server.authenticate(req, credentialsFunc, {}, (err, credentials2, artifacts) => {
 
@@ -290,5 +279,5 @@ expect(err).to.not.exist();
 
-    it('generates a header then successfully parse it (node request)', function (done) {
+    it('generates a header then successfully parse it (node request)', (done) => {
 
-        var req = {
+        const req = {
             method: 'POST',
@@ -302,10 +291,10 @@ url: '/resource/4?filter=a',
 
-        var payload = 'some not so random text';
+        const payload = 'some not so random text';
 
-        credentialsFunc('123456', function (err, credentials1) {
+        credentialsFunc('123456', (err, credentials1) => {
 
-            var reqHeader = Browser.client.header('http://example.com:8080/resource/4?filter=a', req.method, { credentials: credentials1, ext: 'some-app-data', payload: payload, contentType: req.headers['content-type'] });
+            const reqHeader = Browser.client.header('http://example.com:8080/resource/4?filter=a', req.method, { credentials: credentials1, ext: 'some-app-data', payload: payload, contentType: req.headers['content-type'] });
             req.headers.authorization = reqHeader.field;
 
-            Hawk.server.authenticate(req, credentialsFunc, {}, function (err, credentials2, artifacts) {
+            Hawk.server.authenticate(req, credentialsFunc, {}, (err, credentials2, artifacts) => {
 
@@ -317,3 +306,3 @@ expect(err).to.not.exist();
 
-                var res = {
+                const res = {
                     headers: {
@@ -337,5 +326,5 @@ 'content-type': 'text/plain'
 
-    it('generates a header then successfully parse it (browserify)', function (done) {
+    it('generates a header then successfully parse it (browserify)', (done) => {
 
-        var req = {
+        const req = {
             method: 'POST',
@@ -349,10 +338,10 @@ url: '/resource/4?filter=a',
 
-        var payload = 'some not so random text';
+        const payload = 'some not so random text';
 
-        credentialsFunc('123456', function (err, credentials1) {
+        credentialsFunc('123456', (err, credentials1) => {
 
-            var reqHeader = Browser.client.header('http://example.com:8080/resource/4?filter=a', req.method, { credentials: credentials1, ext: 'some-app-data', payload: payload, contentType: req.headers['content-type'] });
+            const reqHeader = Browser.client.header('http://example.com:8080/resource/4?filter=a', req.method, { credentials: credentials1, ext: 'some-app-data', payload: payload, contentType: req.headers['content-type'] });
             req.headers.authorization = reqHeader.field;
 
-            Hawk.server.authenticate(req, credentialsFunc, {}, function (err, credentials2, artifacts) {
+            Hawk.server.authenticate(req, credentialsFunc, {}, (err, credentials2, artifacts) => {
 
@@ -364,3 +353,3 @@ expect(err).to.not.exist();
 
-                var res = {
+                const res = {
                     headers: {
@@ -384,5 +373,5 @@ 'content-type': 'text/plain'
 
-    it('generates a header then successfully parse it (time offset)', function (done) {
+    it('generates a header then successfully parse it (time offset)', (done) => {
 
-        var req = {
+        const req = {
             method: 'GET',
@@ -394,3 +383,3 @@ url: '/resource/4?filter=a',
 
-        credentialsFunc('123456', function (err, credentials1) {
+        credentialsFunc('123456', (err, credentials1) => {
 
@@ -400,3 +389,3 @@ req.authorization = Browser.client.header('http://example.com:8080/resource/4?filter=a', req.method, { credentials: credentials1, ext: 'some-app-data', localtimeOffsetMsec: 100000 }).field;
 
-            Hawk.server.authenticate(req, credentialsFunc, { localtimeOffsetMsec: 100000 }, function (err, credentials2, artifacts) {
+            Hawk.server.authenticate(req, credentialsFunc, { localtimeOffsetMsec: 100000 }, (err, credentials2, artifacts) => {
 
@@ -411,5 +400,5 @@ expect(err).to.not.exist();
 
-    it('generates a header then successfully parse it (no server header options)', function (done) {
+    it('generates a header then successfully parse it (no server header options)', (done) => {
 
-        var req = {
+        const req = {
             method: 'POST',
@@ -423,10 +412,10 @@ url: '/resource/4?filter=a',
 
-        var payload = 'some not so random text';
+        const payload = 'some not so random text';
 
-        credentialsFunc('123456', function (err, credentials1) {
+        credentialsFunc('123456', (err, credentials1) => {
 
-            var reqHeader = Browser.client.header('http://example.com:8080/resource/4?filter=a', req.method, { credentials: credentials1, ext: 'some-app-data', payload: payload, contentType: req.headers['content-type'] });
+            const reqHeader = Browser.client.header('http://example.com:8080/resource/4?filter=a', req.method, { credentials: credentials1, ext: 'some-app-data', payload: payload, contentType: req.headers['content-type'] });
             req.headers.authorization = reqHeader.field;
 
-            Hawk.server.authenticate(req, credentialsFunc, {}, function (err, credentials2, artifacts) {
+            Hawk.server.authenticate(req, credentialsFunc, {}, (err, credentials2, artifacts) => {
 
@@ -438,3 +427,3 @@ expect(err).to.not.exist();
 
-                var res = {
+                const res = {
                     headers: {
@@ -458,5 +447,5 @@ 'content-type': 'text/plain'
 
-    it('generates a header then successfully parse it (no server header)', function (done) {
+    it('generates a header then successfully parse it (no server header)', (done) => {
 
-        var req = {
+        const req = {
             method: 'POST',
@@ -470,10 +459,10 @@ url: '/resource/4?filter=a',
 
-        var payload = 'some not so random text';
+        const payload = 'some not so random text';
 
-        credentialsFunc('123456', function (err, credentials1) {
+        credentialsFunc('123456', (err, credentials1) => {
 
-            var reqHeader = Browser.client.header('http://example.com:8080/resource/4?filter=a', req.method, { credentials: credentials1, ext: 'some-app-data', payload: payload, contentType: req.headers['content-type'] });
+            const reqHeader = Browser.client.header('http://example.com:8080/resource/4?filter=a', req.method, { credentials: credentials1, ext: 'some-app-data', payload: payload, contentType: req.headers['content-type'] });
             req.headers.authorization = reqHeader.field;
 
-            Hawk.server.authenticate(req, credentialsFunc, {}, function (err, credentials2, artifacts) {
+            Hawk.server.authenticate(req, credentialsFunc, {}, (err, credentials2, artifacts) => {
 
@@ -485,3 +474,3 @@ expect(err).to.not.exist();
 
-                var res = {
+                const res = {
                     headers: {
@@ -502,5 +491,5 @@ 'content-type': 'text/plain'
 
-    it('generates a header with stale ts and successfully authenticate on second call', function (done) {
+    it('generates a header with stale ts and successfully authenticate on second call', (done) => {
 
-        var req = {
+        const req = {
             method: 'GET',
@@ -512,10 +501,10 @@ url: '/resource/4?filter=a',
 
-        credentialsFunc('123456', function (err, credentials1) {
+        credentialsFunc('123456', (err, credentials1) => {
 
             Browser.utils.setNtpOffset(60 * 60 * 1000);
-            var header = Browser.client.header('http://example.com:8080/resource/4?filter=a', req.method, { credentials: credentials1, ext: 'some-app-data' });
+            const header = Browser.client.header('http://example.com:8080/resource/4?filter=a', req.method, { credentials: credentials1, ext: 'some-app-data' });
             req.authorization = header.field;
             expect(req.authorization).to.exist();
 
-            Hawk.server.authenticate(req, credentialsFunc, {}, function (err, credentials2, artifacts2) {
+            Hawk.server.authenticate(req, credentialsFunc, {}, (err, credentials2, artifacts2) => {
 
@@ -525,3 +514,3 @@ expect(err).to.exist();
 
-                var res = {
+                const res = {
                     headers: {
@@ -543,3 +532,3 @@ 'www-authenticate': err.output.headers['WWW-Authenticate']
 
-                Hawk.server.authenticate(req, credentialsFunc, {}, function (err, credentials3, artifacts3) {
+                Hawk.server.authenticate(req, credentialsFunc, {}, (err, credentials3, artifacts3) => {
 
@@ -555,5 +544,5 @@ expect(err).to.not.exist();
 
-    it('generates a header with stale ts and successfully authenticate on second call (manual localStorage)', function (done) {
+    it('generates a header with stale ts and successfully authenticate on second call (manual localStorage)', (done) => {
 
-        var req = {
+        const req = {
             method: 'GET',
@@ -565,5 +554,5 @@ url: '/resource/4?filter=a',
 
-        credentialsFunc('123456', function (err, credentials1) {
+        credentialsFunc('123456', (err, credentials1) => {
 
-            var localStorage = new Browser.internals.LocalStorage();
+            const localStorage = new Browser.internals.LocalStorage();
 
@@ -573,7 +562,7 @@ Browser.utils.setStorage(localStorage);
             Browser.utils.setNtpOffset(60 * 60 * 1000);
-            var header = Browser.client.header('http://example.com:8080/resource/4?filter=a', req.method, { credentials: credentials1, ext: 'some-app-data' });
+            const header = Browser.client.header('http://example.com:8080/resource/4?filter=a', req.method, { credentials: credentials1, ext: 'some-app-data' });
             req.authorization = header.field;
             expect(req.authorization).to.exist();
 
-            Hawk.server.authenticate(req, credentialsFunc, {}, function (err, credentials2, artifacts2) {
+            Hawk.server.authenticate(req, credentialsFunc, {}, (err, credentials2, artifacts2) => {
 
@@ -583,3 +572,3 @@ expect(err).to.exist();
 
-                var res = {
+                const res = {
                     headers: {
@@ -603,3 +592,3 @@ 'www-authenticate': err.output.headers['WWW-Authenticate']
 
-                Hawk.server.authenticate(req, credentialsFunc, {}, function (err, credentials3, artifacts3) {
+                Hawk.server.authenticate(req, credentialsFunc, {}, (err, credentials3, artifacts3) => {
 
@@ -615,5 +604,5 @@ expect(err).to.not.exist();
 
-    it('generates a header then fails to parse it (missing server header hash)', function (done) {
+    it('generates a header then fails to parse it (missing server header hash)', (done) => {
 
-        var req = {
+        const req = {
             method: 'POST',
@@ -627,10 +616,10 @@ url: '/resource/4?filter=a',
 
-        var payload = 'some not so random text';
+        const payload = 'some not so random text';
 
-        credentialsFunc('123456', function (err, credentials1) {
+        credentialsFunc('123456', (err, credentials1) => {
 
-            var reqHeader = Browser.client.header('http://example.com:8080/resource/4?filter=a', req.method, { credentials: credentials1, ext: 'some-app-data', payload: payload, contentType: req.headers['content-type'] });
+            const reqHeader = Browser.client.header('http://example.com:8080/resource/4?filter=a', req.method, { credentials: credentials1, ext: 'some-app-data', payload: payload, contentType: req.headers['content-type'] });
             req.headers.authorization = reqHeader.field;
 
-            Hawk.server.authenticate(req, credentialsFunc, {}, function (err, credentials2, artifacts) {
+            Hawk.server.authenticate(req, credentialsFunc, {}, (err, credentials2, artifacts) => {
 
@@ -642,3 +631,3 @@ expect(err).to.not.exist();
 
-                var res = {
+                const res = {
                     headers: {
@@ -662,5 +651,5 @@ 'content-type': 'text/plain'
 
-    it('generates a header then successfully parse it (with hash)', function (done) {
+    it('generates a header then successfully parse it (with hash)', (done) => {
 
-        var req = {
+        const req = {
             method: 'GET',
@@ -672,6 +661,6 @@ url: '/resource/4?filter=a',
 
-        credentialsFunc('123456', function (err, credentials1) {
+        credentialsFunc('123456', (err, credentials1) => {
 
             req.authorization = Browser.client.header('http://example.com:8080/resource/4?filter=a', req.method, { credentials: credentials1, payload: 'hola!', ext: 'some-app-data' }).field;
-            Hawk.server.authenticate(req, credentialsFunc, {}, function (err, credentials2, artifacts) {
+            Hawk.server.authenticate(req, credentialsFunc, {}, (err, credentials2, artifacts) => {
 
@@ -686,5 +675,5 @@ expect(err).to.not.exist();
 
-    it('generates a header then successfully parse it then validate payload', function (done) {
+    it('generates a header then successfully parse it then validate payload', (done) => {
 
-        var req = {
+        const req = {
             method: 'GET',
@@ -696,6 +685,6 @@ url: '/resource/4?filter=a',
 
-        credentialsFunc('123456', function (err, credentials1) {
+        credentialsFunc('123456', (err, credentials1) => {
 
             req.authorization = Browser.client.header('http://example.com:8080/resource/4?filter=a', req.method, { credentials: credentials1, payload: 'hola!', ext: 'some-app-data' }).field;
-            Hawk.server.authenticate(req, credentialsFunc, {}, function (err, credentials2, artifacts) {
+            Hawk.server.authenticate(req, credentialsFunc, {}, (err, credentials2, artifacts) => {
 
@@ -712,5 +701,5 @@ expect(err).to.not.exist();
 
-    it('generates a header then successfully parse it (app)', function (done) {
+    it('generates a header then successfully parse it (app)', (done) => {
 
-        var req = {
+        const req = {
             method: 'GET',
@@ -722,6 +711,6 @@ url: '/resource/4?filter=a',
 
-        credentialsFunc('123456', function (err, credentials1) {
+        credentialsFunc('123456', (err, credentials1) => {
 
             req.authorization = Browser.client.header('http://example.com:8080/resource/4?filter=a', req.method, { credentials: credentials1, ext: 'some-app-data', app: 'asd23ased' }).field;
-            Hawk.server.authenticate(req, credentialsFunc, {}, function (err, credentials2, artifacts) {
+            Hawk.server.authenticate(req, credentialsFunc, {}, (err, credentials2, artifacts) => {
 
@@ -737,5 +726,5 @@ expect(err).to.not.exist();
 
-    it('generates a header then successfully parse it (app, dlg)', function (done) {
+    it('generates a header then successfully parse it (app, dlg)', (done) => {
 
-        var req = {
+        const req = {
             method: 'GET',
@@ -747,6 +736,6 @@ url: '/resource/4?filter=a',
 
-        credentialsFunc('123456', function (err, credentials1) {
+        credentialsFunc('123456', (err, credentials1) => {
 
             req.authorization = Browser.client.header('http://example.com:8080/resource/4?filter=a', req.method, { credentials: credentials1, ext: 'some-app-data', app: 'asd23ased', dlg: '23434szr3q4d' }).field;
-            Hawk.server.authenticate(req, credentialsFunc, {}, function (err, credentials2, artifacts) {
+            Hawk.server.authenticate(req, credentialsFunc, {}, (err, credentials2, artifacts) => {
 
@@ -763,5 +752,5 @@ expect(err).to.not.exist();
 
-    it('generates a header then fail authentication due to bad hash', function (done) {
+    it('generates a header then fail authentication due to bad hash', (done) => {
 
-        var req = {
+        const req = {
             method: 'GET',
@@ -773,6 +762,6 @@ url: '/resource/4?filter=a',
 
-        credentialsFunc('123456', function (err, credentials1) {
+        credentialsFunc('123456', (err, credentials1) => {
 
             req.authorization = Browser.client.header('http://example.com:8080/resource/4?filter=a', req.method, { credentials: credentials1, payload: 'hola!', ext: 'some-app-data' }).field;
-            Hawk.server.authenticate(req, credentialsFunc, { payload: 'byebye!' }, function (err, credentials2, artifacts) {
+            Hawk.server.authenticate(req, credentialsFunc, { payload: 'byebye!' }, (err, credentials2, artifacts) => {
 
@@ -786,5 +775,5 @@ expect(err).to.exist();
 
-    it('generates a header for one resource then fail to authenticate another', function (done) {
+    it('generates a header for one resource then fail to authenticate another', (done) => {
 
-        var req = {
+        const req = {
             method: 'GET',
@@ -796,3 +785,3 @@ url: '/resource/4?filter=a',
 
-        credentialsFunc('123456', function (err, credentials1) {
+        credentialsFunc('123456', (err, credentials1) => {
 
@@ -802,3 +791,3 @@ req.authorization = Browser.client.header('http://example.com:8080/resource/4?filter=a', req.method, { credentials: credentials1, ext: 'some-app-data' }).field;
 
-            Hawk.server.authenticate(req, credentialsFunc, {}, function (err, credentials2, artifacts) {
+            Hawk.server.authenticate(req, credentialsFunc, {}, (err, credentials2, artifacts) => {
 
@@ -812,9 +801,9 @@ expect(err).to.exist();
 
-    describe('client', function () {
+    describe('client', () => {
 
-        describe('header()', function () {
+        describe('header()', () => {
 
-            it('returns a valid authorization header (sha1)', function (done) {
+            it('returns a valid authorization header (sha1)', (done) => {
 
-                var credentials = {
+                const credentials = {
                     id: '123456',
@@ -825,3 +814,3 @@ key: '2983d45yun89q',
 
-                var header = Browser.client.header('http://example.net/somewhere/over/the/rainbow', 'POST', { credentials: credentials, ext: 'Bazinga!', timestamp: 1353809207, nonce: 'Ygvqdz', payload: 'something to write about' }).field;
+                const header = Browser.client.header('http://example.net/somewhere/over/the/rainbow', 'POST', { credentials: credentials, ext: 'Bazinga!', timestamp: 1353809207, nonce: 'Ygvqdz', payload: 'something to write about' }).field;
                 expect(header).to.equal('Hawk id="123456", ts="1353809207", nonce="Ygvqdz", hash="bsvY3IfUllw6V5rvk4tStEvpBhE=", ext="Bazinga!", mac="qbf1ZPG/r/e06F4ht+T77LXi5vw="');
@@ -831,5 +820,5 @@ done();
 
-            it('returns a valid authorization header (sha256)', function (done) {
+            it('returns a valid authorization header (sha256)', (done) => {
 
-                var credentials = {
+                const credentials = {
                     id: '123456',
@@ -840,3 +829,3 @@ key: '2983d45yun89q',
 
-                var header = Browser.client.header('https://example.net/somewhere/over/the/rainbow', 'POST', { credentials: credentials, ext: 'Bazinga!', timestamp: 1353809207, nonce: 'Ygvqdz', payload: 'something to write about', contentType: 'text/plain' }).field;
+                const header = Browser.client.header('https://example.net/somewhere/over/the/rainbow', 'POST', { credentials: credentials, ext: 'Bazinga!', timestamp: 1353809207, nonce: 'Ygvqdz', payload: 'something to write about', contentType: 'text/plain' }).field;
                 expect(header).to.equal('Hawk id="123456", ts="1353809207", nonce="Ygvqdz", hash="2QfCt3GuY9HQnHWyWD3wX68ZOKbynqlfYmuO2ZBRqtY=", ext="Bazinga!", mac="q1CwFoSHzPZSkbIvl0oYlD+91rBUEvFk763nMjMndj8="');
@@ -846,5 +835,5 @@ done();
 
-            it('returns a valid authorization header (empty payload)', function (done) {
+            it('returns a valid authorization header (empty payload)', (done) => {
 
-                var credentials = {
+                const credentials = {
                     id: '123456',
@@ -855,3 +844,3 @@ key: '2983d45yun89q',
 
-                var header = Browser.client.header('http://example.net/somewhere/over/the/rainbow', 'POST', { credentials: credentials, ext: 'Bazinga!', timestamp: 1353809207, nonce: 'Ygvqdz', payload: '' }).field;
+                const header = Browser.client.header('http://example.net/somewhere/over/the/rainbow', 'POST', { credentials: credentials, ext: 'Bazinga!', timestamp: 1353809207, nonce: 'Ygvqdz', payload: '' }).field;
                 expect(header).to.equal('Hawk id=\"123456\", ts=\"1353809207\", nonce=\"Ygvqdz\", hash=\"404ghL7K+hfyhByKKejFBRGgTjU=\", ext=\"Bazinga!\", mac=\"Bh1sj1DOfFRWOdi3ww52nLCJdBE=\"');
@@ -861,5 +850,5 @@ done();
 
-            it('returns a valid authorization header (no ext)', function (done) {
+            it('returns a valid authorization header (no ext)', (done) => {
 
-                var credentials = {
+                const credentials = {
                     id: '123456',
@@ -870,3 +859,3 @@ key: '2983d45yun89q',
 
-                var header = Browser.client.header('https://example.net/somewhere/over/the/rainbow', 'POST', { credentials: credentials, timestamp: 1353809207, nonce: 'Ygvqdz', payload: 'something to write about', contentType: 'text/plain' }).field;
+                const header = Browser.client.header('https://example.net/somewhere/over/the/rainbow', 'POST', { credentials: credentials, timestamp: 1353809207, nonce: 'Ygvqdz', payload: 'something to write about', contentType: 'text/plain' }).field;
                 expect(header).to.equal('Hawk id="123456", ts="1353809207", nonce="Ygvqdz", hash="2QfCt3GuY9HQnHWyWD3wX68ZOKbynqlfYmuO2ZBRqtY=", mac="HTgtd0jPI6E4izx8e4OHdO36q00xFCU0FolNq3RiCYs="');
@@ -876,5 +865,5 @@ done();
 
-            it('returns a valid authorization header (null ext)', function (done) {
+            it('returns a valid authorization header (null ext)', (done) => {
 
-                var credentials = {
+                const credentials = {
                     id: '123456',
@@ -885,3 +874,3 @@ key: '2983d45yun89q',
 
-                var header = Browser.client.header('https://example.net/somewhere/over/the/rainbow', 'POST', { credentials: credentials, timestamp: 1353809207, nonce: 'Ygvqdz', payload: 'something to write about', contentType: 'text/plain', ext: null }).field;
+                const header = Browser.client.header('https://example.net/somewhere/over/the/rainbow', 'POST', { credentials: credentials, timestamp: 1353809207, nonce: 'Ygvqdz', payload: 'something to write about', contentType: 'text/plain', ext: null }).field;
                 expect(header).to.equal('Hawk id="123456", ts="1353809207", nonce="Ygvqdz", hash="2QfCt3GuY9HQnHWyWD3wX68ZOKbynqlfYmuO2ZBRqtY=", mac="HTgtd0jPI6E4izx8e4OHdO36q00xFCU0FolNq3RiCYs="');
@@ -891,5 +880,5 @@ done();
 
-            it('returns a valid authorization header (uri object)', function (done) {
+            it('returns a valid authorization header (uri object)', (done) => {
 
-                var credentials = {
+                const credentials = {
                     id: '123456',
@@ -900,4 +889,4 @@ key: '2983d45yun89q',
 
-                var uri = Browser.utils.parseUri('https://example.net/somewhere/over/the/rainbow');
-                var header = Browser.client.header(uri, 'POST', { credentials: credentials, timestamp: 1353809207, nonce: 'Ygvqdz', payload: 'something to write about', contentType: 'text/plain' }).field;
+                const uri = Browser.utils.parseUri('https://example.net/somewhere/over/the/rainbow');
+                const header = Browser.client.header(uri, 'POST', { credentials: credentials, timestamp: 1353809207, nonce: 'Ygvqdz', payload: 'something to write about', contentType: 'text/plain' }).field;
                 expect(header).to.equal('Hawk id="123456", ts="1353809207", nonce="Ygvqdz", hash="2QfCt3GuY9HQnHWyWD3wX68ZOKbynqlfYmuO2ZBRqtY=", mac="HTgtd0jPI6E4izx8e4OHdO36q00xFCU0FolNq3RiCYs="');
@@ -907,5 +896,5 @@ done();
 
-            it('errors on missing options', function (done) {
+            it('errors on missing options', (done) => {
 
-                var header = Browser.client.header('https://example.net/somewhere/over/the/rainbow', 'POST');
+                const header = Browser.client.header('https://example.net/somewhere/over/the/rainbow', 'POST');
                 expect(header.field).to.equal('');
@@ -916,5 +905,5 @@ expect(header.err).to.equal('Invalid argument type');
 
-            it('errors on empty uri', function (done) {
+            it('errors on empty uri', (done) => {
 
-                var credentials = {
+                const credentials = {
                     id: '123456',
@@ -925,3 +914,3 @@ key: '2983d45yun89q',
 
-                var header = Browser.client.header('', 'POST', { credentials: credentials, timestamp: 1353809207, nonce: 'Ygvqdz', payload: 'something to write about', contentType: 'text/plain' });
+                const header = Browser.client.header('', 'POST', { credentials: credentials, timestamp: 1353809207, nonce: 'Ygvqdz', payload: 'something to write about', contentType: 'text/plain' });
                 expect(header.field).to.equal('');
@@ -932,5 +921,5 @@ expect(header.err).to.equal('Invalid argument type');
 
-            it('errors on invalid uri', function (done) {
+            it('errors on invalid uri', (done) => {
 
-                var credentials = {
+                const credentials = {
                     id: '123456',
@@ -941,3 +930,3 @@ key: '2983d45yun89q',
 
-                var header = Browser.client.header(4, 'POST', { credentials: credentials, timestamp: 1353809207, nonce: 'Ygvqdz', payload: 'something to write about', contentType: 'text/plain' });
+                const header = Browser.client.header(4, 'POST', { credentials: credentials, timestamp: 1353809207, nonce: 'Ygvqdz', payload: 'something to write about', contentType: 'text/plain' });
                 expect(header.field).to.equal('');
@@ -948,5 +937,5 @@ expect(header.err).to.equal('Invalid argument type');
 
-            it('errors on missing method', function (done) {
+            it('errors on missing method', (done) => {
 
-                var credentials = {
+                const credentials = {
                     id: '123456',
@@ -957,3 +946,3 @@ key: '2983d45yun89q',
 
-                var header = Browser.client.header('https://example.net/somewhere/over/the/rainbow', '', { credentials: credentials, timestamp: 1353809207, nonce: 'Ygvqdz', payload: 'something to write about', contentType: 'text/plain' });
+                const header = Browser.client.header('https://example.net/somewhere/over/the/rainbow', '', { credentials: credentials, timestamp: 1353809207, nonce: 'Ygvqdz', payload: 'something to write about', contentType: 'text/plain' });
                 expect(header.field).to.equal('');
@@ -964,5 +953,5 @@ expect(header.err).to.equal('Invalid argument type');
 
-            it('errors on invalid method', function (done) {
+            it('errors on invalid method', (done) => {
 
-                var credentials = {
+                const credentials = {
                     id: '123456',
@@ -973,3 +962,3 @@ key: '2983d45yun89q',
 
-                var header = Browser.client.header('https://example.net/somewhere/over/the/rainbow', 5, { credentials: credentials, timestamp: 1353809207, nonce: 'Ygvqdz', payload: 'something to write about', contentType: 'text/plain' });
+                const header = Browser.client.header('https://example.net/somewhere/over/the/rainbow', 5, { credentials: credentials, timestamp: 1353809207, nonce: 'Ygvqdz', payload: 'something to write about', contentType: 'text/plain' });
                 expect(header.field).to.equal('');
@@ -980,5 +969,5 @@ expect(header.err).to.equal('Invalid argument type');
 
-            it('errors on missing credentials', function (done) {
+            it('errors on missing credentials', (done) => {
 
-                var header = Browser.client.header('https://example.net/somewhere/over/the/rainbow', 'POST', { ext: 'Bazinga!', timestamp: 1353809207 });
+                const header = Browser.client.header('https://example.net/somewhere/over/the/rainbow', 'POST', { ext: 'Bazinga!', timestamp: 1353809207 });
                 expect(header.field).to.equal('');
@@ -989,5 +978,5 @@ expect(header.err).to.equal('Invalid credentials object');
 
-            it('errors on invalid credentials (id)', function (done) {
+            it('errors on invalid credentials (id)', (done) => {
 
-                var credentials = {
+                const credentials = {
                     key: '2983d45yun89q',
@@ -997,3 +986,3 @@ algorithm: 'sha256'
 
-                var header = Browser.client.header('https://example.net/somewhere/over/the/rainbow', 'POST', { credentials: credentials, ext: 'Bazinga!', timestamp: 1353809207 });
+                const header = Browser.client.header('https://example.net/somewhere/over/the/rainbow', 'POST', { credentials: credentials, ext: 'Bazinga!', timestamp: 1353809207 });
                 expect(header.field).to.equal('');
@@ -1004,5 +993,5 @@ expect(header.err).to.equal('Invalid credentials object');
 
-            it('errors on invalid credentials (key)', function (done) {
+            it('errors on invalid credentials (key)', (done) => {
 
-                var credentials = {
+                const credentials = {
                     id: '123456',
@@ -1012,3 +1001,3 @@ algorithm: 'sha256'
 
-                var header = Browser.client.header('https://example.net/somewhere/over/the/rainbow', 'POST', { credentials: credentials, ext: 'Bazinga!', timestamp: 1353809207 });
+                const header = Browser.client.header('https://example.net/somewhere/over/the/rainbow', 'POST', { credentials: credentials, ext: 'Bazinga!', timestamp: 1353809207 });
                 expect(header.field).to.equal('');
@@ -1019,5 +1008,5 @@ expect(header.err).to.equal('Invalid credentials object');
 
-            it('errors on invalid algorithm', function (done) {
+            it('errors on invalid algorithm', (done) => {
 
-                var credentials = {
+                const credentials = {
                     id: '123456',
@@ -1028,3 +1017,3 @@ key: '2983d45yun89q',
 
-                var header = Browser.client.header('https://example.net/somewhere/over/the/rainbow', 'POST', { credentials: credentials, payload: 'something, anything!', ext: 'Bazinga!', timestamp: 1353809207 });
+                const header = Browser.client.header('https://example.net/somewhere/over/the/rainbow', 'POST', { credentials: credentials, payload: 'something, anything!', ext: 'Bazinga!', timestamp: 1353809207 });
                 expect(header.field).to.equal('');
@@ -1035,5 +1024,5 @@ expect(header.err).to.equal('Unknown algorithm');
 
-            it('uses a pre-calculated payload hash', function (done) {
+            it('uses a pre-calculated payload hash', (done) => {
 
-                var credentials = {
+                const credentials = {
                     id: '123456',
@@ -1044,5 +1033,5 @@ key: '2983d45yun89q',
 
-                var options = { credentials: credentials, ext: 'Bazinga!', timestamp: 1353809207, nonce: 'Ygvqdz', payload: 'something to write about', contentType: 'text/plain' };
+                const options = { credentials: credentials, ext: 'Bazinga!', timestamp: 1353809207, nonce: 'Ygvqdz', payload: 'something to write about', contentType: 'text/plain' };
                 options.hash = Browser.crypto.calculatePayloadHash(options.payload, credentials.algorithm, options.contentType);
-                var header = Browser.client.header('https://example.net/somewhere/over/the/rainbow', 'POST', options).field;
+                const header = Browser.client.header('https://example.net/somewhere/over/the/rainbow', 'POST', options).field;
                 expect(header).to.equal('Hawk id="123456", ts="1353809207", nonce="Ygvqdz", hash="2QfCt3GuY9HQnHWyWD3wX68ZOKbynqlfYmuO2ZBRqtY=", ext="Bazinga!", mac="q1CwFoSHzPZSkbIvl0oYlD+91rBUEvFk763nMjMndj8="');
@@ -1053,7 +1042,7 @@ done();
 
-        describe('authenticate()', function () {
+        describe('authenticate()', () => {
 
-            it('skips tsm validation when missing ts', function (done) {
+            it('skips tsm validation when missing ts', (done) => {
 
-                var res = {
+                const res = {
                     headers: {
@@ -1068,3 +1057,3 @@ 'www-authenticate': 'Hawk error="Stale timestamp"'
 
-                var credentials = {
+                const credentials = {
                     id: '123456',
@@ -1076,3 +1065,3 @@ key: 'werxhqb98rpaxn39848xrunpaw3489ruxnpa98w4rxn',
 
-                var artifacts = {
+                const artifacts = {
                     ts: 1402135580,
@@ -1091,5 +1080,5 @@ nonce: 'iBRB6t',
 
-            it('returns false on invalid header', function (done) {
+            it('returns false on invalid header', (done) => {
 
-                var res = {
+                const res = {
                     headers: {
@@ -1108,5 +1097,5 @@ 'server-authorization': 'Hawk mac="abc", bad="xyz"'
 
-            it('returns false on invalid mac', function (done) {
+            it('returns false on invalid mac', (done) => {
 
-                var res = {
+                const res = {
                     headers: {
@@ -1122,3 +1111,3 @@ 'content-type': 'text/plain',
 
-                var artifacts = {
+                const artifacts = {
                     method: 'POST',
@@ -1138,3 +1127,3 @@ host: 'example.com',
 
-                var credentials = {
+                const credentials = {
                     id: '123456',
@@ -1150,5 +1139,5 @@ key: 'werxhqb98rpaxn39848xrunpaw3489ruxnpa98w4rxn',
 
-            it('returns true on ignoring hash', function (done) {
+            it('returns true on ignoring hash', (done) => {
 
-                var res = {
+                const res = {
                     headers: {
@@ -1164,3 +1153,3 @@ 'content-type': 'text/plain',
 
-                var artifacts = {
+                const artifacts = {
                     method: 'POST',
@@ -1180,3 +1169,3 @@ host: 'example.com',
 
-                var credentials = {
+                const credentials = {
                     id: '123456',
@@ -1192,5 +1181,5 @@ key: 'werxhqb98rpaxn39848xrunpaw3489ruxnpa98w4rxn',
 
-            it('errors on invalid WWW-Authenticate header format', function (done) {
+            it('errors on invalid WWW-Authenticate header format', (done) => {
 
-                var res = {
+                const res = {
                     headers: {
@@ -1209,5 +1198,5 @@ 'www-authenticate': 'Hawk ts="1362346425875", tsm="PhwayS28vtnn3qbv0mqRBYSXebN/zggEtucfeZ620Zo=", x="Stale timestamp"'
 
-            it('errors on invalid WWW-Authenticate header format', function (done) {
+            it('errors on invalid WWW-Authenticate header format', (done) => {
 
-                var credentials = {
+                const credentials = {
                     id: '123456',
@@ -1219,3 +1208,3 @@ key: 'werxhqb98rpaxn39848xrunpaw3489ruxnpa98w4rxn',
 
-                var res = {
+                const res = {
                     headers: {
@@ -1235,12 +1224,12 @@ 'www-authenticate': 'Hawk ts="1362346425875", tsm="hwayS28vtnn3qbv0mqRBYSXebN/zggEtucfeZ620Zo=", error="Stale timestamp"'
 
-        describe('message()', function () {
+        describe('message()', () => {
 
-            it('generates an authorization then successfully parse it', function (done) {
+            it('generates an authorization then successfully parse it', (done) => {
 
-                credentialsFunc('123456', function (err, credentials1) {
+                credentialsFunc('123456', (err, credentials1) => {
 
-                    var auth = Browser.client.message('example.com', 8080, 'some message', { credentials: credentials1 });
+                    const auth = Browser.client.message('example.com', 8080, 'some message', { credentials: credentials1 });
                     expect(auth).to.exist();
 
-                    Hawk.server.authenticateMessage('example.com', 8080, 'some message', auth, credentialsFunc, {}, function (err, credentials2) {
+                    Hawk.server.authenticateMessage('example.com', 8080, 'some message', auth, credentialsFunc, {}, (err, credentials2) => {
 
@@ -1254,7 +1243,7 @@ expect(err).to.not.exist();
 
-            it('generates an authorization using custom nonce/timestamp', function (done) {
+            it('generates an authorization using custom nonce/timestamp', (done) => {
 
-                credentialsFunc('123456', function (err, credentials) {
+                credentialsFunc('123456', (err, credentials) => {
 
-                    var auth = Browser.client.message('example.com', 8080, 'some message', { credentials: credentials, nonce: 'abc123', timestamp: 1398536270957 });
+                    const auth = Browser.client.message('example.com', 8080, 'some message', { credentials: credentials, nonce: 'abc123', timestamp: 1398536270957 });
                     expect(auth).to.exist();
@@ -1267,7 +1256,7 @@ expect(auth.nonce).to.equal('abc123');
 
-            it('errors on missing host', function (done) {
+            it('errors on missing host', (done) => {
 
-                credentialsFunc('123456', function (err, credentials) {
+                credentialsFunc('123456', (err, credentials) => {
 
-                    var auth = Browser.client.message(null, 8080, 'some message', { credentials: credentials });
+                    const auth = Browser.client.message(null, 8080, 'some message', { credentials: credentials });
                     expect(auth).to.not.exist();
@@ -1278,7 +1267,7 @@ done();
 
-            it('errors on invalid host', function (done) {
+            it('errors on invalid host', (done) => {
 
-                credentialsFunc('123456', function (err, credentials) {
+                credentialsFunc('123456', (err, credentials) => {
 
-                    var auth = Browser.client.message(5, 8080, 'some message', { credentials: credentials });
+                    const auth = Browser.client.message(5, 8080, 'some message', { credentials: credentials });
                     expect(auth).to.not.exist();
@@ -1289,7 +1278,7 @@ done();
 
-            it('errors on missing port', function (done) {
+            it('errors on missing port', (done) => {
 
-                credentialsFunc('123456', function (err, credentials) {
+                credentialsFunc('123456', (err, credentials) => {
 
-                    var auth = Browser.client.message('example.com', 0, 'some message', { credentials: credentials });
+                    const auth = Browser.client.message('example.com', 0, 'some message', { credentials: credentials });
                     expect(auth).to.not.exist();
@@ -1300,7 +1289,7 @@ done();
 
-            it('errors on invalid port', function (done) {
+            it('errors on invalid port', (done) => {
 
-                credentialsFunc('123456', function (err, credentials) {
+                credentialsFunc('123456', (err, credentials) => {
 
-                    var auth = Browser.client.message('example.com', 'a', 'some message', { credentials: credentials });
+                    const auth = Browser.client.message('example.com', 'a', 'some message', { credentials: credentials });
                     expect(auth).to.not.exist();
@@ -1311,7 +1300,7 @@ done();
 
-            it('errors on missing message', function (done) {
+            it('errors on missing message', (done) => {
 
-                credentialsFunc('123456', function (err, credentials) {
+                credentialsFunc('123456', (err, credentials) => {
 
-                    var auth = Browser.client.message('example.com', 8080, undefined, { credentials: credentials });
+                    const auth = Browser.client.message('example.com', 8080, undefined, { credentials: credentials });
                     expect(auth).to.not.exist();
@@ -1322,7 +1311,7 @@ done();
 
-            it('errors on null message', function (done) {
+            it('errors on null message', (done) => {
 
-                credentialsFunc('123456', function (err, credentials) {
+                credentialsFunc('123456', (err, credentials) => {
 
-                    var auth = Browser.client.message('example.com', 8080, null, { credentials: credentials });
+                    const auth = Browser.client.message('example.com', 8080, null, { credentials: credentials });
                     expect(auth).to.not.exist();
@@ -1333,7 +1322,7 @@ done();
 
-            it('errors on invalid message', function (done) {
+            it('errors on invalid message', (done) => {
 
-                credentialsFunc('123456', function (err, credentials) {
+                credentialsFunc('123456', (err, credentials) => {
 
-                    var auth = Browser.client.message('example.com', 8080, 5, { credentials: credentials });
+                    const auth = Browser.client.message('example.com', 8080, 5, { credentials: credentials });
                     expect(auth).to.not.exist();
@@ -1344,5 +1333,5 @@ done();
 
-            it('errors on missing credentials', function (done) {
+            it('errors on missing credentials', (done) => {
 
-                var auth = Browser.client.message('example.com', 8080, 'some message', {});
+                const auth = Browser.client.message('example.com', 8080, 'some message', {});
                 expect(auth).to.not.exist();
@@ -1352,5 +1341,5 @@ done();
 
-            it('errors on missing options', function (done) {
+            it('errors on missing options', (done) => {
 
-                var auth = Browser.client.message('example.com', 8080, 'some message');
+                const auth = Browser.client.message('example.com', 8080, 'some message');
                 expect(auth).to.not.exist();
@@ -1360,9 +1349,9 @@ done();
 
-            it('errors on invalid credentials (id)', function (done) {
+            it('errors on invalid credentials (id)', (done) => {
 
-                credentialsFunc('123456', function (err, credentials) {
+                credentialsFunc('123456', (err, credentials) => {
 
-                    var creds = Hoek.clone(credentials);
+                    const creds = Hoek.clone(credentials);
                     delete creds.id;
-                    var auth = Browser.client.message('example.com', 8080, 'some message', { credentials: creds });
+                    const auth = Browser.client.message('example.com', 8080, 'some message', { credentials: creds });
                     expect(auth).to.not.exist();
@@ -1373,9 +1362,9 @@ done();
 
-            it('errors on invalid credentials (key)', function (done) {
+            it('errors on invalid credentials (key)', (done) => {
 
-                credentialsFunc('123456', function (err, credentials) {
+                credentialsFunc('123456', (err, credentials) => {
 
-                    var creds = Hoek.clone(credentials);
+                    const creds = Hoek.clone(credentials);
                     delete creds.key;
-                    var auth = Browser.client.message('example.com', 8080, 'some message', { credentials: creds });
+                    const auth = Browser.client.message('example.com', 8080, 'some message', { credentials: creds });
                     expect(auth).to.not.exist();
@@ -1386,9 +1375,9 @@ done();
 
-            it('errors on invalid algorithm', function (done) {
+            it('errors on invalid algorithm', (done) => {
 
-                credentialsFunc('123456', function (err, credentials) {
+                credentialsFunc('123456', (err, credentials) => {
 
-                    var creds = Hoek.clone(credentials);
+                    const creds = Hoek.clone(credentials);
                     creds.algorithm = 'blah';
-                    var auth = Browser.client.message('example.com', 8080, 'some message', { credentials: creds });
+                    const auth = Browser.client.message('example.com', 8080, 'some message', { credentials: creds });
                     expect(auth).to.not.exist();
@@ -1400,9 +1389,9 @@ done();
 
-        describe('authenticateTimestamp()', function (done) {
+        describe('authenticateTimestamp()', (done) => {
 
-            it('validates a timestamp', function (done) {
+            it('validates a timestamp', (done) => {
 
-                credentialsFunc('123456', function (err, credentials) {
+                credentialsFunc('123456', (err, credentials) => {
 
-                    var tsm = Hawk.crypto.timestampMessage(credentials);
+                    const tsm = Hawk.crypto.timestampMessage(credentials);
                     expect(Browser.client.authenticateTimestamp(tsm, credentials)).to.equal(true);
@@ -1413,8 +1402,8 @@ done();
 
-            it('validates a timestamp without updating local time', function (done) {
+            it('validates a timestamp without updating local time', (done) => {
 
-                credentialsFunc('123456', function (err, credentials) {
+                credentialsFunc('123456', (err, credentials) => {
 
-                    var offset = Browser.utils.getNtpOffset();
-                    var tsm = Hawk.crypto.timestampMessage(credentials, 10000);
+                    const offset = Browser.utils.getNtpOffset();
+                    const tsm = Hawk.crypto.timestampMessage(credentials, 10000);
                     expect(Browser.client.authenticateTimestamp(tsm, credentials, false)).to.equal(true);
@@ -1426,7 +1415,7 @@ expect(offset).to.equal(Browser.utils.getNtpOffset());
 
-            it('detects a bad timestamp', function (done) {
+            it('detects a bad timestamp', (done) => {
 
-                credentialsFunc('123456', function (err, credentials) {
+                credentialsFunc('123456', (err, credentials) => {
 
-                    var tsm = Hawk.crypto.timestampMessage(credentials);
+                    const tsm = Hawk.crypto.timestampMessage(credentials);
                     tsm.ts = 4;
@@ -1440,9 +1429,9 @@ expect(Browser.client.authenticateTimestamp(tsm, credentials)).to.equal(false);
 
-    describe('internals', function () {
+    describe('internals', () => {
 
-        describe('LocalStorage', function () {
+        describe('LocalStorage', () => {
 
-            it('goes through the full lifecycle', function (done) {
+            it('goes through the full lifecycle', (done) => {
 
-                var storage = new Browser.internals.LocalStorage();
+                const storage = new Browser.internals.LocalStorage();
                 expect(storage.length).to.equal(0);
@@ -1474,7 +1463,7 @@ expect(storage.getItem('a')).to.equal(null);
 
-    describe('utils', function () {
+    describe('utils', () => {
 
-        describe('setStorage()', function () {
+        describe('setStorage()', () => {
 
-            it('sets storage for the first time', function (done) {
+            it('sets storage for the first time', (done) => {
 
@@ -1493,9 +1482,9 @@ Browser.utils.storage = new Browser.internals.LocalStorage();        // Reset state
 
-        describe('setNtpOffset()', function (done) {
+        describe('setNtpOffset()', (done) => {
 
-            it('catches localStorage errors', { parallel: false }, function (done) {
+            it('catches localStorage errors', { parallel: false }, (done) => {
 
-                var orig = Browser.utils.storage.setItem;
-                var consoleOrig = console.error;
-                var count = 0;
+                const orig = Browser.utils.storage.setItem;
+                const consoleOrig = console.error;
+                let count = 0;
                 console.error = function () {
@@ -1515,3 +1504,3 @@
 
-                expect(function () {
+                expect(() => {
 
@@ -1525,5 +1514,5 @@ Browser.utils.setNtpOffset(100);
 
-        describe('parseAuthorizationHeader()', function (done) {
+        describe('parseAuthorizationHeader()', (done) => {
 
-            it('returns null on missing header', function (done) {
+            it('returns null on missing header', (done) => {
 
@@ -1534,3 +1523,3 @@ expect(Browser.utils.parseAuthorizationHeader()).to.equal(null);
 
-            it('returns null on bad header syntax (structure)', function (done) {
+            it('returns null on bad header syntax (structure)', (done) => {
 
@@ -1541,3 +1530,3 @@ expect(Browser.utils.parseAuthorizationHeader('Hawk')).to.equal(null);
 
-            it('returns null on bad header syntax (parts)', function (done) {
+            it('returns null on bad header syntax (parts)', (done) => {
 
@@ -1548,3 +1537,3 @@ expect(Browser.utils.parseAuthorizationHeader(' ')).to.equal(null);
 
-            it('returns null on bad scheme name', function (done) {
+            it('returns null on bad scheme name', (done) => {
 
@@ -1555,3 +1544,3 @@ expect(Browser.utils.parseAuthorizationHeader('Basic asdasd')).to.equal(null);
 
-            it('returns null on bad attribute value', function (done) {
+            it('returns null on bad attribute value', (done) => {
 
@@ -1562,3 +1551,3 @@ expect(Browser.utils.parseAuthorizationHeader('Hawk test="\t"', ['test'])).to.equal(null);
 
-            it('returns null on duplicated attribute', function (done) {
+            it('returns null on duplicated attribute', (done) => {
 
@@ -1570,7 +1559,7 @@ expect(Browser.utils.parseAuthorizationHeader('Hawk test="a", test="b"', ['test'])).to.equal(null);
 
-        describe('parseUri()', function () {
+        describe('parseUri()', () => {
 
-            it('returns empty object on invalid', function (done) {
+            it('returns empty object on invalid', (done) => {
 
-                var uri = Browser.utils.parseUri('ftp');
+                const uri = Browser.utils.parseUri('ftp');
                 expect(uri).to.deep.equal({ host: '', port: '', resource: '' });
@@ -1580,5 +1569,5 @@ done();
 
-            it('returns empty port when unknown scheme', function (done) {
+            it('returns empty port when unknown scheme', (done) => {
 
-                var uri = Browser.utils.parseUri('ftp://example.com');
+                const uri = Browser.utils.parseUri('ftp://example.com');
                 expect(uri.port).to.equal('');
@@ -1588,5 +1577,5 @@ done();
 
-            it('returns default port when missing', function (done) {
+            it('returns default port when missing', (done) => {
 
-                var uri = Browser.utils.parseUri('http://example.com');
+                const uri = Browser.utils.parseUri('http://example.com');
                 expect(uri.port).to.equal('80');
@@ -1596,5 +1585,5 @@ done();
 
-            it('handles unusual characters correctly', function (done) {
+            it('handles unusual characters correctly', (done) => {
 
-                var parts = {
+                const parts = {
                     protocol: 'http+vnd.my-extension',
@@ -1616,3 +1605,3 @@ user: 'user!$&\'()*+,;=%40my-domain.com',
 
-                var uri = Browser.utils.parseUri(parts.source);
+                const uri = Browser.utils.parseUri(parts.source);
                 expect(uri.host).to.equal('foo-bar.com');
@@ -1625,8 +1614,8 @@ expect(uri.port).to.equal('99');
 
-        var str = 'https://www.google.ca/webhp?sourceid=chrome-instant&ion=1&espv=2&ie=UTF-8#q=url';
-        var base64str = 'aHR0cHM6Ly93d3cuZ29vZ2xlLmNhL3dlYmhwP3NvdXJjZWlkPWNocm9tZS1pbnN0YW50Jmlvbj0xJmVzcHY9MiZpZT1VVEYtOCNxPXVybA';
+        const str = 'https://www.google.ca/webhp?sourceid=chrome-instant&ion=1&espv=2&ie=UTF-8#q=url';
+        const base64str = 'aHR0cHM6Ly93d3cuZ29vZ2xlLmNhL3dlYmhwP3NvdXJjZWlkPWNocm9tZS1pbnN0YW50Jmlvbj0xJmVzcHY9MiZpZT1VVEYtOCNxPXVybA';
 
-        describe('base64urlEncode()', function () {
+        describe('base64urlEncode()', () => {
 
-            it('should base64 URL-safe decode a string', function (done) {
+            it('should base64 URL-safe decode a string', (done) => {
 
@@ -1633,0 +1622,0 @@ expect(Browser.utils.base64urlEncode(str)).to.equal(base64str);

test/client.js

@@ -0,7 +1,8 @@
+'use strict';
+
 // Load modules
 
-var Url = require('url');
-var Code = require('code');
-var Hawk = require('../lib');
-var Lab = require('lab');
+const Code = require('code');
+const Hawk = require('../lib');
+const Lab = require('lab');
 
@@ -11,3 +12,3 @@
 
-var internals = {};
+const internals = {};
 
@@ -17,15 +18,15 @@
 
-var lab = exports.lab = Lab.script();
-var describe = lab.experiment;
-var it = lab.test;
-var expect = Code.expect;
+const lab = exports.lab = Lab.script();
+const describe = lab.experiment;
+const it = lab.test;
+const expect = Code.expect;
 
 
-describe('Client', function () {
+describe('Client', () => {
 
-    describe('header()', function () {
+    describe('header()', () => {
 
-        it('returns a valid authorization header (sha1)', function (done) {
+        it('returns a valid authorization header (sha1)', (done) => {
 
-            var credentials = {
+            const credentials = {
                 id: '123456',
@@ -36,3 +37,3 @@ key: '2983d45yun89q',
 
-            var header = Hawk.client.header('http://example.net/somewhere/over/the/rainbow', 'POST', { credentials: credentials, ext: 'Bazinga!', timestamp: 1353809207, nonce: 'Ygvqdz', payload: 'something to write about' }).field;
+            const header = Hawk.client.header('http://example.net/somewhere/over/the/rainbow', 'POST', { credentials: credentials, ext: 'Bazinga!', timestamp: 1353809207, nonce: 'Ygvqdz', payload: 'something to write about' }).field;
             expect(header).to.equal('Hawk id="123456", ts="1353809207", nonce="Ygvqdz", hash="bsvY3IfUllw6V5rvk4tStEvpBhE=", ext="Bazinga!", mac="qbf1ZPG/r/e06F4ht+T77LXi5vw="');
@@ -42,5 +43,5 @@ done();
 
-        it('returns a valid authorization header (sha256)', function (done) {
+        it('returns a valid authorization header (sha256)', (done) => {
 
-            var credentials = {
+            const credentials = {
                 id: '123456',
@@ -51,3 +52,3 @@ key: '2983d45yun89q',
 
-            var header = Hawk.client.header('https://example.net/somewhere/over/the/rainbow', 'POST', { credentials: credentials, ext: 'Bazinga!', timestamp: 1353809207, nonce: 'Ygvqdz', payload: 'something to write about', contentType: 'text/plain' }).field;
+            const header = Hawk.client.header('https://example.net/somewhere/over/the/rainbow', 'POST', { credentials: credentials, ext: 'Bazinga!', timestamp: 1353809207, nonce: 'Ygvqdz', payload: 'something to write about', contentType: 'text/plain' }).field;
             expect(header).to.equal('Hawk id="123456", ts="1353809207", nonce="Ygvqdz", hash="2QfCt3GuY9HQnHWyWD3wX68ZOKbynqlfYmuO2ZBRqtY=", ext="Bazinga!", mac="q1CwFoSHzPZSkbIvl0oYlD+91rBUEvFk763nMjMndj8="');
@@ -57,5 +58,5 @@ done();
 
-        it('returns a valid authorization header (no ext)', function (done) {
+        it('returns a valid authorization header (no ext)', (done) => {
 
-            var credentials = {
+            const credentials = {
                 id: '123456',
@@ -66,3 +67,3 @@ key: '2983d45yun89q',
 
-            var header = Hawk.client.header('https://example.net/somewhere/over/the/rainbow', 'POST', { credentials: credentials, timestamp: 1353809207, nonce: 'Ygvqdz', payload: 'something to write about', contentType: 'text/plain' }).field;
+            const header = Hawk.client.header('https://example.net/somewhere/over/the/rainbow', 'POST', { credentials: credentials, timestamp: 1353809207, nonce: 'Ygvqdz', payload: 'something to write about', contentType: 'text/plain' }).field;
             expect(header).to.equal('Hawk id="123456", ts="1353809207", nonce="Ygvqdz", hash="2QfCt3GuY9HQnHWyWD3wX68ZOKbynqlfYmuO2ZBRqtY=", mac="HTgtd0jPI6E4izx8e4OHdO36q00xFCU0FolNq3RiCYs="');
@@ -72,5 +73,5 @@ done();
 
-        it('returns a valid authorization header (null ext)', function (done) {
+        it('returns a valid authorization header (null ext)', (done) => {
 
-            var credentials = {
+            const credentials = {
                 id: '123456',
@@ -81,3 +82,3 @@ key: '2983d45yun89q',
 
-            var header = Hawk.client.header('https://example.net/somewhere/over/the/rainbow', 'POST', { credentials: credentials, timestamp: 1353809207, nonce: 'Ygvqdz', payload: 'something to write about', contentType: 'text/plain', ext: null }).field;
+            const header = Hawk.client.header('https://example.net/somewhere/over/the/rainbow', 'POST', { credentials: credentials, timestamp: 1353809207, nonce: 'Ygvqdz', payload: 'something to write about', contentType: 'text/plain', ext: null }).field;
             expect(header).to.equal('Hawk id="123456", ts="1353809207", nonce="Ygvqdz", hash="2QfCt3GuY9HQnHWyWD3wX68ZOKbynqlfYmuO2ZBRqtY=", mac="HTgtd0jPI6E4izx8e4OHdO36q00xFCU0FolNq3RiCYs="');
@@ -87,5 +88,5 @@ done();
 
-        it('returns a valid authorization header (empty payload)', function (done) {
+        it('returns a valid authorization header (empty payload)', (done) => {
 
-            var credentials = {
+            const credentials = {
                 id: '123456',
@@ -96,3 +97,3 @@ key: '2983d45yun89q',
 
-            var header = Hawk.client.header('https://example.net/somewhere/over/the/rainbow', 'POST', { credentials: credentials, timestamp: 1353809207, nonce: 'Ygvqdz', payload: '', contentType: 'text/plain' }).field;
+            const header = Hawk.client.header('https://example.net/somewhere/over/the/rainbow', 'POST', { credentials: credentials, timestamp: 1353809207, nonce: 'Ygvqdz', payload: '', contentType: 'text/plain' }).field;
             expect(header).to.equal('Hawk id=\"123456\", ts=\"1353809207\", nonce=\"Ygvqdz\", hash=\"q/t+NNAkQZNlq/aAD6PlexImwQTxwgT2MahfTa9XRLA=\", mac=\"U5k16YEzn3UnBHKeBzsDXn067Gu3R4YaY6xOt9PYRZM=\"');
@@ -102,5 +103,5 @@ done();
 
-        it('returns a valid authorization header (pre hashed payload)', function (done) {
+        it('returns a valid authorization header (pre hashed payload)', (done) => {
 
-            var credentials = {
+            const credentials = {
                 id: '123456',
@@ -111,5 +112,5 @@ key: '2983d45yun89q',
 
-            var options = { credentials: credentials, timestamp: 1353809207, nonce: 'Ygvqdz', payload: 'something to write about', contentType: 'text/plain' };
+            const options = { credentials: credentials, timestamp: 1353809207, nonce: 'Ygvqdz', payload: 'something to write about', contentType: 'text/plain' };
             options.hash = Hawk.crypto.calculatePayloadHash(options.payload, credentials.algorithm, options.contentType);
-            var header = Hawk.client.header('https://example.net/somewhere/over/the/rainbow', 'POST', options).field;
+            const header = Hawk.client.header('https://example.net/somewhere/over/the/rainbow', 'POST', options).field;
             expect(header).to.equal('Hawk id="123456", ts="1353809207", nonce="Ygvqdz", hash="2QfCt3GuY9HQnHWyWD3wX68ZOKbynqlfYmuO2ZBRqtY=", mac="HTgtd0jPI6E4izx8e4OHdO36q00xFCU0FolNq3RiCYs="');
@@ -119,5 +120,5 @@ done();
 
-        it('errors on missing uri', function (done) {
+        it('errors on missing uri', (done) => {
 
-            var header = Hawk.client.header('', 'POST');
+            const header = Hawk.client.header('', 'POST');
             expect(header.field).to.equal('');
@@ -128,5 +129,5 @@ expect(header.err).to.equal('Invalid argument type');
 
-        it('errors on invalid uri', function (done) {
+        it('errors on invalid uri', (done) => {
 
-            var header = Hawk.client.header(4, 'POST');
+            const header = Hawk.client.header(4, 'POST');
             expect(header.field).to.equal('');
@@ -137,5 +138,5 @@ expect(header.err).to.equal('Invalid argument type');
 
-        it('errors on missing method', function (done) {
+        it('errors on missing method', (done) => {
 
-            var header = Hawk.client.header('https://example.net/somewhere/over/the/rainbow', '');
+            const header = Hawk.client.header('https://example.net/somewhere/over/the/rainbow', '');
             expect(header.field).to.equal('');
@@ -146,5 +147,5 @@ expect(header.err).to.equal('Invalid argument type');
 
-        it('errors on invalid method', function (done) {
+        it('errors on invalid method', (done) => {
 
-            var header = Hawk.client.header('https://example.net/somewhere/over/the/rainbow', 5);
+            const header = Hawk.client.header('https://example.net/somewhere/over/the/rainbow', 5);
             expect(header.field).to.equal('');
@@ -155,5 +156,5 @@ expect(header.err).to.equal('Invalid argument type');
 
-        it('errors on missing options', function (done) {
+        it('errors on missing options', (done) => {
 
-            var header = Hawk.client.header('https://example.net/somewhere/over/the/rainbow', 'POST');
+            const header = Hawk.client.header('https://example.net/somewhere/over/the/rainbow', 'POST');
             expect(header.field).to.equal('');
@@ -164,5 +165,5 @@ expect(header.err).to.equal('Invalid argument type');
 
-        it('errors on invalid credentials (id)', function (done) {
+        it('errors on invalid credentials (id)', (done) => {
 
-            var credentials = {
+            const credentials = {
                 key: '2983d45yun89q',
@@ -172,3 +173,3 @@ algorithm: 'sha256'
 
-            var header = Hawk.client.header('https://example.net/somewhere/over/the/rainbow', 'POST', { credentials: credentials, ext: 'Bazinga!', timestamp: 1353809207 });
+            const header = Hawk.client.header('https://example.net/somewhere/over/the/rainbow', 'POST', { credentials: credentials, ext: 'Bazinga!', timestamp: 1353809207 });
             expect(header.field).to.equal('');
@@ -179,5 +180,5 @@ expect(header.err).to.equal('Invalid credential object');
 
-        it('errors on missing credentials', function (done) {
+        it('errors on missing credentials', (done) => {
 
-            var header = Hawk.client.header('https://example.net/somewhere/over/the/rainbow', 'POST', { ext: 'Bazinga!', timestamp: 1353809207 });
+            const header = Hawk.client.header('https://example.net/somewhere/over/the/rainbow', 'POST', { ext: 'Bazinga!', timestamp: 1353809207 });
             expect(header.field).to.equal('');
@@ -188,5 +189,5 @@ expect(header.err).to.equal('Invalid credential object');
 
-        it('errors on invalid credentials', function (done) {
+        it('errors on invalid credentials', (done) => {
 
-            var credentials = {
+            const credentials = {
                 id: '123456',
@@ -196,3 +197,3 @@ algorithm: 'sha256'
 
-            var header = Hawk.client.header('https://example.net/somewhere/over/the/rainbow', 'POST', { credentials: credentials, ext: 'Bazinga!', timestamp: 1353809207 });
+            const header = Hawk.client.header('https://example.net/somewhere/over/the/rainbow', 'POST', { credentials: credentials, ext: 'Bazinga!', timestamp: 1353809207 });
             expect(header.field).to.equal('');
@@ -203,5 +204,5 @@ expect(header.err).to.equal('Invalid credential object');
 
-        it('errors on invalid algorithm', function (done) {
+        it('errors on invalid algorithm', (done) => {
 
-            var credentials = {
+            const credentials = {
                 id: '123456',
@@ -212,3 +213,3 @@ key: '2983d45yun89q',
 
-            var header = Hawk.client.header('https://example.net/somewhere/over/the/rainbow', 'POST', { credentials: credentials, payload: 'something, anything!', ext: 'Bazinga!', timestamp: 1353809207 });
+            const header = Hawk.client.header('https://example.net/somewhere/over/the/rainbow', 'POST', { credentials: credentials, payload: 'something, anything!', ext: 'Bazinga!', timestamp: 1353809207 });
             expect(header.field).to.equal('');
@@ -220,7 +221,7 @@ expect(header.err).to.equal('Unknown algorithm');
 
-    describe('authenticate()', function () {
+    describe('authenticate()', () => {
 
-        it('returns false on invalid header', function (done) {
+        it('returns false on invalid header', (done) => {
 
-            var res = {
+            const res = {
                 headers: {
@@ -235,5 +236,5 @@ 'server-authorization': 'Hawk mac="abc", bad="xyz"'
 
-        it('returns false on invalid mac', function (done) {
+        it('returns false on invalid mac', (done) => {
 
-            var res = {
+            const res = {
                 headers: {
@@ -245,3 +246,3 @@ 'content-type': 'text/plain',
 
-            var artifacts = {
+            const artifacts = {
                 method: 'POST',
@@ -261,3 +262,3 @@ host: 'example.com',
 
-            var credentials = {
+            const credentials = {
                 id: '123456',
@@ -273,5 +274,5 @@ key: 'werxhqb98rpaxn39848xrunpaw3489ruxnpa98w4rxn',
 
-        it('returns true on ignoring hash', function (done) {
+        it('returns true on ignoring hash', (done) => {
 
-            var res = {
+            const res = {
                 headers: {
@@ -283,3 +284,3 @@ 'content-type': 'text/plain',
 
-            var artifacts = {
+            const artifacts = {
                 method: 'POST',
@@ -299,3 +300,3 @@ host: 'example.com',
 
-            var credentials = {
+            const credentials = {
                 id: '123456',
@@ -311,5 +312,5 @@ key: 'werxhqb98rpaxn39848xrunpaw3489ruxnpa98w4rxn',
 
-        it('fails on invalid WWW-Authenticate header format', function (done) {
+        it('fails on invalid WWW-Authenticate header format', (done) => {
 
-            var header = 'Hawk ts="1362346425875", tsm="PhwayS28vtnn3qbv0mqRBYSXebN/zggEtucfeZ620Zo=", x="Stale timestamp"';
+            const header = 'Hawk ts="1362346425875", tsm="PhwayS28vtnn3qbv0mqRBYSXebN/zggEtucfeZ620Zo=", x="Stale timestamp"';
             expect(Hawk.client.authenticate({ headers: { 'www-authenticate': header } }, {})).to.equal(false);
@@ -319,5 +320,5 @@ done();
 
-        it('fails on invalid WWW-Authenticate header format', function (done) {
+        it('fails on invalid WWW-Authenticate header format', (done) => {
 
-            var credentials = {
+            const credentials = {
                 id: '123456',
@@ -329,3 +330,3 @@ key: 'werxhqb98rpaxn39848xrunpaw3489ruxnpa98w4rxn',
 
-            var header = 'Hawk ts="1362346425875", tsm="hwayS28vtnn3qbv0mqRBYSXebN/zggEtucfeZ620Zo=", error="Stale timestamp"';
+            const header = 'Hawk ts="1362346425875", tsm="hwayS28vtnn3qbv0mqRBYSXebN/zggEtucfeZ620Zo=", error="Stale timestamp"';
             expect(Hawk.client.authenticate({ headers: { 'www-authenticate': header } }, credentials)).to.equal(false);
@@ -335,5 +336,5 @@ done();
 
-        it('skips tsm validation when missing ts', function (done) {
+        it('skips tsm validation when missing ts', (done) => {
 
-            var header = 'Hawk error="Stale timestamp"';
+            const header = 'Hawk error="Stale timestamp"';
             expect(Hawk.client.authenticate({ headers: { 'www-authenticate': header } }, {})).to.equal(true);
@@ -344,7 +345,7 @@ done();
 
-    describe('message()', function () {
+    describe('message()', () => {
 
-        it('generates authorization', function (done) {
+        it('generates authorization', (done) => {
 
-            var credentials = {
+            const credentials = {
                 id: '123456',
@@ -355,3 +356,3 @@ key: '2983d45yun89q',
 
-            var auth = Hawk.client.message('example.com', 80, 'I am the boodyman', { credentials: credentials, timestamp: 1353809207, nonce: 'abc123' });
+            const auth = Hawk.client.message('example.com', 80, 'I am the boodyman', { credentials: credentials, timestamp: 1353809207, nonce: 'abc123' });
             expect(auth).to.exist();
@@ -363,5 +364,5 @@ expect(auth.ts).to.equal(1353809207);
 
-        it('errors on invalid host', function (done) {
+        it('errors on invalid host', (done) => {
 
-            var credentials = {
+            const credentials = {
                 id: '123456',
@@ -372,3 +373,3 @@ key: '2983d45yun89q',
 
-            var auth = Hawk.client.message(5, 80, 'I am the boodyman', { credentials: credentials, timestamp: 1353809207, nonce: 'abc123' });
+            const auth = Hawk.client.message(5, 80, 'I am the boodyman', { credentials: credentials, timestamp: 1353809207, nonce: 'abc123' });
             expect(auth).to.not.exist();
@@ -378,5 +379,5 @@ done();
 
-        it('errors on invalid port', function (done) {
+        it('errors on invalid port', (done) => {
 
-            var credentials = {
+            const credentials = {
                 id: '123456',
@@ -387,3 +388,3 @@ key: '2983d45yun89q',
 
-            var auth = Hawk.client.message('example.com', '80', 'I am the boodyman', { credentials: credentials, timestamp: 1353809207, nonce: 'abc123' });
+            const auth = Hawk.client.message('example.com', '80', 'I am the boodyman', { credentials: credentials, timestamp: 1353809207, nonce: 'abc123' });
             expect(auth).to.not.exist();
@@ -393,5 +394,5 @@ done();
 
-        it('errors on missing host', function (done) {
+        it('errors on missing host', (done) => {
 
-            var credentials = {
+            const credentials = {
                 id: '123456',
@@ -402,3 +403,3 @@ key: '2983d45yun89q',
 
-            var auth = Hawk.client.message('example.com', 0, 'I am the boodyman', { credentials: credentials, timestamp: 1353809207, nonce: 'abc123' });
+            const auth = Hawk.client.message('example.com', 0, 'I am the boodyman', { credentials: credentials, timestamp: 1353809207, nonce: 'abc123' });
             expect(auth).to.not.exist();
@@ -408,5 +409,5 @@ done();
 
-        it('errors on null message', function (done) {
+        it('errors on null message', (done) => {
 
-            var credentials = {
+            const credentials = {
                 id: '123456',
@@ -417,3 +418,3 @@ key: '2983d45yun89q',
 
-            var auth = Hawk.client.message('example.com', 80, null, { credentials: credentials, timestamp: 1353809207, nonce: 'abc123' });
+            const auth = Hawk.client.message('example.com', 80, null, { credentials: credentials, timestamp: 1353809207, nonce: 'abc123' });
             expect(auth).to.not.exist();
@@ -423,5 +424,5 @@ done();
 
-        it('errors on missing message', function (done) {
+        it('errors on missing message', (done) => {
 
-            var credentials = {
+            const credentials = {
                 id: '123456',
@@ -432,3 +433,3 @@ key: '2983d45yun89q',
 
-            var auth = Hawk.client.message('example.com', 80, undefined, { credentials: credentials, timestamp: 1353809207, nonce: 'abc123' });
+            const auth = Hawk.client.message('example.com', 80, undefined, { credentials: credentials, timestamp: 1353809207, nonce: 'abc123' });
             expect(auth).to.not.exist();
@@ -438,5 +439,5 @@ done();
 
-        it('errors on invalid message', function (done) {
+        it('errors on invalid message', (done) => {
 
-            var credentials = {
+            const credentials = {
                 id: '123456',
@@ -447,3 +448,3 @@ key: '2983d45yun89q',
 
-            var auth = Hawk.client.message('example.com', 80, 5, { credentials: credentials, timestamp: 1353809207, nonce: 'abc123' });
+            const auth = Hawk.client.message('example.com', 80, 5, { credentials: credentials, timestamp: 1353809207, nonce: 'abc123' });
             expect(auth).to.not.exist();
@@ -453,11 +454,5 @@ done();
 
-        it('errors on missing options', function (done) {
+        it('errors on missing options', (done) => {
 
-            var credentials = {
-                id: '123456',
-                key: '2983d45yun89q',
-                algorithm: 'sha1'
-            };
-
-            var auth = Hawk.client.message('example.com', 80, 'I am the boodyman');
+            const auth = Hawk.client.message('example.com', 80, 'I am the boodyman');
             expect(auth).to.not.exist();
@@ -467,5 +462,5 @@ done();
 
-        it('errors on invalid credentials (id)', function (done) {
+        it('errors on invalid credentials (id)', (done) => {
 
-            var credentials = {
+            const credentials = {
                 key: '2983d45yun89q',
@@ -475,3 +470,3 @@ algorithm: 'sha1'
 
-            var auth = Hawk.client.message('example.com', 80, 'I am the boodyman', { credentials: credentials, timestamp: 1353809207, nonce: 'abc123' });
+            const auth = Hawk.client.message('example.com', 80, 'I am the boodyman', { credentials: credentials, timestamp: 1353809207, nonce: 'abc123' });
             expect(auth).to.not.exist();
@@ -481,5 +476,5 @@ done();
 
-        it('errors on invalid credentials (key)', function (done) {
+        it('errors on invalid credentials (key)', (done) => {
 
-            var credentials = {
+            const credentials = {
                 id: '123456',
@@ -489,3 +484,3 @@ algorithm: 'sha1'
 
-            var auth = Hawk.client.message('example.com', 80, 'I am the boodyman', { credentials: credentials, timestamp: 1353809207, nonce: 'abc123' });
+            const auth = Hawk.client.message('example.com', 80, 'I am the boodyman', { credentials: credentials, timestamp: 1353809207, nonce: 'abc123' });
             expect(auth).to.not.exist();
@@ -492,0 +487,0 @@ done();

test/crypto.js

@@ -0,6 +1,8 @@
+'use strict';
+
 // Load modules
 
-var Code = require('code');
-var Hawk = require('../lib');
-var Lab = require('lab');
+const Code = require('code');
+const Hawk = require('../lib');
+const Lab = require('lab');
 
@@ -10,3 +12,3 @@
 
-var internals = {};
+const internals = {};
 
@@ -16,13 +18,13 @@
 
-var lab = exports.lab = Lab.script();
-var describe = lab.experiment;
-var it = lab.test;
-var expect = Code.expect;
+const lab = exports.lab = Lab.script();
+const describe = lab.experiment;
+const it = lab.test;
+const expect = Code.expect;
 
 
-describe('Crypto', function () {
+describe('Crypto', () => {
 
-    describe('generateNormalizedString()', function () {
+    describe('generateNormalizedString()', () => {
 
-        it('should return a valid normalized string', function (done) {
+        it('should return a valid normalized string', (done) => {
 
@@ -41,3 +43,3 @@ expect(Hawk.crypto.generateNormalizedString('header', {
 
-        it('should return a valid normalized string (ext)', function (done) {
+        it('should return a valid normalized string (ext)', (done) => {
 
@@ -57,3 +59,3 @@ expect(Hawk.crypto.generateNormalizedString('header', {
 
-        it('should return a valid normalized string (payload + ext)', function (done) {
+        it('should return a valid normalized string (payload + ext)', (done) => {
 
@@ -60,0 +62,0 @@ expect(Hawk.crypto.generateNormalizedString('header', {

test/index.js

@@ -0,7 +1,9 @@
+'use strict';
+
 // Load modules
 
-var Url = require('url');
-var Code = require('code');
-var Hawk = require('../lib');
-var Lab = require('lab');
+const Url = require('url');
+const Code = require('code');
+const Hawk = require('../lib');
+const Lab = require('lab');
 
@@ -11,3 +13,3 @@
 
-var internals = {};
+const internals = {};
 
@@ -17,13 +19,13 @@
 
-var lab = exports.lab = Lab.script();
-var describe = lab.experiment;
-var it = lab.test;
-var expect = Code.expect;
+const lab = exports.lab = Lab.script();
+const describe = lab.experiment;
+const it = lab.test;
+const expect = Code.expect;
 
 
-describe('Hawk', function () {
+describe('Hawk', () => {
 
-    var credentialsFunc = function (id, callback) {
+    const credentialsFunc = function (id, callback) {
 
-        var credentials = {
+        const credentials = {
             id: id,
@@ -38,5 +40,5 @@ key: 'werxhqb98rpaxn39848xrunpaw3489ruxnpa98w4rxn',
 
-    it('generates a header then successfully parse it (configuration)', function (done) {
+    it('generates a header then successfully parse it (configuration)', (done) => {
 
-        var req = {
+        const req = {
             method: 'GET',
@@ -48,3 +50,3 @@ url: '/resource/4?filter=a',
 
-        credentialsFunc('123456', function (err, credentials1) {
+        credentialsFunc('123456', (err, credentials1) => {
 
@@ -54,3 +56,3 @@ req.authorization = Hawk.client.header(Url.parse('http://example.com:8080/resource/4?filter=a'), req.method, { credentials: credentials1, ext: 'some-app-data' }).field;
 
-            Hawk.server.authenticate(req, credentialsFunc, {}, function (err, credentials2, artifacts) {
+            Hawk.server.authenticate(req, credentialsFunc, {}, (err, credentials2, artifacts) => {
 
@@ -65,5 +67,5 @@ expect(err).to.not.exist();
 
-    it('generates a header then successfully parse it (node request)', function (done) {
+    it('generates a header then successfully parse it (node request)', (done) => {
 
-        var req = {
+        const req = {
             method: 'POST',
@@ -77,10 +79,10 @@ url: '/resource/4?filter=a',
 
-        var payload = 'some not so random text';
+        const payload = 'some not so random text';
 
-        credentialsFunc('123456', function (err, credentials1) {
+        credentialsFunc('123456', (err, credentials1) => {
 
-            var reqHeader = Hawk.client.header('http://example.com:8080/resource/4?filter=a', req.method, { credentials: credentials1, ext: 'some-app-data', payload: payload, contentType: req.headers['content-type'] });
+            const reqHeader = Hawk.client.header('http://example.com:8080/resource/4?filter=a', req.method, { credentials: credentials1, ext: 'some-app-data', payload: payload, contentType: req.headers['content-type'] });
             req.headers.authorization = reqHeader.field;
 
-            Hawk.server.authenticate(req, credentialsFunc, {}, function (err, credentials2, artifacts) {
+            Hawk.server.authenticate(req, credentialsFunc, {}, (err, credentials2, artifacts) => {
 
@@ -92,3 +94,3 @@ expect(err).to.not.exist();
 
-                var res = {
+                const res = {
                     headers: {
@@ -108,5 +110,5 @@ 'content-type': 'text/plain'
 
-    it('generates a header then successfully parse it (absolute request uri)', function (done) {
+    it('generates a header then successfully parse it (absolute request uri)', (done) => {
 
-        var req = {
+        const req = {
             method: 'POST',
@@ -120,10 +122,10 @@ url: 'http://example.com:8080/resource/4?filter=a',
 
-        var payload = 'some not so random text';
+        const payload = 'some not so random text';
 
-        credentialsFunc('123456', function (err, credentials1) {
+        credentialsFunc('123456', (err, credentials1) => {
 
-            var reqHeader = Hawk.client.header('http://example.com:8080/resource/4?filter=a', req.method, { credentials: credentials1, ext: 'some-app-data', payload: payload, contentType: req.headers['content-type'] });
+            const reqHeader = Hawk.client.header('http://example.com:8080/resource/4?filter=a', req.method, { credentials: credentials1, ext: 'some-app-data', payload: payload, contentType: req.headers['content-type'] });
             req.headers.authorization = reqHeader.field;
 
-            Hawk.server.authenticate(req, credentialsFunc, {}, function (err, credentials2, artifacts) {
+            Hawk.server.authenticate(req, credentialsFunc, {}, (err, credentials2, artifacts) => {
 
@@ -135,3 +137,3 @@ expect(err).to.not.exist();
 
-                var res = {
+                const res = {
                     headers: {
@@ -151,5 +153,5 @@ 'content-type': 'text/plain'
 
-    it('generates a header then successfully parse it (no server header options)', function (done) {
+    it('generates a header then successfully parse it (no server header options)', (done) => {
 
-        var req = {
+        const req = {
             method: 'POST',
@@ -163,10 +165,10 @@ url: '/resource/4?filter=a',
 
-        var payload = 'some not so random text';
+        const payload = 'some not so random text';
 
-        credentialsFunc('123456', function (err, credentials1) {
+        credentialsFunc('123456', (err, credentials1) => {
 
-            var reqHeader = Hawk.client.header('http://example.com:8080/resource/4?filter=a', req.method, { credentials: credentials1, ext: 'some-app-data', payload: payload, contentType: req.headers['content-type'] });
+            const reqHeader = Hawk.client.header('http://example.com:8080/resource/4?filter=a', req.method, { credentials: credentials1, ext: 'some-app-data', payload: payload, contentType: req.headers['content-type'] });
             req.headers.authorization = reqHeader.field;
 
-            Hawk.server.authenticate(req, credentialsFunc, {}, function (err, credentials2, artifacts) {
+            Hawk.server.authenticate(req, credentialsFunc, {}, (err, credentials2, artifacts) => {
 
@@ -178,3 +180,3 @@ expect(err).to.not.exist();
 
-                var res = {
+                const res = {
                     headers: {
@@ -194,5 +196,5 @@ 'content-type': 'text/plain'
 
-    it('generates a header then fails to parse it (missing server header hash)', function (done) {
+    it('generates a header then fails to parse it (missing server header hash)', (done) => {
 
-        var req = {
+        const req = {
             method: 'POST',
@@ -206,10 +208,10 @@ url: '/resource/4?filter=a',
 
-        var payload = 'some not so random text';
+        const payload = 'some not so random text';
 
-        credentialsFunc('123456', function (err, credentials1) {
+        credentialsFunc('123456', (err, credentials1) => {
 
-            var reqHeader = Hawk.client.header('http://example.com:8080/resource/4?filter=a', req.method, { credentials: credentials1, ext: 'some-app-data', payload: payload, contentType: req.headers['content-type'] });
+            const reqHeader = Hawk.client.header('http://example.com:8080/resource/4?filter=a', req.method, { credentials: credentials1, ext: 'some-app-data', payload: payload, contentType: req.headers['content-type'] });
             req.headers.authorization = reqHeader.field;
 
-            Hawk.server.authenticate(req, credentialsFunc, {}, function (err, credentials2, artifacts) {
+            Hawk.server.authenticate(req, credentialsFunc, {}, (err, credentials2, artifacts) => {
 
@@ -221,3 +223,3 @@ expect(err).to.not.exist();
 
-                var res = {
+                const res = {
                     headers: {
@@ -237,5 +239,5 @@ 'content-type': 'text/plain'
 
-    it('generates a header then successfully parse it (with hash)', function (done) {
+    it('generates a header then successfully parse it (with hash)', (done) => {
 
-        var req = {
+        const req = {
             method: 'GET',
@@ -247,6 +249,6 @@ url: '/resource/4?filter=a',
 
-        credentialsFunc('123456', function (err, credentials1) {
+        credentialsFunc('123456', (err, credentials1) => {
 
             req.authorization = Hawk.client.header('http://example.com:8080/resource/4?filter=a', req.method, { credentials: credentials1, payload: 'hola!', ext: 'some-app-data' }).field;
-            Hawk.server.authenticate(req, credentialsFunc, {}, function (err, credentials2, artifacts) {
+            Hawk.server.authenticate(req, credentialsFunc, {}, (err, credentials2, artifacts) => {
 
@@ -261,5 +263,5 @@ expect(err).to.not.exist();
 
-    it('generates a header then successfully parse it then validate payload', function (done) {
+    it('generates a header then successfully parse it then validate payload', (done) => {
 
-        var req = {
+        const req = {
             method: 'GET',
@@ -271,6 +273,6 @@ url: '/resource/4?filter=a',
 
-        credentialsFunc('123456', function (err, credentials1) {
+        credentialsFunc('123456', (err, credentials1) => {
 
             req.authorization = Hawk.client.header('http://example.com:8080/resource/4?filter=a', req.method, { credentials: credentials1, payload: 'hola!', ext: 'some-app-data' }).field;
-            Hawk.server.authenticate(req, credentialsFunc, {}, function (err, credentials2, artifacts) {
+            Hawk.server.authenticate(req, credentialsFunc, {}, (err, credentials2, artifacts) => {
 
@@ -287,5 +289,5 @@ expect(err).to.not.exist();
 
-    it('generates a header then successfully parses and validates payload', function (done) {
+    it('generates a header then successfully parses and validates payload', (done) => {
 
-        var req = {
+        const req = {
             method: 'GET',
@@ -297,6 +299,6 @@ url: '/resource/4?filter=a',
 
-        credentialsFunc('123456', function (err, credentials1) {
+        credentialsFunc('123456', (err, credentials1) => {
 
             req.authorization = Hawk.client.header('http://example.com:8080/resource/4?filter=a', req.method, { credentials: credentials1, payload: 'hola!', ext: 'some-app-data' }).field;
-            Hawk.server.authenticate(req, credentialsFunc, { payload: 'hola!' }, function (err, credentials2, artifacts) {
+            Hawk.server.authenticate(req, credentialsFunc, { payload: 'hola!' }, (err, credentials2, artifacts) => {
 
@@ -311,5 +313,5 @@ expect(err).to.not.exist();
 
-    it('generates a header then successfully parse it (app)', function (done) {
+    it('generates a header then successfully parse it (app)', (done) => {
 
-        var req = {
+        const req = {
             method: 'GET',
@@ -321,6 +323,6 @@ url: '/resource/4?filter=a',
 
-        credentialsFunc('123456', function (err, credentials1) {
+        credentialsFunc('123456', (err, credentials1) => {
 
             req.authorization = Hawk.client.header('http://example.com:8080/resource/4?filter=a', req.method, { credentials: credentials1, ext: 'some-app-data', app: 'asd23ased' }).field;
-            Hawk.server.authenticate(req, credentialsFunc, {}, function (err, credentials2, artifacts) {
+            Hawk.server.authenticate(req, credentialsFunc, {}, (err, credentials2, artifacts) => {
 
@@ -336,5 +338,5 @@ expect(err).to.not.exist();
 
-    it('generates a header then successfully parse it (app, dlg)', function (done) {
+    it('generates a header then successfully parse it (app, dlg)', (done) => {
 
-        var req = {
+        const req = {
             method: 'GET',
@@ -346,6 +348,6 @@ url: '/resource/4?filter=a',
 
-        credentialsFunc('123456', function (err, credentials1) {
+        credentialsFunc('123456', (err, credentials1) => {
 
             req.authorization = Hawk.client.header('http://example.com:8080/resource/4?filter=a', req.method, { credentials: credentials1, ext: 'some-app-data', app: 'asd23ased', dlg: '23434szr3q4d' }).field;
-            Hawk.server.authenticate(req, credentialsFunc, {}, function (err, credentials2, artifacts) {
+            Hawk.server.authenticate(req, credentialsFunc, {}, (err, credentials2, artifacts) => {
 
@@ -362,5 +364,5 @@ expect(err).to.not.exist();
 
-    it('generates a header then fail authentication due to bad hash', function (done) {
+    it('generates a header then fail authentication due to bad hash', (done) => {
 
-        var req = {
+        const req = {
             method: 'GET',
@@ -372,6 +374,6 @@ url: '/resource/4?filter=a',
 
-        credentialsFunc('123456', function (err, credentials1) {
+        credentialsFunc('123456', (err, credentials1) => {
 
             req.authorization = Hawk.client.header('http://example.com:8080/resource/4?filter=a', req.method, { credentials: credentials1, payload: 'hola!', ext: 'some-app-data' }).field;
-            Hawk.server.authenticate(req, credentialsFunc, { payload: 'byebye!' }, function (err, credentials2, artifacts) {
+            Hawk.server.authenticate(req, credentialsFunc, { payload: 'byebye!' }, (err, credentials2, artifacts) => {
 
@@ -385,5 +387,5 @@ expect(err).to.exist();
 
-    it('generates a header for one resource then fail to authenticate another', function (done) {
+    it('generates a header for one resource then fail to authenticate another', (done) => {
 
-        var req = {
+        const req = {
             method: 'GET',
@@ -395,3 +397,3 @@ url: '/resource/4?filter=a',
 
-        credentialsFunc('123456', function (err, credentials1) {
+        credentialsFunc('123456', (err, credentials1) => {
 
@@ -401,3 +403,3 @@ req.authorization = Hawk.client.header('http://example.com:8080/resource/4?filter=a', req.method, { credentials: credentials1, ext: 'some-app-data' }).field;
 
-            Hawk.server.authenticate(req, credentialsFunc, {}, function (err, credentials2, artifacts) {
+            Hawk.server.authenticate(req, credentialsFunc, {}, (err, credentials2, artifacts) => {
 
@@ -404,0 +406,0 @@ expect(err).to.exist();

test/readme.js

@@ -0,7 +1,9 @@
+'use strict';
+
 // Load modules
 
-var Code = require('code');
-var Hawk = require('../lib');
-var Hoek = require('hoek');
-var Lab = require('lab');
+const Code = require('code');
+const Hawk = require('../lib');
+const Hoek = require('hoek');
+const Lab = require('lab');
 
@@ -11,3 +13,3 @@
 
-var internals = {};
+const internals = {};
 
@@ -17,13 +19,13 @@
 
-var lab = exports.lab = Lab.script();
-var describe = lab.experiment;
-var it = lab.test;
-var expect = Code.expect;
+const lab = exports.lab = Lab.script();
+const describe = lab.experiment;
+const it = lab.test;
+const expect = Code.expect;
 
 
-describe('README', function () {
+describe('README', () => {
 
-    describe('core', function () {
+    describe('core', () => {
 
-        var credentials = {
+        const credentials = {
             id: 'dh37fgj492je',
@@ -34,3 +36,3 @@ key: 'werxhqb98rpaxn39848xrunpaw3489ruxnpa98w4rxn',
 
-        var options = {
+        const options = {
             credentials: credentials,
@@ -42,5 +44,5 @@ timestamp: 1353832234,
 
-        it('should generate a header protocol example', function (done) {
+        it('should generate a header protocol example', (done) => {
 
-            var header = Hawk.client.header('http://example.com:8000/resource/1?b=1&a=2', 'GET', options).field;
+            const header = Hawk.client.header('http://example.com:8000/resource/1?b=1&a=2', 'GET', options).field;
 
@@ -51,5 +53,5 @@ expect(header).to.equal('Hawk id="dh37fgj492je", ts="1353832234", nonce="j4h3g2", ext="some-app-ext-data", mac="6R4rV5iE+NPoym+WwjeHzjAGXUtLNIxmo1vpMofpLAE="');
 
-        it('should generate a normalized string protocol example', function (done) {
+        it('should generate a normalized string protocol example', (done) => {
 
-            var normalized = Hawk.crypto.generateNormalizedString('header', {
+            const normalized = Hawk.crypto.generateNormalizedString('header', {
                 credentials: credentials,
@@ -69,9 +71,9 @@ ts: options.timestamp,
 
-        var payloadOptions = Hoek.clone(options);
+        const payloadOptions = Hoek.clone(options);
         payloadOptions.payload = 'Thank you for flying Hawk';
         payloadOptions.contentType = 'text/plain';
 
-        it('should generate a header protocol example (with payload)', function (done) {
+        it('should generate a header protocol example (with payload)', (done) => {
 
-            var header = Hawk.client.header('http://example.com:8000/resource/1?b=1&a=2', 'POST', payloadOptions).field;
+            const header = Hawk.client.header('http://example.com:8000/resource/1?b=1&a=2', 'POST', payloadOptions).field;
 
@@ -82,5 +84,5 @@ expect(header).to.equal('Hawk id="dh37fgj492je", ts="1353832234", nonce="j4h3g2", hash="Yi9LfIIFRtBEPt74PVmbTF/xVAwPn7ub15ePICfgnuY=", ext="some-app-ext-data", mac="aSe1DERmZuRl3pI36/9BdZmnErTw3sNzOOAUlfeKjVw="');
 
-        it('should generate a normalized string protocol example (with payload)', function (done) {
+        it('should generate a normalized string protocol example (with payload)', (done) => {
 
-            var normalized = Hawk.crypto.generateNormalizedString('header', {
+            const normalized = Hawk.crypto.generateNormalizedString('header', {
                 credentials: credentials,
@@ -87,0 +89,0 @@ ts: options.timestamp,

test/server.js

@@ -0,8 +1,9 @@
+'use strict';
+
 // Load modules
 
-var Url = require('url');
-var Code = require('code');
-var Hawk = require('../lib');
-var Hoek = require('hoek');
-var Lab = require('lab');
+const Code = require('code');
+const Hawk = require('../lib');
+const Hoek = require('hoek');
+const Lab = require('lab');
 
@@ -12,3 +13,3 @@
 
-var internals = {};
+const internals = {};
 
@@ -18,13 +19,13 @@
 
-var lab = exports.lab = Lab.script();
-var describe = lab.experiment;
-var it = lab.test;
-var expect = Code.expect;
+const lab = exports.lab = Lab.script();
+const describe = lab.experiment;
+const it = lab.test;
+const expect = Code.expect;
 
 
-describe('Server', function () {
+describe('Server', () => {
 
-    var credentialsFunc = function (id, callback) {
+    const credentialsFunc = function (id, callback) {
 
-        var credentials = {
+        const credentials = {
             id: id,
@@ -39,7 +40,7 @@ key: 'werxhqb98rpaxn39848xrunpaw3489ruxnpa98w4rxn',
 
-    describe('authenticate()', function () {
+    describe('authenticate()', () => {
 
-        it('parses a valid authentication header (sha1)', function (done) {
+        it('parses a valid authentication header (sha1)', (done) => {
 
-            var req = {
+            const req = {
                 method: 'GET',
@@ -52,3 +53,3 @@ url: '/resource/4?filter=a',
 
-            Hawk.server.authenticate(req, credentialsFunc, { localtimeOffsetMsec: 1353788437000 - Hawk.utils.now() }, function (err, credentials, artifacts) {
+            Hawk.server.authenticate(req, credentialsFunc, { localtimeOffsetMsec: 1353788437000 - Hawk.utils.now() }, (err, credentials, artifacts) => {
 
@@ -61,5 +62,5 @@ expect(err).to.not.exist();
 
-        it('parses a valid authentication header (sha256)', function (done) {
+        it('parses a valid authentication header (sha256)', (done) => {
 
-            var req = {
+            const req = {
                 method: 'GET',
@@ -72,3 +73,3 @@ url: '/resource/1?b=1&a=2',
 
-            Hawk.server.authenticate(req, credentialsFunc, { localtimeOffsetMsec: 1353832234000 - Hawk.utils.now() }, function (err, credentials, artifacts) {
+            Hawk.server.authenticate(req, credentialsFunc, { localtimeOffsetMsec: 1353832234000 - Hawk.utils.now() }, (err, credentials, artifacts) => {
 
@@ -81,5 +82,5 @@ expect(err).to.not.exist();
 
-        it('parses a valid authentication header (host override)', function (done) {
+        it('parses a valid authentication header (host override)', (done) => {
 
-            var req = {
+            const req = {
                 method: 'GET',
@@ -93,3 +94,3 @@ url: '/resource/4?filter=a',
 
-            Hawk.server.authenticate(req, credentialsFunc, { host: 'example.com', localtimeOffsetMsec: 1353788437000 - Hawk.utils.now() }, function (err, credentials, artifacts) {
+            Hawk.server.authenticate(req, credentialsFunc, { host: 'example.com', localtimeOffsetMsec: 1353788437000 - Hawk.utils.now() }, (err, credentials, artifacts) => {
 
@@ -102,5 +103,5 @@ expect(err).to.not.exist();
 
-        it('parses a valid authentication header (host port override)', function (done) {
+        it('parses a valid authentication header (host port override)', (done) => {
 
-            var req = {
+            const req = {
                 method: 'GET',
@@ -114,3 +115,3 @@ url: '/resource/4?filter=a',
 
-            Hawk.server.authenticate(req, credentialsFunc, { host: 'example.com', port: 8080, localtimeOffsetMsec: 1353788437000 - Hawk.utils.now() }, function (err, credentials, artifacts) {
+            Hawk.server.authenticate(req, credentialsFunc, { host: 'example.com', port: 8080, localtimeOffsetMsec: 1353788437000 - Hawk.utils.now() }, (err, credentials, artifacts) => {
 
@@ -123,5 +124,5 @@ expect(err).to.not.exist();
 
-        it('parses a valid authentication header (POST with payload)', function (done) {
+        it('parses a valid authentication header (POST with payload)', (done) => {
 
-            var req = {
+            const req = {
                 method: 'POST',
@@ -134,3 +135,3 @@ url: '/resource/4?filter=a',
 
-            Hawk.server.authenticate(req, credentialsFunc, { localtimeOffsetMsec: 1357926341000 - Hawk.utils.now() }, function (err, credentials, artifacts) {
+            Hawk.server.authenticate(req, credentialsFunc, { localtimeOffsetMsec: 1357926341000 - Hawk.utils.now() }, (err, credentials, artifacts) => {
 
@@ -143,5 +144,5 @@ expect(err).to.not.exist();
 
-        it('errors on missing hash', function (done) {
+        it('errors on missing hash', (done) => {
 
-            var req = {
+            const req = {
                 method: 'GET',
@@ -154,3 +155,3 @@ url: '/resource/1?b=1&a=2',
 
-            Hawk.server.authenticate(req, credentialsFunc, { payload: 'body', localtimeOffsetMsec: 1353832234000 - Hawk.utils.now() }, function (err, credentials, artifacts) {
+            Hawk.server.authenticate(req, credentialsFunc, { payload: 'body', localtimeOffsetMsec: 1353832234000 - Hawk.utils.now() }, (err, credentials, artifacts) => {
 
@@ -163,5 +164,5 @@ expect(err).to.exist();
 
-        it('errors on a stale timestamp', function (done) {
+        it('errors on a stale timestamp', (done) => {
 
-            var req = {
+            const req = {
                 method: 'GET',
@@ -174,12 +175,12 @@ url: '/resource/4?filter=a',
 
-            Hawk.server.authenticate(req, credentialsFunc, {}, function (err, credentials, artifacts) {
+            Hawk.server.authenticate(req, credentialsFunc, {}, (err, credentials, artifacts) => {
 
                 expect(err).to.exist();
                 expect(err.output.payload.message).to.equal('Stale timestamp');
-                var header = err.output.headers['WWW-Authenticate'];
-                var ts = header.match(/^Hawk ts\=\"(\d+)\"\, tsm\=\"([^\"]+)\"\, error=\"Stale timestamp\"$/);
-                var now = Hawk.utils.now();
+                const header = err.output.headers['WWW-Authenticate'];
+                const ts = header.match(/^Hawk ts\=\"(\d+)\"\, tsm\=\"([^\"]+)\"\, error=\"Stale timestamp\"$/);
+                const now = Hawk.utils.now();
                 expect(parseInt(ts[1], 10) * 1000).to.be.within(now - 1000, now + 1000);
 
-                var res = {
+                const res = {
                     headers: {
@@ -195,5 +196,5 @@ 'www-authenticate': header
 
-        it('errors on a replay', function (done) {
+        it('errors on a replay', (done) => {
 
-            var req = {
+            const req = {
                 method: 'GET',
@@ -206,4 +207,4 @@ url: '/resource/4?filter=a',
 
-            var memoryCache = {};
-            var options = {
+            const memoryCache = {};
+            const options = {
                 localtimeOffsetMsec: 1353788437000 - Hawk.utils.now(),
@@ -221,3 +222,3 @@ nonceFunc: function (key, nonce, ts, callback) {
 
-            Hawk.server.authenticate(req, credentialsFunc, options, function (err, credentials1, artifacts1) {
+            Hawk.server.authenticate(req, credentialsFunc, options, (err, credentials1, artifacts1) => {
 
@@ -227,3 +228,3 @@ expect(err).to.not.exist();
 
-                Hawk.server.authenticate(req, credentialsFunc, options, function (err, credentials2, artifacts2) {
+                Hawk.server.authenticate(req, credentialsFunc, options, (err, credentials2, artifacts2) => {
 
@@ -237,5 +238,5 @@ expect(err).to.exist();
 
-        it('does not error on nonce collision if keys differ', function (done) {
+        it('does not error on nonce collision if keys differ', (done) => {
 
-            var reqSteve = {
+            const reqSteve = {
                 method: 'GET',
@@ -248,3 +249,3 @@ url: '/resource/4?filter=a',
 
-            var reqBob = {
+            const reqBob = {
                 method: 'GET',
@@ -257,5 +258,5 @@ url: '/resource/4?filter=a',
 
-            var credentialsFuncion = function (id, callback) {
+            const credentialsFuncion = function (id, callback) {
 
-                var credentials = {
+                const credentials = {
                     '123': {
@@ -278,4 +279,4 @@ id: id,
 
-            var memoryCache = {};
-            var options = {
+            const memoryCache = {};
+            const options = {
                 localtimeOffsetMsec: 1353788437000 - Hawk.utils.now(),
@@ -293,3 +294,3 @@ nonceFunc: function (key, nonce, ts, callback) {
 
-            Hawk.server.authenticate(reqSteve, credentialsFuncion, options, function (err, credentials1, artifacts1) {
+            Hawk.server.authenticate(reqSteve, credentialsFuncion, options, (err, credentials1, artifacts1) => {
 
@@ -299,3 +300,3 @@ expect(err).to.not.exist();
 
-                Hawk.server.authenticate(reqBob, credentialsFuncion, options, function (err, credentials2, artifacts2) {
+                Hawk.server.authenticate(reqBob, credentialsFuncion, options, (err, credentials2, artifacts2) => {
 
@@ -309,5 +310,5 @@ expect(err).to.not.exist();
 
-        it('errors on an invalid authentication header: wrong scheme', function (done) {
+        it('errors on an invalid authentication header: wrong scheme', (done) => {
 
-            var req = {
+            const req = {
                 method: 'GET',
@@ -320,3 +321,3 @@ url: '/resource/4?filter=a',
 
-            Hawk.server.authenticate(req, credentialsFunc, { localtimeOffsetMsec: 1353788437000 - Hawk.utils.now() }, function (err, credentials, artifacts) {
+            Hawk.server.authenticate(req, credentialsFunc, { localtimeOffsetMsec: 1353788437000 - Hawk.utils.now() }, (err, credentials, artifacts) => {
 
@@ -329,5 +330,5 @@ expect(err).to.exist();
 
-        it('errors on an invalid authentication header: no scheme', function (done) {
+        it('errors on an invalid authentication header: no scheme', (done) => {
 
-            var req = {
+            const req = {
                 method: 'GET',
@@ -340,3 +341,3 @@ url: '/resource/4?filter=a',
 
-            Hawk.server.authenticate(req, credentialsFunc, { localtimeOffsetMsec: 1353788437000 - Hawk.utils.now() }, function (err, credentials, artifacts) {
+            Hawk.server.authenticate(req, credentialsFunc, { localtimeOffsetMsec: 1353788437000 - Hawk.utils.now() }, (err, credentials, artifacts) => {
 
@@ -349,5 +350,5 @@ expect(err).to.exist();
 
-        it('errors on an missing authorization header', function (done) {
+        it('errors on an missing authorization header', (done) => {
 
-            var req = {
+            const req = {
                 method: 'GET',
@@ -359,3 +360,3 @@ url: '/resource/4?filter=a',
 
-            Hawk.server.authenticate(req, credentialsFunc, {}, function (err, credentials, artifacts) {
+            Hawk.server.authenticate(req, credentialsFunc, {}, (err, credentials, artifacts) => {
 
@@ -368,5 +369,5 @@ expect(err).to.exist();
 
-        it('errors on an missing host header', function (done) {
+        it('errors on an missing host header', (done) => {
 
-            var req = {
+            const req = {
                 method: 'GET',
@@ -379,3 +380,3 @@ url: '/resource/4?filter=a',
 
-            Hawk.server.authenticate(req, credentialsFunc, { localtimeOffsetMsec: 1353788437000 - Hawk.utils.now() }, function (err, credentials, artifacts) {
+            Hawk.server.authenticate(req, credentialsFunc, { localtimeOffsetMsec: 1353788437000 - Hawk.utils.now() }, (err, credentials, artifacts) => {
 
@@ -388,5 +389,5 @@ expect(err).to.exist();
 
-        it('errors on an missing authorization attribute (id)', function (done) {
+        it('errors on an missing authorization attribute (id)', (done) => {
 
-            var req = {
+            const req = {
                 method: 'GET',
@@ -399,3 +400,3 @@ url: '/resource/4?filter=a',
 
-            Hawk.server.authenticate(req, credentialsFunc, { localtimeOffsetMsec: 1353788437000 - Hawk.utils.now() }, function (err, credentials, artifacts) {
+            Hawk.server.authenticate(req, credentialsFunc, { localtimeOffsetMsec: 1353788437000 - Hawk.utils.now() }, (err, credentials, artifacts) => {
 
@@ -408,5 +409,5 @@ expect(err).to.exist();
 
-        it('errors on an missing authorization attribute (ts)', function (done) {
+        it('errors on an missing authorization attribute (ts)', (done) => {
 
-            var req = {
+            const req = {
                 method: 'GET',
@@ -419,3 +420,3 @@ url: '/resource/4?filter=a',
 
-            Hawk.server.authenticate(req, credentialsFunc, { localtimeOffsetMsec: 1353788437000 - Hawk.utils.now() }, function (err, credentials, artifacts) {
+            Hawk.server.authenticate(req, credentialsFunc, { localtimeOffsetMsec: 1353788437000 - Hawk.utils.now() }, (err, credentials, artifacts) => {
 
@@ -428,5 +429,5 @@ expect(err).to.exist();
 
-        it('errors on an missing authorization attribute (nonce)', function (done) {
+        it('errors on an missing authorization attribute (nonce)', (done) => {
 
-            var req = {
+            const req = {
                 method: 'GET',
@@ -439,3 +440,3 @@ url: '/resource/4?filter=a',
 
-            Hawk.server.authenticate(req, credentialsFunc, { localtimeOffsetMsec: 1353788437000 - Hawk.utils.now() }, function (err, credentials, artifacts) {
+            Hawk.server.authenticate(req, credentialsFunc, { localtimeOffsetMsec: 1353788437000 - Hawk.utils.now() }, (err, credentials, artifacts) => {
 
@@ -448,5 +449,5 @@ expect(err).to.exist();
 
-        it('errors on an missing authorization attribute (mac)', function (done) {
+        it('errors on an missing authorization attribute (mac)', (done) => {
 
-            var req = {
+            const req = {
                 method: 'GET',
@@ -459,3 +460,3 @@ url: '/resource/4?filter=a',
 
-            Hawk.server.authenticate(req, credentialsFunc, { localtimeOffsetMsec: 1353788437000 - Hawk.utils.now() }, function (err, credentials, artifacts) {
+            Hawk.server.authenticate(req, credentialsFunc, { localtimeOffsetMsec: 1353788437000 - Hawk.utils.now() }, (err, credentials, artifacts) => {
 
@@ -468,5 +469,5 @@ expect(err).to.exist();
 
-        it('errors on an unknown authorization attribute', function (done) {
+        it('errors on an unknown authorization attribute', (done) => {
 
-            var req = {
+            const req = {
                 method: 'GET',
@@ -479,3 +480,3 @@ url: '/resource/4?filter=a',
 
-            Hawk.server.authenticate(req, credentialsFunc, { localtimeOffsetMsec: 1353788437000 - Hawk.utils.now() }, function (err, credentials, artifacts) {
+            Hawk.server.authenticate(req, credentialsFunc, { localtimeOffsetMsec: 1353788437000 - Hawk.utils.now() }, (err, credentials, artifacts) => {
 
@@ -488,5 +489,5 @@ expect(err).to.exist();
 
-        it('errors on an bad authorization header format', function (done) {
+        it('errors on an bad authorization header format', (done) => {
 
-            var req = {
+            const req = {
                 method: 'GET',
@@ -499,3 +500,3 @@ url: '/resource/4?filter=a',
 
-            Hawk.server.authenticate(req, credentialsFunc, { localtimeOffsetMsec: 1353788437000 - Hawk.utils.now() }, function (err, credentials, artifacts) {
+            Hawk.server.authenticate(req, credentialsFunc, { localtimeOffsetMsec: 1353788437000 - Hawk.utils.now() }, (err, credentials, artifacts) => {
 
@@ -508,5 +509,5 @@ expect(err).to.exist();
 
-        it('errors on an bad authorization attribute value', function (done) {
+        it('errors on an bad authorization attribute value', (done) => {
 
-            var req = {
+            const req = {
                 method: 'GET',
@@ -519,3 +520,3 @@ url: '/resource/4?filter=a',
 
-            Hawk.server.authenticate(req, credentialsFunc, { localtimeOffsetMsec: 1353788437000 - Hawk.utils.now() }, function (err, credentials, artifacts) {
+            Hawk.server.authenticate(req, credentialsFunc, { localtimeOffsetMsec: 1353788437000 - Hawk.utils.now() }, (err, credentials, artifacts) => {
 
@@ -528,5 +529,5 @@ expect(err).to.exist();
 
-        it('errors on an empty authorization attribute value', function (done) {
+        it('errors on an empty authorization attribute value', (done) => {
 
-            var req = {
+            const req = {
                 method: 'GET',
@@ -539,3 +540,3 @@ url: '/resource/4?filter=a',
 
-            Hawk.server.authenticate(req, credentialsFunc, { localtimeOffsetMsec: 1353788437000 - Hawk.utils.now() }, function (err, credentials, artifacts) {
+            Hawk.server.authenticate(req, credentialsFunc, { localtimeOffsetMsec: 1353788437000 - Hawk.utils.now() }, (err, credentials, artifacts) => {
 
@@ -548,5 +549,5 @@ expect(err).to.exist();
 
-        it('errors on duplicated authorization attribute key', function (done) {
+        it('errors on duplicated authorization attribute key', (done) => {
 
-            var req = {
+            const req = {
                 method: 'GET',
@@ -559,3 +560,3 @@ url: '/resource/4?filter=a',
 
-            Hawk.server.authenticate(req, credentialsFunc, { localtimeOffsetMsec: 1353788437000 - Hawk.utils.now() }, function (err, credentials, artifacts) {
+            Hawk.server.authenticate(req, credentialsFunc, { localtimeOffsetMsec: 1353788437000 - Hawk.utils.now() }, (err, credentials, artifacts) => {
 
@@ -568,5 +569,5 @@ expect(err).to.exist();
 
-        it('errors on an invalid authorization header format', function (done) {
+        it('errors on an invalid authorization header format', (done) => {
 
-            var req = {
+            const req = {
                 method: 'GET',
@@ -579,3 +580,3 @@ url: '/resource/4?filter=a',
 
-            Hawk.server.authenticate(req, credentialsFunc, { localtimeOffsetMsec: 1353788437000 - Hawk.utils.now() }, function (err, credentials, artifacts) {
+            Hawk.server.authenticate(req, credentialsFunc, { localtimeOffsetMsec: 1353788437000 - Hawk.utils.now() }, (err, credentials, artifacts) => {
 
@@ -588,5 +589,5 @@ expect(err).to.exist();
 
-        it('errors on an bad host header (missing host)', function (done) {
+        it('errors on an bad host header (missing host)', (done) => {
 
-            var req = {
+            const req = {
                 method: 'GET',
@@ -600,3 +601,3 @@ url: '/resource/4?filter=a',
 
-            Hawk.server.authenticate(req, credentialsFunc, { localtimeOffsetMsec: 1353788437000 - Hawk.utils.now() }, function (err, credentials, artifacts) {
+            Hawk.server.authenticate(req, credentialsFunc, { localtimeOffsetMsec: 1353788437000 - Hawk.utils.now() }, (err, credentials, artifacts) => {
 
@@ -609,5 +610,5 @@ expect(err).to.exist();
 
-        it('errors on an bad host header (pad port)', function (done) {
+        it('errors on an bad host header (pad port)', (done) => {
 
-            var req = {
+            const req = {
                 method: 'GET',
@@ -621,3 +622,3 @@ url: '/resource/4?filter=a',
 
-            Hawk.server.authenticate(req, credentialsFunc, { localtimeOffsetMsec: 1353788437000 - Hawk.utils.now() }, function (err, credentials, artifacts) {
+            Hawk.server.authenticate(req, credentialsFunc, { localtimeOffsetMsec: 1353788437000 - Hawk.utils.now() }, (err, credentials, artifacts) => {
 
@@ -630,5 +631,5 @@ expect(err).to.exist();
 
-        it('errors on credentialsFunc error', function (done) {
+        it('errors on credentialsFunc error', (done) => {
 
-            var req = {
+            const req = {
                 method: 'GET',
@@ -641,3 +642,3 @@ url: '/resource/4?filter=a',
 
-            var credentialsFuncion = function (id, callback) {
+            const credentialsFuncion = function (id, callback) {
 
@@ -647,3 +648,3 @@ return callback(new Error('Unknown user'));
 
-            Hawk.server.authenticate(req, credentialsFuncion, { localtimeOffsetMsec: 1353788437000 - Hawk.utils.now() }, function (err, credentials, artifacts) {
+            Hawk.server.authenticate(req, credentialsFuncion, { localtimeOffsetMsec: 1353788437000 - Hawk.utils.now() }, (err, credentials, artifacts) => {
 
@@ -656,5 +657,5 @@ expect(err).to.exist();
 
-        it('errors on credentialsFunc error (with credentials)', function (done) {
+        it('errors on credentialsFunc error (with credentials)', (done) => {
 
-            var req = {
+            const req = {
                 method: 'GET',
@@ -667,3 +668,3 @@ url: '/resource/4?filter=a',
 
-            var credentialsFuncion = function (id, callback) {
+            const credentialsFuncion = function (id, callback) {
 
@@ -673,3 +674,3 @@ return callback(new Error('Unknown user'), { some: 'value' });
 
-            Hawk.server.authenticate(req, credentialsFuncion, { localtimeOffsetMsec: 1353788437000 - Hawk.utils.now() }, function (err, credentials, artifacts) {
+            Hawk.server.authenticate(req, credentialsFuncion, { localtimeOffsetMsec: 1353788437000 - Hawk.utils.now() }, (err, credentials, artifacts) => {
 
@@ -683,5 +684,5 @@ expect(err).to.exist();
 
-        it('errors on missing credentials', function (done) {
+        it('errors on missing credentials', (done) => {
 
-            var req = {
+            const req = {
                 method: 'GET',
@@ -694,3 +695,3 @@ url: '/resource/4?filter=a',
 
-            var credentialsFuncion = function (id, callback) {
+            const credentialsFuncion = function (id, callback) {
 
@@ -700,3 +701,3 @@ return callback(null, null);
 
-            Hawk.server.authenticate(req, credentialsFuncion, { localtimeOffsetMsec: 1353788437000 - Hawk.utils.now() }, function (err, credentials, artifacts) {
+            Hawk.server.authenticate(req, credentialsFuncion, { localtimeOffsetMsec: 1353788437000 - Hawk.utils.now() }, (err, credentials, artifacts) => {
 
@@ -709,5 +710,5 @@ expect(err).to.exist();
 
-        it('errors on invalid credentials (id)', function (done) {
+        it('errors on invalid credentials (id)', (done) => {
 
-            var req = {
+            const req = {
                 method: 'GET',
@@ -720,5 +721,5 @@ url: '/resource/4?filter=a',
 
-            var credentialsFuncion = function (id, callback) {
+            const credentialsFuncion = function (id, callback) {
 
-                var credentials = {
+                const credentials = {
                     key: 'werxhqb98rpaxn39848xrunpaw3489ruxnpa98w4rxn',
@@ -731,3 +732,3 @@ user: 'steve'
 
-            Hawk.server.authenticate(req, credentialsFuncion, { localtimeOffsetMsec: 1353788437000 - Hawk.utils.now() }, function (err, credentials, artifacts) {
+            Hawk.server.authenticate(req, credentialsFuncion, { localtimeOffsetMsec: 1353788437000 - Hawk.utils.now() }, (err, credentials, artifacts) => {
 
@@ -741,5 +742,5 @@ expect(err).to.exist();
 
-        it('errors on invalid credentials (key)', function (done) {
+        it('errors on invalid credentials (key)', (done) => {
 
-            var req = {
+            const req = {
                 method: 'GET',
@@ -752,5 +753,5 @@ url: '/resource/4?filter=a',
 
-            var credentialsFuncion = function (id, callback) {
+            const credentialsFuncion = function (id, callback) {
 
-                var credentials = {
+                const credentials = {
                     id: '23434d3q4d5345d',
@@ -763,3 +764,3 @@ user: 'steve'
 
-            Hawk.server.authenticate(req, credentialsFuncion, { localtimeOffsetMsec: 1353788437000 - Hawk.utils.now() }, function (err, credentials, artifacts) {
+            Hawk.server.authenticate(req, credentialsFuncion, { localtimeOffsetMsec: 1353788437000 - Hawk.utils.now() }, (err, credentials, artifacts) => {
 
@@ -773,5 +774,5 @@ expect(err).to.exist();
 
-        it('errors on unknown credentials algorithm', function (done) {
+        it('errors on unknown credentials algorithm', (done) => {
 
-            var req = {
+            const req = {
                 method: 'GET',
@@ -784,5 +785,5 @@ url: '/resource/4?filter=a',
 
-            var credentialsFuncion = function (id, callback) {
+            const credentialsFuncion = function (id, callback) {
 
-                var credentials = {
+                const credentials = {
                     key: 'werxhqb98rpaxn39848xrunpaw3489ruxnpa98w4rxn',
@@ -796,3 +797,3 @@ algorithm: 'hmac-sha-0',
 
-            Hawk.server.authenticate(req, credentialsFuncion, { localtimeOffsetMsec: 1353788437000 - Hawk.utils.now() }, function (err, credentials, artifacts) {
+            Hawk.server.authenticate(req, credentialsFuncion, { localtimeOffsetMsec: 1353788437000 - Hawk.utils.now() }, (err, credentials, artifacts) => {
 
@@ -806,5 +807,5 @@ expect(err).to.exist();
 
-        it('errors on unknown bad mac', function (done) {
+        it('errors on unknown bad mac', (done) => {
 
-            var req = {
+            const req = {
                 method: 'GET',
@@ -817,5 +818,5 @@ url: '/resource/4?filter=a',
 
-            var credentialsFuncion = function (id, callback) {
+            const credentialsFuncion = function (id, callback) {
 
-                var credentials = {
+                const credentials = {
                     key: 'werxhqb98rpaxn39848xrunpaw3489ruxnpa98w4rxn',
@@ -829,3 +830,3 @@ algorithm: 'sha256',
 
-            Hawk.server.authenticate(req, credentialsFuncion, { localtimeOffsetMsec: 1353788437000 - Hawk.utils.now() }, function (err, credentials, artifacts) {
+            Hawk.server.authenticate(req, credentialsFuncion, { localtimeOffsetMsec: 1353788437000 - Hawk.utils.now() }, (err, credentials, artifacts) => {
 
@@ -839,7 +840,7 @@ expect(err).to.exist();
 
-    describe('header()', function () {
+    describe('header()', () => {
 
-        it('generates header', function (done) {
+        it('generates header', (done) => {
 
-            var credentials = {
+            const credentials = {
                 id: '123456',
@@ -851,3 +852,3 @@ key: 'werxhqb98rpaxn39848xrunpaw3489ruxnpa98w4rxn',
 
-            var artifacts = {
+            const artifacts = {
                 method: 'POST',
@@ -865,3 +866,3 @@ host: 'example.com',
 
-            var header = Hawk.server.header(credentials, artifacts, { payload: 'some reply', contentType: 'text/plain', ext: 'response-specific' });
+            const header = Hawk.server.header(credentials, artifacts, { payload: 'some reply', contentType: 'text/plain', ext: 'response-specific' });
             expect(header).to.equal('Hawk mac=\"n14wVJK4cOxAytPUMc5bPezQzuJGl5n7MYXhFQgEKsE=\", hash=\"f9cDF/TDm7TkYRLnGwRMfeDzT6LixQVLvrIKhh0vgmM=\", ext=\"response-specific\"');
@@ -871,5 +872,5 @@ done();
 
-        it('generates header (empty payload)', function (done) {
+        it('generates header (empty payload)', (done) => {
 
-            var credentials = {
+            const credentials = {
                 id: '123456',
@@ -881,3 +882,3 @@ key: 'werxhqb98rpaxn39848xrunpaw3489ruxnpa98w4rxn',
 
-            var artifacts = {
+            const artifacts = {
                 method: 'POST',
@@ -895,3 +896,3 @@ host: 'example.com',
 
-            var header = Hawk.server.header(credentials, artifacts, { payload: '', contentType: 'text/plain', ext: 'response-specific' });
+            const header = Hawk.server.header(credentials, artifacts, { payload: '', contentType: 'text/plain', ext: 'response-specific' });
             expect(header).to.equal('Hawk mac=\"i8/kUBDx0QF+PpCtW860kkV/fa9dbwEoe/FpGUXowf0=\", hash=\"q/t+NNAkQZNlq/aAD6PlexImwQTxwgT2MahfTa9XRLA=\", ext=\"response-specific\"');
@@ -901,5 +902,5 @@ done();
 
-        it('generates header (pre calculated hash)', function (done) {
+        it('generates header (pre calculated hash)', (done) => {
 
-            var credentials = {
+            const credentials = {
                 id: '123456',
@@ -911,3 +912,3 @@ key: 'werxhqb98rpaxn39848xrunpaw3489ruxnpa98w4rxn',
 
-            var artifacts = {
+            const artifacts = {
                 method: 'POST',
@@ -925,5 +926,5 @@ host: 'example.com',
 
-            var options = { payload: 'some reply', contentType: 'text/plain', ext: 'response-specific' };
+            const options = { payload: 'some reply', contentType: 'text/plain', ext: 'response-specific' };
             options.hash = Hawk.crypto.calculatePayloadHash(options.payload, credentials.algorithm, options.contentType);
-            var header = Hawk.server.header(credentials, artifacts, options);
+            const header = Hawk.server.header(credentials, artifacts, options);
             expect(header).to.equal('Hawk mac=\"n14wVJK4cOxAytPUMc5bPezQzuJGl5n7MYXhFQgEKsE=\", hash=\"f9cDF/TDm7TkYRLnGwRMfeDzT6LixQVLvrIKhh0vgmM=\", ext=\"response-specific\"');
@@ -933,5 +934,5 @@ done();
 
-        it('generates header (null ext)', function (done) {
+        it('generates header (null ext)', (done) => {
 
-            var credentials = {
+            const credentials = {
                 id: '123456',
@@ -943,3 +944,3 @@ key: 'werxhqb98rpaxn39848xrunpaw3489ruxnpa98w4rxn',
 
-            var artifacts = {
+            const artifacts = {
                 method: 'POST',
@@ -956,3 +957,3 @@ host: 'example.com',
 
-            var header = Hawk.server.header(credentials, artifacts, { payload: 'some reply', contentType: 'text/plain', ext: null });
+            const header = Hawk.server.header(credentials, artifacts, { payload: 'some reply', contentType: 'text/plain', ext: null });
             expect(header).to.equal('Hawk mac=\"6PrybJTJs20jsgBw5eilXpcytD8kUbaIKNYXL+6g0ns=\", hash=\"f9cDF/TDm7TkYRLnGwRMfeDzT6LixQVLvrIKhh0vgmM=\"');
@@ -962,5 +963,5 @@ done();
 
-        it('errors on missing artifacts', function (done) {
+        it('errors on missing artifacts', (done) => {
 
-            var credentials = {
+            const credentials = {
                 id: '123456',
@@ -972,3 +973,3 @@ key: 'werxhqb98rpaxn39848xrunpaw3489ruxnpa98w4rxn',
 
-            var header = Hawk.server.header(credentials, null, { payload: 'some reply', contentType: 'text/plain', ext: 'response-specific' });
+            const header = Hawk.server.header(credentials, null, { payload: 'some reply', contentType: 'text/plain', ext: 'response-specific' });
             expect(header).to.equal('');
@@ -978,5 +979,5 @@ done();
 
-        it('errors on invalid artifacts', function (done) {
+        it('errors on invalid artifacts', (done) => {
 
-            var credentials = {
+            const credentials = {
                 id: '123456',
@@ -988,3 +989,3 @@ key: 'werxhqb98rpaxn39848xrunpaw3489ruxnpa98w4rxn',
 
-            var header = Hawk.server.header(credentials, 5, { payload: 'some reply', contentType: 'text/plain', ext: 'response-specific' });
+            const header = Hawk.server.header(credentials, 5, { payload: 'some reply', contentType: 'text/plain', ext: 'response-specific' });
             expect(header).to.equal('');
@@ -994,5 +995,5 @@ done();
 
-        it('errors on missing credentials', function (done) {
+        it('errors on missing credentials', (done) => {
 
-            var artifacts = {
+            const artifacts = {
                 method: 'POST',
@@ -1010,3 +1011,3 @@ host: 'example.com',
 
-            var header = Hawk.server.header(null, artifacts, { payload: 'some reply', contentType: 'text/plain', ext: 'response-specific' });
+            const header = Hawk.server.header(null, artifacts, { payload: 'some reply', contentType: 'text/plain', ext: 'response-specific' });
             expect(header).to.equal('');
@@ -1016,5 +1017,5 @@ done();
 
-        it('errors on invalid credentials (key)', function (done) {
+        it('errors on invalid credentials (key)', (done) => {
 
-            var credentials = {
+            const credentials = {
                 id: '123456',
@@ -1025,3 +1026,3 @@ algorithm: 'sha256',
 
-            var artifacts = {
+            const artifacts = {
                 method: 'POST',
@@ -1039,3 +1040,3 @@ host: 'example.com',
 
-            var header = Hawk.server.header(credentials, artifacts, { payload: 'some reply', contentType: 'text/plain', ext: 'response-specific' });
+            const header = Hawk.server.header(credentials, artifacts, { payload: 'some reply', contentType: 'text/plain', ext: 'response-specific' });
             expect(header).to.equal('');
@@ -1045,5 +1046,5 @@ done();
 
-        it('errors on invalid algorithm', function (done) {
+        it('errors on invalid algorithm', (done) => {
 
-            var credentials = {
+            const credentials = {
                 id: '123456',
@@ -1055,3 +1056,3 @@ key: 'werxhqb98rpaxn39848xrunpaw3489ruxnpa98w4rxn',
 
-            var artifacts = {
+            const artifacts = {
                 method: 'POST',
@@ -1069,3 +1070,3 @@ host: 'example.com',
 
-            var header = Hawk.server.header(credentials, artifacts, { payload: 'some reply', contentType: 'text/plain', ext: 'response-specific' });
+            const header = Hawk.server.header(credentials, artifacts, { payload: 'some reply', contentType: 'text/plain', ext: 'response-specific' });
             expect(header).to.equal('');
@@ -1076,12 +1077,12 @@ done();
 
-    describe('authenticateMessage()', function () {
+    describe('authenticateMessage()', () => {
 
-        it('errors on invalid authorization (ts)', function (done) {
+        it('errors on invalid authorization (ts)', (done) => {
 
-            credentialsFunc('123456', function (err, credentials1) {
+            credentialsFunc('123456', (err, credentials1) => {
 
-                var auth = Hawk.client.message('example.com', 8080, 'some message', { credentials: credentials1 });
+                const auth = Hawk.client.message('example.com', 8080, 'some message', { credentials: credentials1 });
                 delete auth.ts;
 
-                Hawk.server.authenticateMessage('example.com', 8080, 'some message', auth, credentialsFunc, {}, function (err, credentials2) {
+                Hawk.server.authenticateMessage('example.com', 8080, 'some message', auth, credentialsFunc, {}, (err, credentials2) => {
 
@@ -1095,10 +1096,10 @@ expect(err).to.exist();
 
-        it('errors on invalid authorization (nonce)', function (done) {
+        it('errors on invalid authorization (nonce)', (done) => {
 
-            credentialsFunc('123456', function (err, credentials1) {
+            credentialsFunc('123456', (err, credentials1) => {
 
-                var auth = Hawk.client.message('example.com', 8080, 'some message', { credentials: credentials1 });
+                const auth = Hawk.client.message('example.com', 8080, 'some message', { credentials: credentials1 });
                 delete auth.nonce;
 
-                Hawk.server.authenticateMessage('example.com', 8080, 'some message', auth, credentialsFunc, {}, function (err, credentials2) {
+                Hawk.server.authenticateMessage('example.com', 8080, 'some message', auth, credentialsFunc, {}, (err, credentials2) => {
 
@@ -1112,10 +1113,10 @@ expect(err).to.exist();
 
-        it('errors on invalid authorization (hash)', function (done) {
+        it('errors on invalid authorization (hash)', (done) => {
 
-            credentialsFunc('123456', function (err, credentials1) {
+            credentialsFunc('123456', (err, credentials1) => {
 
-                var auth = Hawk.client.message('example.com', 8080, 'some message', { credentials: credentials1 });
+                const auth = Hawk.client.message('example.com', 8080, 'some message', { credentials: credentials1 });
                 delete auth.hash;
 
-                Hawk.server.authenticateMessage('example.com', 8080, 'some message', auth, credentialsFunc, {}, function (err, credentials2) {
+                Hawk.server.authenticateMessage('example.com', 8080, 'some message', auth, credentialsFunc, {}, (err, credentials2) => {
 
@@ -1129,12 +1130,12 @@ expect(err).to.exist();
 
-        it('errors with credentials', function (done) {
+        it('errors with credentials', (done) => {
 
-            credentialsFunc('123456', function (err, credentials1) {
+            credentialsFunc('123456', (err, credentials1) => {
 
-                var auth = Hawk.client.message('example.com', 8080, 'some message', { credentials: credentials1 });
+                const auth = Hawk.client.message('example.com', 8080, 'some message', { credentials: credentials1 });
 
-                Hawk.server.authenticateMessage('example.com', 8080, 'some message', auth, function (id, callback) {
+                Hawk.server.authenticateMessage('example.com', 8080, 'some message', auth, (id, callback) => {
 
                     callback(new Error('something'), { some: 'value' });
-                }, {}, function (err, credentials2) {
+                }, {}, (err, credentials2) => {
 
@@ -1149,7 +1150,7 @@ expect(err).to.exist();
 
-        it('errors on nonce collision', function (done) {
+        it('errors on nonce collision', (done) => {
 
-            credentialsFunc('123456', function (err, credentials1) {
+            credentialsFunc('123456', (err, credentials1) => {
 
-                var auth = Hawk.client.message('example.com', 8080, 'some message', { credentials: credentials1 });
+                const auth = Hawk.client.message('example.com', 8080, 'some message', { credentials: credentials1 });
                 Hawk.server.authenticateMessage('example.com', 8080, 'some message', auth, credentialsFunc, {
@@ -1160,3 +1161,3 @@ nonceFunc: function (key, nonce, ts, nonceCallback) {
                     }
-                }, function (err, credentials2) {
+                }, (err, credentials2) => {
 
@@ -1170,10 +1171,10 @@ expect(err).to.exist();
 
-        it('should generate an authorization then successfully parse it', function (done) {
+        it('should generate an authorization then successfully parse it', (done) => {
 
-            credentialsFunc('123456', function (err, credentials1) {
+            credentialsFunc('123456', (err, credentials1) => {
 
-                var auth = Hawk.client.message('example.com', 8080, 'some message', { credentials: credentials1 });
+                const auth = Hawk.client.message('example.com', 8080, 'some message', { credentials: credentials1 });
                 expect(auth).to.exist();
 
-                Hawk.server.authenticateMessage('example.com', 8080, 'some message', auth, credentialsFunc, {}, function (err, credentials2) {
+                Hawk.server.authenticateMessage('example.com', 8080, 'some message', auth, credentialsFunc, {}, (err, credentials2) => {
 
@@ -1187,10 +1188,10 @@ expect(err).to.not.exist();
 
-        it('should fail authorization on mismatching host', function (done) {
+        it('should fail authorization on mismatching host', (done) => {
 
-            credentialsFunc('123456', function (err, credentials1) {
+            credentialsFunc('123456', (err, credentials1) => {
 
-                var auth = Hawk.client.message('example.com', 8080, 'some message', { credentials: credentials1 });
+                const auth = Hawk.client.message('example.com', 8080, 'some message', { credentials: credentials1 });
                 expect(auth).to.exist();
 
-                Hawk.server.authenticateMessage('example1.com', 8080, 'some message', auth, credentialsFunc, {}, function (err, credentials2) {
+                Hawk.server.authenticateMessage('example1.com', 8080, 'some message', auth, credentialsFunc, {}, (err, credentials2) => {
 
@@ -1204,10 +1205,10 @@ expect(err).to.exist();
 
-        it('should fail authorization on stale timestamp', function (done) {
+        it('should fail authorization on stale timestamp', (done) => {
 
-            credentialsFunc('123456', function (err, credentials1) {
+            credentialsFunc('123456', (err, credentials1) => {
 
-                var auth = Hawk.client.message('example.com', 8080, 'some message', { credentials: credentials1 });
+                const auth = Hawk.client.message('example.com', 8080, 'some message', { credentials: credentials1 });
                 expect(auth).to.exist();
 
-                Hawk.server.authenticateMessage('example.com', 8080, 'some message', auth, credentialsFunc, { localtimeOffsetMsec: 100000 }, function (err, credentials2) {
+                Hawk.server.authenticateMessage('example.com', 8080, 'some message', auth, credentialsFunc, { localtimeOffsetMsec: 100000 }, (err, credentials2) => {
 
@@ -1221,10 +1222,10 @@ expect(err).to.exist();
 
-        it('overrides timestampSkewSec', function (done) {
+        it('overrides timestampSkewSec', (done) => {
 
-            credentialsFunc('123456', function (err, credentials1) {
+            credentialsFunc('123456', (err, credentials1) => {
 
-                var auth = Hawk.client.message('example.com', 8080, 'some message', { credentials: credentials1, localtimeOffsetMsec: 100000 });
+                const auth = Hawk.client.message('example.com', 8080, 'some message', { credentials: credentials1, localtimeOffsetMsec: 100000 });
                 expect(auth).to.exist();
 
-                Hawk.server.authenticateMessage('example.com', 8080, 'some message', auth, credentialsFunc, { timestampSkewSec: 500 }, function (err, credentials2) {
+                Hawk.server.authenticateMessage('example.com', 8080, 'some message', auth, credentialsFunc, { timestampSkewSec: 500 }, (err, credentials2) => {
 
@@ -1237,11 +1238,11 @@ expect(err).to.not.exist();
 
-        it('should fail authorization on invalid authorization', function (done) {
+        it('should fail authorization on invalid authorization', (done) => {
 
-            credentialsFunc('123456', function (err, credentials1) {
+            credentialsFunc('123456', (err, credentials1) => {
 
-                var auth = Hawk.client.message('example.com', 8080, 'some message', { credentials: credentials1 });
+                const auth = Hawk.client.message('example.com', 8080, 'some message', { credentials: credentials1 });
                 expect(auth).to.exist();
                 delete auth.id;
 
-                Hawk.server.authenticateMessage('example.com', 8080, 'some message', auth, credentialsFunc, {}, function (err, credentials2) {
+                Hawk.server.authenticateMessage('example.com', 8080, 'some message', auth, credentialsFunc, {}, (err, credentials2) => {
 
@@ -1255,10 +1256,10 @@ expect(err).to.exist();
 
-        it('should fail authorization on bad hash', function (done) {
+        it('should fail authorization on bad hash', (done) => {
 
-            credentialsFunc('123456', function (err, credentials1) {
+            credentialsFunc('123456', (err, credentials1) => {
 
-                var auth = Hawk.client.message('example.com', 8080, 'some message', { credentials: credentials1 });
+                const auth = Hawk.client.message('example.com', 8080, 'some message', { credentials: credentials1 });
                 expect(auth).to.exist();
 
-                Hawk.server.authenticateMessage('example.com', 8080, 'some message1', auth, credentialsFunc, {}, function (err, credentials2) {
+                Hawk.server.authenticateMessage('example.com', 8080, 'some message1', auth, credentialsFunc, {}, (err, credentials2) => {
 
@@ -1272,7 +1273,7 @@ expect(err).to.exist();
 
-        it('should fail authorization on nonce error', function (done) {
+        it('should fail authorization on nonce error', (done) => {
 
-            credentialsFunc('123456', function (err, credentials1) {
+            credentialsFunc('123456', (err, credentials1) => {
 
-                var auth = Hawk.client.message('example.com', 8080, 'some message', { credentials: credentials1 });
+                const auth = Hawk.client.message('example.com', 8080, 'some message', { credentials: credentials1 });
                 expect(auth).to.exist();
@@ -1285,3 +1286,3 @@
                     }
-                }, function (err, credentials2) {
+                }, (err, credentials2) => {
 
@@ -1295,10 +1296,10 @@ expect(err).to.exist();
 
-        it('should fail authorization on credentials error', function (done) {
+        it('should fail authorization on credentials error', (done) => {
 
-            credentialsFunc('123456', function (err, credentials1) {
+            credentialsFunc('123456', (err, credentials1) => {
 
-                var auth = Hawk.client.message('example.com', 8080, 'some message', { credentials: credentials1 });
+                const auth = Hawk.client.message('example.com', 8080, 'some message', { credentials: credentials1 });
                 expect(auth).to.exist();
 
-                var errFunc = function (id, callback) {
+                const errFunc = function (id, callback) {
 
@@ -1308,3 +1309,3 @@ callback(new Error('kablooey'));
 
-                Hawk.server.authenticateMessage('example.com', 8080, 'some message', auth, errFunc, {}, function (err, credentials2) {
+                Hawk.server.authenticateMessage('example.com', 8080, 'some message', auth, errFunc, {}, (err, credentials2) => {
 
@@ -1318,10 +1319,10 @@ expect(err).to.exist();
 
-        it('should fail authorization on missing credentials', function (done) {
+        it('should fail authorization on missing credentials', (done) => {
 
-            credentialsFunc('123456', function (err, credentials1) {
+            credentialsFunc('123456', (err, credentials1) => {
 
-                var auth = Hawk.client.message('example.com', 8080, 'some message', { credentials: credentials1 });
+                const auth = Hawk.client.message('example.com', 8080, 'some message', { credentials: credentials1 });
                 expect(auth).to.exist();
 
-                var errFunc = function (id, callback) {
+                const errFunc = function (id, callback) {
 
@@ -1331,3 +1332,3 @@ callback();
 
-                Hawk.server.authenticateMessage('example.com', 8080, 'some message', auth, errFunc, {}, function (err, credentials2) {
+                Hawk.server.authenticateMessage('example.com', 8080, 'some message', auth, errFunc, {}, (err, credentials2) => {
 
@@ -1341,10 +1342,10 @@ expect(err).to.exist();
 
-        it('should fail authorization on invalid credentials', function (done) {
+        it('should fail authorization on invalid credentials', (done) => {
 
-            credentialsFunc('123456', function (err, credentials1) {
+            credentialsFunc('123456', (err, credentials1) => {
 
-                var auth = Hawk.client.message('example.com', 8080, 'some message', { credentials: credentials1 });
+                const auth = Hawk.client.message('example.com', 8080, 'some message', { credentials: credentials1 });
                 expect(auth).to.exist();
 
-                var errFunc = function (id, callback) {
+                const errFunc = function (id, callback) {
 
@@ -1354,3 +1355,3 @@ callback(null, {});
 
-                Hawk.server.authenticateMessage('example.com', 8080, 'some message', auth, errFunc, {}, function (err, credentials2) {
+                Hawk.server.authenticateMessage('example.com', 8080, 'some message', auth, errFunc, {}, (err, credentials2) => {
 
@@ -1364,10 +1365,10 @@ expect(err).to.exist();
 
-        it('should fail authorization on invalid credentials algorithm', function (done) {
+        it('should fail authorization on invalid credentials algorithm', (done) => {
 
-            credentialsFunc('123456', function (err, credentials1) {
+            credentialsFunc('123456', (err, credentials1) => {
 
-                var auth = Hawk.client.message('example.com', 8080, 'some message', { credentials: credentials1 });
+                const auth = Hawk.client.message('example.com', 8080, 'some message', { credentials: credentials1 });
                 expect(auth).to.exist();
 
-                var errFunc = function (id, callback) {
+                const errFunc = function (id, callback) {
 
@@ -1377,3 +1378,3 @@ callback(null, { key: '123', algorithm: '456' });
 
-                Hawk.server.authenticateMessage('example.com', 8080, 'some message', auth, errFunc, {}, function (err, credentials2) {
+                Hawk.server.authenticateMessage('example.com', 8080, 'some message', auth, errFunc, {}, (err, credentials2) => {
 
@@ -1387,7 +1388,7 @@ expect(err).to.exist();
 
-        it('should fail on missing host', function (done) {
+        it('should fail on missing host', (done) => {
 
-            credentialsFunc('123456', function (err, credentials) {
+            credentialsFunc('123456', (err, credentials) => {
 
-                var auth = Hawk.client.message(null, 8080, 'some message', { credentials: credentials });
+                const auth = Hawk.client.message(null, 8080, 'some message', { credentials: credentials });
                 expect(auth).to.not.exist();
@@ -1398,5 +1399,5 @@ done();
 
-        it('should fail on missing credentials', function (done) {
+        it('should fail on missing credentials', (done) => {
 
-            var auth = Hawk.client.message('example.com', 8080, 'some message', {});
+            const auth = Hawk.client.message('example.com', 8080, 'some message', {});
             expect(auth).to.not.exist();
@@ -1406,9 +1407,9 @@ done();
 
-        it('should fail on invalid algorithm', function (done) {
+        it('should fail on invalid algorithm', (done) => {
 
-            credentialsFunc('123456', function (err, credentials) {
+            credentialsFunc('123456', (err, credentials) => {
 
-                var creds = Hoek.clone(credentials);
+                const creds = Hoek.clone(credentials);
                 creds.algorithm = 'blah';
-                var auth = Hawk.client.message('example.com', 8080, 'some message', { credentials: creds });
+                const auth = Hawk.client.message('example.com', 8080, 'some message', { credentials: creds });
                 expect(auth).to.not.exist();
@@ -1420,5 +1421,5 @@ done();
 
-    describe('authenticatePayloadHash()', function () {
+    describe('authenticatePayloadHash()', () => {
 
-        it('checks payload hash', function (done) {
+        it('checks payload hash', (done) => {
 
@@ -1425,0 +1426,0 @@ expect(Hawk.server.authenticatePayloadHash('abcdefg', { hash: 'abcdefg' })).to.equal(true);

test/uri.js

@@ -0,9 +1,10 @@
+'use strict';
+
 // Load modules
 
-var Http = require('http');
-var Url = require('url');
-var Code = require('code');
-var Hawk = require('../lib');
-var Hoek = require('hoek');
-var Lab = require('lab');
+const Url = require('url');
+const Code = require('code');
+const Hawk = require('../lib');
+const Hoek = require('hoek');
+const Lab = require('lab');
 
@@ -13,3 +14,3 @@
 
-var internals = {};
+const internals = {};
 
@@ -19,13 +20,13 @@
 
-var lab = exports.lab = Lab.script();
-var describe = lab.experiment;
-var it = lab.test;
-var expect = Code.expect;
+const lab = exports.lab = Lab.script();
+const describe = lab.experiment;
+const it = lab.test;
+const expect = Code.expect;
 
 
-describe('Uri', function () {
+describe('Uri', () => {
 
-    var credentialsFunc = function (id, callback) {
+    const credentialsFunc = function (id, callback) {
 
-        var credentials = {
+        const credentials = {
             id: id,
@@ -40,5 +41,5 @@ key: 'werxhqb98rpaxn39848xrunpaw3489ruxnpa98w4rxn',
 
-    it('should generate a bewit then successfully authenticate it', function (done) {
+    it('should generate a bewit then successfully authenticate it', (done) => {
 
-        var req = {
+        const req = {
             method: 'GET',
@@ -50,8 +51,8 @@ url: '/resource/4?a=1&b=2',
 
-        credentialsFunc('123456', function (err, credentials1) {
+        credentialsFunc('123456', (err, credentials1) => {
 
-            var bewit = Hawk.uri.getBewit('http://example.com/resource/4?a=1&b=2', { credentials: credentials1, ttlSec: 60 * 60 * 24 * 365 * 100, ext: 'some-app-data' });
+            const bewit = Hawk.uri.getBewit('http://example.com/resource/4?a=1&b=2', { credentials: credentials1, ttlSec: 60 * 60 * 24 * 365 * 100, ext: 'some-app-data' });
             req.url += '&bewit=' + bewit;
 
-            Hawk.uri.authenticate(req, credentialsFunc, {}, function (err, credentials2, attributes) {
+            Hawk.uri.authenticate(req, credentialsFunc, {}, (err, credentials2, attributes) => {
 
@@ -66,5 +67,5 @@ expect(err).to.not.exist();
 
-    it('should generate a bewit then successfully authenticate it (no ext)', function (done) {
+    it('should generate a bewit then successfully authenticate it (no ext)', (done) => {
 
-        var req = {
+        const req = {
             method: 'GET',
@@ -76,8 +77,8 @@ url: '/resource/4?a=1&b=2',
 
-        credentialsFunc('123456', function (err, credentials1) {
+        credentialsFunc('123456', (err, credentials1) => {
 
-            var bewit = Hawk.uri.getBewit('http://example.com/resource/4?a=1&b=2', { credentials: credentials1, ttlSec: 60 * 60 * 24 * 365 * 100 });
+            const bewit = Hawk.uri.getBewit('http://example.com/resource/4?a=1&b=2', { credentials: credentials1, ttlSec: 60 * 60 * 24 * 365 * 100 });
             req.url += '&bewit=' + bewit;
 
-            Hawk.uri.authenticate(req, credentialsFunc, {}, function (err, credentials2, attributes) {
+            Hawk.uri.authenticate(req, credentialsFunc, {}, (err, credentials2, attributes) => {
 
@@ -91,5 +92,5 @@ expect(err).to.not.exist();
 
-    it('should successfully authenticate a request (last param)', function (done) {
+    it('should successfully authenticate a request (last param)', (done) => {
 
-        var req = {
+        const req = {
             method: 'GET',
@@ -101,3 +102,3 @@ url: '/resource/4?a=1&b=2&bewit=MTIzNDU2XDQ1MTE0ODQ2MjFcMzFjMmNkbUJFd1NJRVZDOVkva1NFb2c3d3YrdEVNWjZ3RXNmOGNHU2FXQT1cc29tZS1hcHAtZGF0YQ',
 
-        Hawk.uri.authenticate(req, credentialsFunc, {}, function (err, credentials, attributes) {
+        Hawk.uri.authenticate(req, credentialsFunc, {}, (err, credentials, attributes) => {
 
@@ -111,5 +112,5 @@ expect(err).to.not.exist();
 
-    it('should successfully authenticate a request (first param)', function (done) {
+    it('should successfully authenticate a request (first param)', (done) => {
 
-        var req = {
+        const req = {
             method: 'GET',
@@ -121,3 +122,3 @@ url: '/resource/4?bewit=MTIzNDU2XDQ1MTE0ODQ2MjFcMzFjMmNkbUJFd1NJRVZDOVkva1NFb2c3d3YrdEVNWjZ3RXNmOGNHU2FXQT1cc29tZS1hcHAtZGF0YQ&a=1&b=2',
 
-        Hawk.uri.authenticate(req, credentialsFunc, {}, function (err, credentials, attributes) {
+        Hawk.uri.authenticate(req, credentialsFunc, {}, (err, credentials, attributes) => {
 
@@ -131,5 +132,5 @@ expect(err).to.not.exist();
 
-    it('should successfully authenticate a request (only param)', function (done) {
+    it('should successfully authenticate a request (only param)', (done) => {
 
-        var req = {
+        const req = {
             method: 'GET',
@@ -141,3 +142,3 @@ url: '/resource/4?bewit=MTIzNDU2XDQ1MTE0ODQ2NDFcZm1CdkNWT3MvcElOTUUxSTIwbWhrejQ3UnBwTmo4Y1VrSHpQd3Q5OXJ1cz1cc29tZS1hcHAtZGF0YQ',
 
-        Hawk.uri.authenticate(req, credentialsFunc, {}, function (err, credentials, attributes) {
+        Hawk.uri.authenticate(req, credentialsFunc, {}, (err, credentials, attributes) => {
 
@@ -151,5 +152,5 @@ expect(err).to.not.exist();
 
-    it('should fail on multiple authentication', function (done) {
+    it('should fail on multiple authentication', (done) => {
 
-        var req = {
+        const req = {
             method: 'GET',
@@ -162,3 +163,3 @@ url: '/resource/4?bewit=MTIzNDU2XDQ1MTE0ODQ2NDFcZm1CdkNWT3MvcElOTUUxSTIwbWhrejQ3UnBwTmo4Y1VrSHpQd3Q5OXJ1cz1cc29tZS1hcHAtZGF0YQ',
 
-        Hawk.uri.authenticate(req, credentialsFunc, {}, function (err, credentials, attributes) {
+        Hawk.uri.authenticate(req, credentialsFunc, {}, (err, credentials, attributes) => {
 
@@ -171,7 +172,7 @@ expect(err).to.exist();
 
-    it('should fail on method other than GET', function (done) {
+    it('should fail on method other than GET', (done) => {
 
-        credentialsFunc('123456', function (err, credentials1) {
+        credentialsFunc('123456', (err, credentials1) => {
 
-            var req = {
+            const req = {
                 method: 'POST',
@@ -183,5 +184,5 @@ url: '/resource/4?filter=a',
 
-            var exp = Math.floor(Hawk.utils.now() / 1000) + 60;
-            var ext = 'some-app-data';
-            var mac = Hawk.crypto.calculateMac('bewit', credentials1, {
+            const exp = Math.floor(Hawk.utils.now() / 1000) + 60;
+            const ext = 'some-app-data';
+            const mac = Hawk.crypto.calculateMac('bewit', credentials1, {
                 timestamp: exp,
@@ -196,7 +197,7 @@ nonce: '',
 
-            var bewit = credentials1.id + '\\' + exp + '\\' + mac + '\\' + ext;
+            const bewit = credentials1.id + '\\' + exp + '\\' + mac + '\\' + ext;
 
             req.url += '&bewit=' + Hoek.base64urlEncode(bewit);
 
-            Hawk.uri.authenticate(req, credentialsFunc, {}, function (err, credentials2, attributes) {
+            Hawk.uri.authenticate(req, credentialsFunc, {}, (err, credentials2, attributes) => {
 
@@ -210,5 +211,5 @@ expect(err).to.exist();
 
-    it('should fail on invalid host header', function (done) {
+    it('should fail on invalid host header', (done) => {
 
-        var req = {
+        const req = {
             method: 'GET',
@@ -221,3 +222,3 @@ url: '/resource/4?bewit=MTIzNDU2XDQ1MDk5OTE3MTlcTUE2eWkwRWRwR0pEcWRwb0JkYVdvVDJrL0hDSzA1T0Y3MkhuZlVmVy96Zz1cc29tZS1hcHAtZGF0YQ',
 
-        Hawk.uri.authenticate(req, credentialsFunc, {}, function (err, credentials, attributes) {
+        Hawk.uri.authenticate(req, credentialsFunc, {}, (err, credentials, attributes) => {
 
@@ -230,5 +231,5 @@ expect(err).to.exist();
 
-    it('should fail on empty bewit', function (done) {
+    it('should fail on empty bewit', (done) => {
 
-        var req = {
+        const req = {
             method: 'GET',
@@ -240,3 +241,3 @@ url: '/resource/4?bewit=',
 
-        Hawk.uri.authenticate(req, credentialsFunc, {}, function (err, credentials, attributes) {
+        Hawk.uri.authenticate(req, credentialsFunc, {}, (err, credentials, attributes) => {
 
@@ -250,5 +251,5 @@ expect(err).to.exist();
 
-    it('should fail on invalid bewit', function (done) {
+    it('should fail on invalid bewit', (done) => {
 
-        var req = {
+        const req = {
             method: 'GET',
@@ -260,3 +261,3 @@ url: '/resource/4?bewit=*',
 
-        Hawk.uri.authenticate(req, credentialsFunc, {}, function (err, credentials, attributes) {
+        Hawk.uri.authenticate(req, credentialsFunc, {}, (err, credentials, attributes) => {
 
@@ -270,5 +271,5 @@ expect(err).to.exist();
 
-    it('should fail on missing bewit', function (done) {
+    it('should fail on missing bewit', (done) => {
 
-        var req = {
+        const req = {
             method: 'GET',
@@ -280,3 +281,3 @@ url: '/resource/4',
 
-        Hawk.uri.authenticate(req, credentialsFunc, {}, function (err, credentials, attributes) {
+        Hawk.uri.authenticate(req, credentialsFunc, {}, (err, credentials, attributes) => {
 
@@ -290,5 +291,5 @@ expect(err).to.exist();
 
-    it('should fail on invalid bewit structure', function (done) {
+    it('should fail on invalid bewit structure', (done) => {
 
-        var req = {
+        const req = {
             method: 'GET',
@@ -300,3 +301,3 @@ url: '/resource/4?bewit=abc',
 
-        Hawk.uri.authenticate(req, credentialsFunc, {}, function (err, credentials, attributes) {
+        Hawk.uri.authenticate(req, credentialsFunc, {}, (err, credentials, attributes) => {
 
@@ -309,5 +310,5 @@ expect(err).to.exist();
 
-    it('should fail on empty bewit attribute', function (done) {
+    it('should fail on empty bewit attribute', (done) => {
 
-        var req = {
+        const req = {
             method: 'GET',
@@ -319,3 +320,3 @@ url: '/resource/4?bewit=YVxcY1xk',
 
-        Hawk.uri.authenticate(req, credentialsFunc, {}, function (err, credentials, attributes) {
+        Hawk.uri.authenticate(req, credentialsFunc, {}, (err, credentials, attributes) => {
 
@@ -328,5 +329,5 @@ expect(err).to.exist();
 
-    it('should fail on missing bewit id attribute', function (done) {
+    it('should fail on missing bewit id attribute', (done) => {
 
-        var req = {
+        const req = {
             method: 'GET',
@@ -338,3 +339,3 @@ url: '/resource/4?bewit=XDQ1NTIxNDc2MjJcK0JFbFhQMXhuWjcvd1Nrbm1ldGhlZm5vUTNHVjZNSlFVRHk4NWpTZVJ4VT1cc29tZS1hcHAtZGF0YQ',
 
-        Hawk.uri.authenticate(req, credentialsFunc, {}, function (err, credentials, attributes) {
+        Hawk.uri.authenticate(req, credentialsFunc, {}, (err, credentials, attributes) => {
 
@@ -347,5 +348,5 @@ expect(err).to.exist();
 
-    it('should fail on expired access', function (done) {
+    it('should fail on expired access', (done) => {
 
-        var req = {
+        const req = {
             method: 'GET',
@@ -357,3 +358,3 @@ url: '/resource/4?a=1&b=2&bewit=MTIzNDU2XDEzNTY0MTg1ODNcWk1wZlMwWU5KNHV0WHpOMmRucTRydEk3NXNXTjFjeWVITTcrL0tNZFdVQT1cc29tZS1hcHAtZGF0YQ',
 
-        Hawk.uri.authenticate(req, credentialsFunc, {}, function (err, credentials, attributes) {
+        Hawk.uri.authenticate(req, credentialsFunc, {}, (err, credentials, attributes) => {
 
@@ -366,5 +367,5 @@ expect(err).to.exist();
 
-    it('should fail on credentials function error', function (done) {
+    it('should fail on credentials function error', (done) => {
 
-        var req = {
+        const req = {
             method: 'GET',
@@ -376,6 +377,6 @@ url: '/resource/4?bewit=MTIzNDU2XDQ1MDk5OTE3MTlcTUE2eWkwRWRwR0pEcWRwb0JkYVdvVDJrL0hDSzA1T0Y3MkhuZlVmVy96Zz1cc29tZS1hcHAtZGF0YQ',
 
-        Hawk.uri.authenticate(req, function (id, callback) {
+        Hawk.uri.authenticate(req, (id, callback) => {
 
             callback(Hawk.error.badRequest('Boom'));
-        }, {}, function (err, credentials, attributes) {
+        }, {}, (err, credentials, attributes) => {
 
@@ -388,5 +389,5 @@ expect(err).to.exist();
 
-    it('should fail on credentials function error with credentials', function (done) {
+    it('should fail on credentials function error with credentials', (done) => {
 
-        var req = {
+        const req = {
             method: 'GET',
@@ -398,6 +399,6 @@ url: '/resource/4?bewit=MTIzNDU2XDQ1MDk5OTE3MTlcTUE2eWkwRWRwR0pEcWRwb0JkYVdvVDJrL0hDSzA1T0Y3MkhuZlVmVy96Zz1cc29tZS1hcHAtZGF0YQ',
 
-        Hawk.uri.authenticate(req, function (id, callback) {
+        Hawk.uri.authenticate(req, (id, callback) => {
 
             callback(Hawk.error.badRequest('Boom'), { some: 'value' });
-        }, {}, function (err, credentials, attributes) {
+        }, {}, (err, credentials, attributes) => {
 
@@ -411,5 +412,5 @@ expect(err).to.exist();
 
-    it('should fail on null credentials function response', function (done) {
+    it('should fail on null credentials function response', (done) => {
 
-        var req = {
+        const req = {
             method: 'GET',
@@ -421,6 +422,6 @@ url: '/resource/4?bewit=MTIzNDU2XDQ1MDk5OTE3MTlcTUE2eWkwRWRwR0pEcWRwb0JkYVdvVDJrL0hDSzA1T0Y3MkhuZlVmVy96Zz1cc29tZS1hcHAtZGF0YQ',
 
-        Hawk.uri.authenticate(req, function (id, callback) {
+        Hawk.uri.authenticate(req, (id, callback) => {
 
             callback(null, null);
-        }, {}, function (err, credentials, attributes) {
+        }, {}, (err, credentials, attributes) => {
 
@@ -433,5 +434,5 @@ expect(err).to.exist();
 
-    it('should fail on invalid credentials function response', function (done) {
+    it('should fail on invalid credentials function response', (done) => {
 
-        var req = {
+        const req = {
             method: 'GET',
@@ -443,6 +444,6 @@ url: '/resource/4?bewit=MTIzNDU2XDQ1MDk5OTE3MTlcTUE2eWkwRWRwR0pEcWRwb0JkYVdvVDJrL0hDSzA1T0Y3MkhuZlVmVy96Zz1cc29tZS1hcHAtZGF0YQ',
 
-        Hawk.uri.authenticate(req, function (id, callback) {
+        Hawk.uri.authenticate(req, (id, callback) => {
 
             callback(null, {});
-        }, {}, function (err, credentials, attributes) {
+        }, {}, (err, credentials, attributes) => {
 
@@ -455,5 +456,5 @@ expect(err).to.exist();
 
-    it('should fail on invalid credentials function response (unknown algorithm)', function (done) {
+    it('should fail on invalid credentials function response (unknown algorithm)', (done) => {
 
-        var req = {
+        const req = {
             method: 'GET',
@@ -465,6 +466,6 @@ url: '/resource/4?bewit=MTIzNDU2XDQ1MDk5OTE3MTlcTUE2eWkwRWRwR0pEcWRwb0JkYVdvVDJrL0hDSzA1T0Y3MkhuZlVmVy96Zz1cc29tZS1hcHAtZGF0YQ',
 
-        Hawk.uri.authenticate(req, function (id, callback) {
+        Hawk.uri.authenticate(req, (id, callback) => {
 
             callback(null, { key: 'xxx', algorithm: 'xxx' });
-        }, {}, function (err, credentials, attributes) {
+        }, {}, (err, credentials, attributes) => {
 
@@ -477,5 +478,5 @@ expect(err).to.exist();
 
-    it('should fail on expired access', function (done) {
+    it('should fail on expired access', (done) => {
 
-        var req = {
+        const req = {
             method: 'GET',
@@ -487,6 +488,6 @@ url: '/resource/4?bewit=MTIzNDU2XDQ1MDk5OTE3MTlcTUE2eWkwRWRwR0pEcWRwb0JkYVdvVDJrL0hDSzA1T0Y3MkhuZlVmVy96Zz1cc29tZS1hcHAtZGF0YQ',
 
-        Hawk.uri.authenticate(req, function (id, callback) {
+        Hawk.uri.authenticate(req, (id, callback) => {
 
             callback(null, { key: 'xxx', algorithm: 'sha256' });
-        }, {}, function (err, credentials, attributes) {
+        }, {}, (err, credentials, attributes) => {
 
@@ -499,7 +500,7 @@ expect(err).to.exist();
 
-    describe('getBewit()', function () {
+    describe('getBewit()', () => {
 
-        it('returns a valid bewit value', function (done) {
+        it('returns a valid bewit value', (done) => {
 
-            var credentials = {
+            const credentials = {
                 id: '123456',
@@ -510,3 +511,3 @@ key: '2983d45yun89q',
 
-            var bewit = Hawk.uri.getBewit('https://example.com/somewhere/over/the/rainbow', { credentials: credentials, ttlSec: 300, localtimeOffsetMsec: 1356420407232 - Hawk.utils.now(), ext: 'xandyandz' });
+            const bewit = Hawk.uri.getBewit('https://example.com/somewhere/over/the/rainbow', { credentials: credentials, ttlSec: 300, localtimeOffsetMsec: 1356420407232 - Hawk.utils.now(), ext: 'xandyandz' });
             expect(bewit).to.equal('MTIzNDU2XDEzNTY0MjA3MDdca3NjeHdOUjJ0SnBQMVQxekRMTlBiQjVVaUtJVTl0T1NKWFRVZEc3WDloOD1ceGFuZHlhbmR6');
@@ -516,5 +517,5 @@ done();
 
-        it('returns a valid bewit value (explicit port)', function (done) {
+        it('returns a valid bewit value (explicit port)', (done) => {
 
-            var credentials = {
+            const credentials = {
                 id: '123456',
@@ -525,3 +526,3 @@ key: '2983d45yun89q',
 
-            var bewit = Hawk.uri.getBewit('https://example.com:8080/somewhere/over/the/rainbow', { credentials: credentials, ttlSec: 300, localtimeOffsetMsec: 1356420407232 - Hawk.utils.now(), ext: 'xandyandz' });
+            const bewit = Hawk.uri.getBewit('https://example.com:8080/somewhere/over/the/rainbow', { credentials: credentials, ttlSec: 300, localtimeOffsetMsec: 1356420407232 - Hawk.utils.now(), ext: 'xandyandz' });
             expect(bewit).to.equal('MTIzNDU2XDEzNTY0MjA3MDdcaFpiSjNQMmNLRW80a3kwQzhqa1pBa1J5Q1p1ZWc0V1NOYnhWN3ZxM3hIVT1ceGFuZHlhbmR6');
@@ -531,5 +532,5 @@ done();
 
-        it('returns a valid bewit value (null ext)', function (done) {
+        it('returns a valid bewit value (null ext)', (done) => {
 
-            var credentials = {
+            const credentials = {
                 id: '123456',
@@ -540,3 +541,3 @@ key: '2983d45yun89q',
 
-            var bewit = Hawk.uri.getBewit('https://example.com/somewhere/over/the/rainbow', { credentials: credentials, ttlSec: 300, localtimeOffsetMsec: 1356420407232 - Hawk.utils.now(), ext: null });
+            const bewit = Hawk.uri.getBewit('https://example.com/somewhere/over/the/rainbow', { credentials: credentials, ttlSec: 300, localtimeOffsetMsec: 1356420407232 - Hawk.utils.now(), ext: null });
             expect(bewit).to.equal('MTIzNDU2XDEzNTY0MjA3MDdcSUdZbUxnSXFMckNlOEN4dktQczRKbFdJQStValdKSm91d2dBUmlWaENBZz1c');
@@ -546,5 +547,5 @@ done();
 
-        it('returns a valid bewit value (parsed uri)', function (done) {
+        it('returns a valid bewit value (parsed uri)', (done) => {
 
-            var credentials = {
+            const credentials = {
                 id: '123456',
@@ -555,3 +556,3 @@ key: '2983d45yun89q',
 
-            var bewit = Hawk.uri.getBewit(Url.parse('https://example.com/somewhere/over/the/rainbow'), { credentials: credentials, ttlSec: 300, localtimeOffsetMsec: 1356420407232 - Hawk.utils.now(), ext: 'xandyandz' });
+            const bewit = Hawk.uri.getBewit(Url.parse('https://example.com/somewhere/over/the/rainbow'), { credentials: credentials, ttlSec: 300, localtimeOffsetMsec: 1356420407232 - Hawk.utils.now(), ext: 'xandyandz' });
             expect(bewit).to.equal('MTIzNDU2XDEzNTY0MjA3MDdca3NjeHdOUjJ0SnBQMVQxekRMTlBiQjVVaUtJVTl0T1NKWFRVZEc3WDloOD1ceGFuZHlhbmR6');
@@ -561,11 +562,5 @@ done();
 
-        it('errors on invalid options', function (done) {
+        it('errors on invalid options', (done) => {
 
-            var credentials = {
-                id: '123456',
-                key: '2983d45yun89q',
-                algorithm: 'sha256'
-            };
-
-            var bewit = Hawk.uri.getBewit('https://example.com/somewhere/over/the/rainbow', 4);
+            const bewit = Hawk.uri.getBewit('https://example.com/somewhere/over/the/rainbow', 4);
             expect(bewit).to.equal('');
@@ -575,5 +570,5 @@ done();
 
-        it('errors on missing uri', function (done) {
+        it('errors on missing uri', (done) => {
 
-            var credentials = {
+            const credentials = {
                 id: '123456',
@@ -584,3 +579,3 @@ key: '2983d45yun89q',
 
-            var bewit = Hawk.uri.getBewit('', { credentials: credentials, ttlSec: 300, localtimeOffsetMsec: 1356420407232 - Hawk.utils.now(), ext: 'xandyandz' });
+            const bewit = Hawk.uri.getBewit('', { credentials: credentials, ttlSec: 300, localtimeOffsetMsec: 1356420407232 - Hawk.utils.now(), ext: 'xandyandz' });
             expect(bewit).to.equal('');
@@ -590,5 +585,5 @@ done();
 
-        it('errors on invalid uri', function (done) {
+        it('errors on invalid uri', (done) => {
 
-            var credentials = {
+            const credentials = {
                 id: '123456',
@@ -599,3 +594,3 @@ key: '2983d45yun89q',
 
-            var bewit = Hawk.uri.getBewit(5, { credentials: credentials, ttlSec: 300, localtimeOffsetMsec: 1356420407232 - Hawk.utils.now(), ext: 'xandyandz' });
+            const bewit = Hawk.uri.getBewit(5, { credentials: credentials, ttlSec: 300, localtimeOffsetMsec: 1356420407232 - Hawk.utils.now(), ext: 'xandyandz' });
             expect(bewit).to.equal('');
@@ -605,5 +600,5 @@ done();
 
-        it('errors on invalid credentials (id)', function (done) {
+        it('errors on invalid credentials (id)', (done) => {
 
-            var credentials = {
+            const credentials = {
                 key: '2983d45yun89q',
@@ -613,3 +608,3 @@ algorithm: 'sha256'
 
-            var bewit = Hawk.uri.getBewit('https://example.com/somewhere/over/the/rainbow', { credentials: credentials, ttlSec: 3000, ext: 'xandyandz' });
+            const bewit = Hawk.uri.getBewit('https://example.com/somewhere/over/the/rainbow', { credentials: credentials, ttlSec: 3000, ext: 'xandyandz' });
             expect(bewit).to.equal('');
@@ -619,5 +614,5 @@ done();
 
-        it('errors on missing credentials', function (done) {
+        it('errors on missing credentials', (done) => {
 
-            var bewit = Hawk.uri.getBewit('https://example.com/somewhere/over/the/rainbow', { ttlSec: 3000, ext: 'xandyandz' });
+            const bewit = Hawk.uri.getBewit('https://example.com/somewhere/over/the/rainbow', { ttlSec: 3000, ext: 'xandyandz' });
             expect(bewit).to.equal('');
@@ -627,5 +622,5 @@ done();
 
-        it('errors on invalid credentials (key)', function (done) {
+        it('errors on invalid credentials (key)', (done) => {
 
-            var credentials = {
+            const credentials = {
                 id: '123456',
@@ -635,3 +630,3 @@ algorithm: 'sha256'
 
-            var bewit = Hawk.uri.getBewit('https://example.com/somewhere/over/the/rainbow', { credentials: credentials, ttlSec: 3000, ext: 'xandyandz' });
+            const bewit = Hawk.uri.getBewit('https://example.com/somewhere/over/the/rainbow', { credentials: credentials, ttlSec: 3000, ext: 'xandyandz' });
             expect(bewit).to.equal('');
@@ -641,5 +636,5 @@ done();
 
-        it('errors on invalid algorithm', function (done) {
+        it('errors on invalid algorithm', (done) => {
 
-            var credentials = {
+            const credentials = {
                 id: '123456',
@@ -650,3 +645,3 @@ key: '2983d45yun89q',
 
-            var bewit = Hawk.uri.getBewit('https://example.com/somewhere/over/the/rainbow', { credentials: credentials, ttlSec: 300, ext: 'xandyandz' });
+            const bewit = Hawk.uri.getBewit('https://example.com/somewhere/over/the/rainbow', { credentials: credentials, ttlSec: 300, ext: 'xandyandz' });
             expect(bewit).to.equal('');
@@ -656,11 +651,5 @@ done();
 
-        it('errors on missing options', function (done) {
+        it('errors on missing options', (done) => {
 
-            var credentials = {
-                id: '123456',
-                key: '2983d45yun89q',
-                algorithm: 'hmac-sha-0'
-            };
-
-            var bewit = Hawk.uri.getBewit('https://example.com/somewhere/over/the/rainbow');
+            const bewit = Hawk.uri.getBewit('https://example.com/somewhere/over/the/rainbow');
             expect(bewit).to.equal('');
@@ -671,12 +660,12 @@ done();
 
-    describe('authenticateMessage()', function () {
+    describe('authenticateMessage()', () => {
 
-        it('should generate an authorization then successfully parse it', function (done) {
+        it('should generate an authorization then successfully parse it', (done) => {
 
-            credentialsFunc('123456', function (err, credentials1) {
+            credentialsFunc('123456', (err, credentials1) => {
 
-                var auth = Hawk.client.message('example.com', 8080, 'some message', { credentials: credentials1 });
+                const auth = Hawk.client.message('example.com', 8080, 'some message', { credentials: credentials1 });
                 expect(auth).to.exist();
 
-                Hawk.server.authenticateMessage('example.com', 8080, 'some message', auth, credentialsFunc, {}, function (err, credentials2) {
+                Hawk.server.authenticateMessage('example.com', 8080, 'some message', auth, credentialsFunc, {}, (err, credentials2) => {
 
@@ -690,10 +679,10 @@ expect(err).to.not.exist();
 
-        it('should fail authorization on mismatching host', function (done) {
+        it('should fail authorization on mismatching host', (done) => {
 
-            credentialsFunc('123456', function (err, credentials1) {
+            credentialsFunc('123456', (err, credentials1) => {
 
-                var auth = Hawk.client.message('example.com', 8080, 'some message', { credentials: credentials1 });
+                const auth = Hawk.client.message('example.com', 8080, 'some message', { credentials: credentials1 });
                 expect(auth).to.exist();
 
-                Hawk.server.authenticateMessage('example1.com', 8080, 'some message', auth, credentialsFunc, {}, function (err, credentials2) {
+                Hawk.server.authenticateMessage('example1.com', 8080, 'some message', auth, credentialsFunc, {}, (err, credentials2) => {
 
@@ -707,10 +696,10 @@ expect(err).to.exist();
 
-        it('should fail authorization on stale timestamp', function (done) {
+        it('should fail authorization on stale timestamp', (done) => {
 
-            credentialsFunc('123456', function (err, credentials1) {
+            credentialsFunc('123456', (err, credentials1) => {
 
-                var auth = Hawk.client.message('example.com', 8080, 'some message', { credentials: credentials1 });
+                const auth = Hawk.client.message('example.com', 8080, 'some message', { credentials: credentials1 });
                 expect(auth).to.exist();
 
-                Hawk.server.authenticateMessage('example.com', 8080, 'some message', auth, credentialsFunc, { localtimeOffsetMsec: 100000 }, function (err, credentials2) {
+                Hawk.server.authenticateMessage('example.com', 8080, 'some message', auth, credentialsFunc, { localtimeOffsetMsec: 100000 }, (err, credentials2) => {
 
@@ -724,10 +713,10 @@ expect(err).to.exist();
 
-        it('overrides timestampSkewSec', function (done) {
+        it('overrides timestampSkewSec', (done) => {
 
-            credentialsFunc('123456', function (err, credentials1) {
+            credentialsFunc('123456', (err, credentials1) => {
 
-                var auth = Hawk.client.message('example.com', 8080, 'some message', { credentials: credentials1, localtimeOffsetMsec: 100000 });
+                const auth = Hawk.client.message('example.com', 8080, 'some message', { credentials: credentials1, localtimeOffsetMsec: 100000 });
                 expect(auth).to.exist();
 
-                Hawk.server.authenticateMessage('example.com', 8080, 'some message', auth, credentialsFunc, { timestampSkewSec: 500 }, function (err, credentials2) {
+                Hawk.server.authenticateMessage('example.com', 8080, 'some message', auth, credentialsFunc, { timestampSkewSec: 500 }, (err, credentials2) => {
 
@@ -740,11 +729,11 @@ expect(err).to.not.exist();
 
-        it('should fail authorization on invalid authorization', function (done) {
+        it('should fail authorization on invalid authorization', (done) => {
 
-            credentialsFunc('123456', function (err, credentials1) {
+            credentialsFunc('123456', (err, credentials1) => {
 
-                var auth = Hawk.client.message('example.com', 8080, 'some message', { credentials: credentials1 });
+                const auth = Hawk.client.message('example.com', 8080, 'some message', { credentials: credentials1 });
                 expect(auth).to.exist();
                 delete auth.id;
 
-                Hawk.server.authenticateMessage('example.com', 8080, 'some message', auth, credentialsFunc, {}, function (err, credentials2) {
+                Hawk.server.authenticateMessage('example.com', 8080, 'some message', auth, credentialsFunc, {}, (err, credentials2) => {
 
@@ -758,10 +747,10 @@ expect(err).to.exist();
 
-        it('should fail authorization on bad hash', function (done) {
+        it('should fail authorization on bad hash', (done) => {
 
-            credentialsFunc('123456', function (err, credentials1) {
+            credentialsFunc('123456', (err, credentials1) => {
 
-                var auth = Hawk.client.message('example.com', 8080, 'some message', { credentials: credentials1 });
+                const auth = Hawk.client.message('example.com', 8080, 'some message', { credentials: credentials1 });
                 expect(auth).to.exist();
 
-                Hawk.server.authenticateMessage('example.com', 8080, 'some message1', auth, credentialsFunc, {}, function (err, credentials2) {
+                Hawk.server.authenticateMessage('example.com', 8080, 'some message1', auth, credentialsFunc, {}, (err, credentials2) => {
 
@@ -775,7 +764,7 @@ expect(err).to.exist();
 
-        it('should fail authorization on nonce error', function (done) {
+        it('should fail authorization on nonce error', (done) => {
 
-            credentialsFunc('123456', function (err, credentials1) {
+            credentialsFunc('123456', (err, credentials1) => {
 
-                var auth = Hawk.client.message('example.com', 8080, 'some message', { credentials: credentials1 });
+                const auth = Hawk.client.message('example.com', 8080, 'some message', { credentials: credentials1 });
                 expect(auth).to.exist();
@@ -788,3 +777,3 @@
                     }
-                }, function (err, credentials2) {
+                }, (err, credentials2) => {
 
@@ -798,10 +787,10 @@ expect(err).to.exist();
 
-        it('should fail authorization on credentials error', function (done) {
+        it('should fail authorization on credentials error', (done) => {
 
-            credentialsFunc('123456', function (err, credentials1) {
+            credentialsFunc('123456', (err, credentials1) => {
 
-                var auth = Hawk.client.message('example.com', 8080, 'some message', { credentials: credentials1 });
+                const auth = Hawk.client.message('example.com', 8080, 'some message', { credentials: credentials1 });
                 expect(auth).to.exist();
 
-                var errFunc = function (id, callback) {
+                const errFunc = function (id, callback) {
 
@@ -811,3 +800,3 @@ callback(new Error('kablooey'));
 
-                Hawk.server.authenticateMessage('example.com', 8080, 'some message', auth, errFunc, {}, function (err, credentials2) {
+                Hawk.server.authenticateMessage('example.com', 8080, 'some message', auth, errFunc, {}, (err, credentials2) => {
 
@@ -821,10 +810,10 @@ expect(err).to.exist();
 
-        it('should fail authorization on missing credentials', function (done) {
+        it('should fail authorization on missing credentials', (done) => {
 
-            credentialsFunc('123456', function (err, credentials1) {
+            credentialsFunc('123456', (err, credentials1) => {
 
-                var auth = Hawk.client.message('example.com', 8080, 'some message', { credentials: credentials1 });
+                const auth = Hawk.client.message('example.com', 8080, 'some message', { credentials: credentials1 });
                 expect(auth).to.exist();
 
-                var errFunc = function (id, callback) {
+                const errFunc = function (id, callback) {
 
@@ -834,3 +823,3 @@ callback();
 
-                Hawk.server.authenticateMessage('example.com', 8080, 'some message', auth, errFunc, {}, function (err, credentials2) {
+                Hawk.server.authenticateMessage('example.com', 8080, 'some message', auth, errFunc, {}, (err, credentials2) => {
 
@@ -844,10 +833,10 @@ expect(err).to.exist();
 
-        it('should fail authorization on invalid credentials', function (done) {
+        it('should fail authorization on invalid credentials', (done) => {
 
-            credentialsFunc('123456', function (err, credentials1) {
+            credentialsFunc('123456', (err, credentials1) => {
 
-                var auth = Hawk.client.message('example.com', 8080, 'some message', { credentials: credentials1 });
+                const auth = Hawk.client.message('example.com', 8080, 'some message', { credentials: credentials1 });
                 expect(auth).to.exist();
 
-                var errFunc = function (id, callback) {
+                const errFunc = function (id, callback) {
 
@@ -857,3 +846,3 @@ callback(null, {});
 
-                Hawk.server.authenticateMessage('example.com', 8080, 'some message', auth, errFunc, {}, function (err, credentials2) {
+                Hawk.server.authenticateMessage('example.com', 8080, 'some message', auth, errFunc, {}, (err, credentials2) => {
 
@@ -867,10 +856,10 @@ expect(err).to.exist();
 
-        it('should fail authorization on invalid credentials algorithm', function (done) {
+        it('should fail authorization on invalid credentials algorithm', (done) => {
 
-            credentialsFunc('123456', function (err, credentials1) {
+            credentialsFunc('123456', (err, credentials1) => {
 
-                var auth = Hawk.client.message('example.com', 8080, 'some message', { credentials: credentials1 });
+                const auth = Hawk.client.message('example.com', 8080, 'some message', { credentials: credentials1 });
                 expect(auth).to.exist();
 
-                var errFunc = function (id, callback) {
+                const errFunc = function (id, callback) {
 
@@ -880,3 +869,3 @@ callback(null, { key: '123', algorithm: '456' });
 
-                Hawk.server.authenticateMessage('example.com', 8080, 'some message', auth, errFunc, {}, function (err, credentials2) {
+                Hawk.server.authenticateMessage('example.com', 8080, 'some message', auth, errFunc, {}, (err, credentials2) => {
 
@@ -890,7 +879,7 @@ expect(err).to.exist();
 
-        it('should fail on missing host', function (done) {
+        it('should fail on missing host', (done) => {
 
-            credentialsFunc('123456', function (err, credentials1) {
+            credentialsFunc('123456', (err, credentials1) => {
 
-                var auth = Hawk.client.message(null, 8080, 'some message', { credentials: credentials1 });
+                const auth = Hawk.client.message(null, 8080, 'some message', { credentials: credentials1 });
                 expect(auth).to.not.exist();
@@ -901,5 +890,5 @@ done();
 
-        it('should fail on missing credentials', function (done) {
+        it('should fail on missing credentials', (done) => {
 
-            var auth = Hawk.client.message('example.com', 8080, 'some message', {});
+            const auth = Hawk.client.message('example.com', 8080, 'some message', {});
             expect(auth).to.not.exist();
@@ -909,9 +898,9 @@ done();
 
-        it('should fail on invalid algorithm', function (done) {
+        it('should fail on invalid algorithm', (done) => {
 
-            credentialsFunc('123456', function (err, credentials1) {
+            credentialsFunc('123456', (err, credentials1) => {
 
-                var creds = Hoek.clone(credentials1);
+                const creds = Hoek.clone(credentials1);
                 creds.algorithm = 'blah';
-                var auth = Hawk.client.message('example.com', 8080, 'some message', { credentials: creds });
+                const auth = Hawk.client.message('example.com', 8080, 'some message', { credentials: creds });
                 expect(auth).to.not.exist();
@@ -918,0 +907,0 @@ done();

test/utils.js

@@ -0,7 +1,9 @@
+'use strict';
+
 // Load modules
 
-var Code = require('code');
-var Hawk = require('../lib');
-var Lab = require('lab');
-var Package = require('../package.json');
+const Code = require('code');
+const Hawk = require('../lib');
+const Lab = require('lab');
+const Package = require('../package.json');
 
@@ -11,3 +13,3 @@
 
-var internals = {};
+const internals = {};
 
@@ -17,15 +19,15 @@
 
-var lab = exports.lab = Lab.script();
-var describe = lab.experiment;
-var it = lab.test;
-var expect = Code.expect;
+const lab = exports.lab = Lab.script();
+const describe = lab.experiment;
+const it = lab.test;
+const expect = Code.expect;
 
 
-describe('Utils', function () {
+describe('Utils', () => {
 
-    describe('parseHost()', function () {
+    describe('parseHost()', () => {
 
-        it('returns port 80 for non tls node request', function (done) {
+        it('returns port 80 for non tls node request', (done) => {
 
-            var req = {
+            const req = {
                 method: 'POST',
@@ -43,5 +45,5 @@ url: '/resource/4?filter=a',
 
-        it('returns port 443 for non tls node request', function (done) {
+        it('returns port 443 for non tls node request', (done) => {
 
-            var req = {
+            const req = {
                 method: 'POST',
@@ -62,5 +64,5 @@ url: '/resource/4?filter=a',
 
-        it('returns port 443 for non tls node request (IPv6)', function (done) {
+        it('returns port 443 for non tls node request (IPv6)', (done) => {
 
-            var req = {
+            const req = {
                 method: 'POST',
@@ -81,5 +83,5 @@ url: '/resource/4?filter=a',
 
-        it('parses IPv6 headers', function (done) {
+        it('parses IPv6 headers', (done) => {
 
-            var req = {
+            const req = {
                 method: 'POST',
@@ -96,3 +98,3 @@ url: '/resource/4?filter=a',
 
-            var host = Hawk.utils.parseHost(req, 'Host');
+            const host = Hawk.utils.parseHost(req, 'Host');
             expect(host.port).to.equal('8000');
@@ -104,5 +106,5 @@ expect(host.name).to.equal('[123:123:123]');
 
-    describe('version()', function () {
+    describe('version()', () => {
 
-        it('returns the correct package version number', function (done) {
+        it('returns the correct package version number', (done) => {
 
@@ -114,5 +116,5 @@ expect(Hawk.utils.version()).to.equal(Package.version);
 
-    describe('unauthorized()', function () {
+    describe('unauthorized()', () => {
 
-        it('returns a hawk 401', function (done) {
+        it('returns a hawk 401', (done) => {
 
@@ -123,3 +125,3 @@ expect(Hawk.utils.unauthorized('kaboom').output.headers['WWW-Authenticate']).to.equal('Hawk error="kaboom"');
 
-        it('supports attributes', function (done) {
+        it('supports attributes', (done) => {
 
@@ -126,0 +128,0 @@ expect(Hawk.utils.unauthorized('kaboom', { a: 'b' }).output.headers['WWW-Authenticate']).to.equal('Hawk a="b", error="kaboom"');

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

362329

increased by2.33%

Number of package files

27

increased by12.5%

Lines of code

5221

increased by4.61%

Number of medium supply chain risk alerts

1

decreased by-50%

Worsened metrics

Dev dependency count

4

increased by100%

Dependency changes

• + Addedboom@3.2.25.3.3(transitive)

• + Addedcryptiles@3.2.1(transitive)

• + Addedhoek@3.0.44.3.1(transitive)

• + Addedsntp@2.1.0(transitive)

• - Removedboom@2.10.1(transitive)

• - Removedcryptiles@2.0.5(transitive)

• - Removedhoek@2.16.3(transitive)

• - Removedsntp@1.0.9(transitive)

• Updatedboom@3.x.x

• Updatedcryptiles@3.x.x

• Updatedhoek@3.x.x

• Updatedsntp@2.x.x