Comparing version 4.1.2 to 5.0.0
@@ -0,0 +0,0 @@ { |
'use strict'; | ||
module.exports = require('./dist/browser'); |
@@ -0,0 +0,0 @@ { |
@@ -5,3 +5,3 @@ 'use strict'; | ||
HTTP Hawk Authentication Scheme | ||
Copyright (c) 2012-2014, Eran Hammer <eran@hammer.io> | ||
Copyright (c) 2012-2016, Eran Hammer <eran@hammer.io> | ||
BSD Licensed | ||
@@ -26,4 +26,4 @@ */ | ||
options: { | ||
// Required | ||
credentials: { | ||
// Required | ||
credentials: { | ||
id: 'dh37fgj492je', | ||
@@ -33,4 +33,4 @@ key: 'aoijedoaijsdlaksjdl', | ||
}, | ||
// Optional | ||
ext: 'application-specific', // Application specific data sent via the ext attribute | ||
// Optional | ||
ext: 'application-specific', // Application specific data sent via the ext attribute | ||
timestamp: Date.now() / 1000, // A pre-calculated timestamp in seconds | ||
@@ -64,3 +64,3 @@ nonce: '2334f34f', // A pre-generated nonce | ||
var timestamp = options.timestamp || hawk.utils.now(options.localtimeOffsetMsec); | ||
var timestamp = options.timestamp || hawk.utils.nowSec(options.localtimeOffsetMsec); | ||
@@ -132,4 +132,4 @@ // Validate credentials | ||
options: { | ||
// Required | ||
credentials: { | ||
// Required | ||
credentials: { | ||
id: 'dh37fgj492je', | ||
@@ -140,4 +140,4 @@ key: 'aoijedoaijsdlaksjdl', | ||
ttlSec: 60 * 60, // TTL in seconds | ||
// Optional | ||
ext: 'application-specific', // Application specific data sent via the ext attribute | ||
// Optional | ||
ext: 'application-specific', // Application specific data sent via the ext attribute | ||
localtimeOffsetMsec: 400 // Time offset to sync with server time | ||
@@ -160,3 +160,3 @@ }; | ||
var now = hawk.utils.now(options.localtimeOffsetMsec); | ||
var now = hawk.utils.nowSec(options.localtimeOffsetMsec); | ||
@@ -234,3 +234,3 @@ // Validate credentials | ||
hawk.utils.setNtpOffset(wwwAttributes.ts - Math.floor(new Date().getTime() / 1000)); // Keep offset at 1 second precision | ||
hawk.utils.setNtpSecOffset(wwwAttributes.ts - Math.floor(Date.now() / 1000)); // Keep offset at 1 second precision | ||
} | ||
@@ -294,3 +294,3 @@ } | ||
var timestamp = options.timestamp || hawk.utils.now(options.localtimeOffsetMsec); | ||
var timestamp = options.timestamp || hawk.utils.nowSec(options.localtimeOffsetMsec); | ||
@@ -342,3 +342,3 @@ // Validate credentials | ||
if (updateClock !== false) { | ||
hawk.utils.setNtpOffset(message.ts - Math.floor(new Date().getTime() / 1000)); // Keep offset at 1 second precision | ||
hawk.utils.setNtpSecOffset(message.ts - Math.floor(Date.now() / 1000)); // Keep offset at 1 second precision | ||
} | ||
@@ -443,7 +443,7 @@ | ||
if (ntpOffset) { | ||
hawk.utils.setNtpOffset(ntpOffset); | ||
hawk.utils.setNtpSecOffset(ntpOffset); | ||
} | ||
}, | ||
setNtpOffset: function setNtpOffset(offset) { | ||
setNtpSecOffset: function setNtpSecOffset(offset) { | ||
@@ -458,3 +458,3 @@ try { | ||
getNtpOffset: function getNtpOffset() { | ||
getNtpSecOffset: function getNtpSecOffset() { | ||
@@ -471,5 +471,10 @@ var offset = hawk.utils.storage.getItem('hawk_ntp_offset'); | ||
return Math.floor((new Date().getTime() + (localtimeOffsetMsec || 0)) / 1000) + hawk.utils.getNtpOffset(); | ||
return Date.now() + (localtimeOffsetMsec || 0) + hawk.utils.getNtpSecOffset() * 1000; | ||
}, | ||
nowSec: function nowSec(localtimeOffsetMsec) { | ||
return Math.floor(hawk.utils.now(localtimeOffsetMsec) / 1000); | ||
}, | ||
escapeHeaderAttribute: function escapeHeaderAttribute(attribute) { | ||
@@ -476,0 +481,0 @@ |
@@ -0,0 +0,0 @@ 'use strict'; |
@@ -5,3 +5,3 @@ 'use strict'; | ||
HTTP Hawk Authentication Scheme | ||
Copyright (c) 2012-2014, Eran Hammer <eran@hammer.io> | ||
Copyright (c) 2012-2016, Eran Hammer <eran@hammer.io> | ||
BSD Licensed | ||
@@ -68,3 +68,3 @@ */ | ||
const timestamp = options.timestamp || hawk.utils.now(options.localtimeOffsetMsec); | ||
const timestamp = options.timestamp || hawk.utils.nowSec(options.localtimeOffsetMsec); | ||
@@ -180,3 +180,3 @@ // Validate credentials | ||
const now = hawk.utils.now(options.localtimeOffsetMsec); | ||
const now = hawk.utils.nowSec(options.localtimeOffsetMsec); | ||
@@ -257,3 +257,3 @@ // Validate credentials | ||
hawk.utils.setNtpOffset(wwwAttributes.ts - Math.floor((new Date()).getTime() / 1000)); // Keep offset at 1 second precision | ||
hawk.utils.setNtpSecOffset(wwwAttributes.ts - Math.floor(Date.now() / 1000)); // Keep offset at 1 second precision | ||
} | ||
@@ -322,3 +322,3 @@ } | ||
const timestamp = options.timestamp || hawk.utils.now(options.localtimeOffsetMsec); | ||
const timestamp = options.timestamp || hawk.utils.nowSec(options.localtimeOffsetMsec); | ||
@@ -364,3 +364,3 @@ // Validate credentials | ||
authenticateTimestamp: function (message, credentials, updateClock) { // updateClock defaults to true | ||
authenticateTimestamp: function (message, credentials, updateClock) { // updateClock defaults to true | ||
@@ -373,3 +373,3 @@ const tsm = hawk.crypto.calculateTsMac(message.ts, credentials); | ||
if (updateClock !== false) { | ||
hawk.utils.setNtpOffset(message.ts - Math.floor((new Date()).getTime() / 1000)); // Keep offset at 1 second precision | ||
hawk.utils.setNtpSecOffset(message.ts - Math.floor(Date.now() / 1000)); // Keep offset at 1 second precision | ||
} | ||
@@ -485,7 +485,7 @@ | ||
if (ntpOffset) { | ||
hawk.utils.setNtpOffset(ntpOffset); | ||
hawk.utils.setNtpSecOffset(ntpOffset); | ||
} | ||
}, | ||
setNtpOffset: function (offset) { | ||
setNtpSecOffset: function (offset) { | ||
@@ -501,3 +501,3 @@ try { | ||
getNtpOffset: function () { | ||
getNtpSecOffset: function () { | ||
@@ -514,5 +514,10 @@ const offset = hawk.utils.storage.getItem('hawk_ntp_offset'); | ||
return Math.floor(((new Date()).getTime() + (localtimeOffsetMsec || 0)) / 1000) + hawk.utils.getNtpOffset(); | ||
return Date.now() + (localtimeOffsetMsec || 0) + (hawk.utils.getNtpSecOffset() * 1000); | ||
}, | ||
nowSec: function (localtimeOffsetMsec) { | ||
return Math.floor(hawk.utils.now(localtimeOffsetMsec) / 1000); | ||
}, | ||
escapeHeaderAttribute: function (attribute) { | ||
@@ -519,0 +524,0 @@ |
@@ -35,3 +35,3 @@ 'use strict'; | ||
ext: 'application-specific', // Application specific data sent via the ext attribute | ||
timestamp: Date.now(), // A pre-calculated timestamp | ||
timestamp: Date.now() / 1000, // A pre-calculated timestamp in seconds | ||
nonce: '2334f34f', // A pre-generated nonce | ||
@@ -333,3 +333,3 @@ localtimeOffsetMsec: 400, // Time offset to sync with server time (ignored if timestamp provided) | ||
timestamp: Date.now(), // A pre-calculated timestamp | ||
timestamp: Date.now() / 1000, // A pre-calculated timestamp in seconds | ||
nonce: '2334f34f', // A pre-generated nonce | ||
@@ -336,0 +336,0 @@ localtimeOffsetMsec: 400, // Time offset to sync with server time (ignored if timestamp provided) |
@@ -0,0 +0,0 @@ 'use strict'; |
@@ -0,0 +0,0 @@ 'use strict'; |
@@ -0,0 +0,0 @@ 'use strict'; |
@@ -0,0 +0,0 @@ 'use strict'; |
{ | ||
"name": "hawk", | ||
"description": "HTTP Hawk Authentication Scheme", | ||
"version": "4.1.2", | ||
"version": "5.0.0", | ||
"author": "Eran Hammer <eran@hammer.io> (http://hueniverse.com)", | ||
@@ -19,3 +19,3 @@ "repository": "git://github.com/hueniverse/hawk", | ||
"dependencies": { | ||
"hoek": "3.x.x", | ||
"hoek": "4.x.x", | ||
"boom": "3.x.x", | ||
@@ -28,4 +28,4 @@ "cryptiles": "3.x.x", | ||
"babel-preset-es2015": "^6.1.2", | ||
"code": "2.x.x", | ||
"lab": "8.x.x" | ||
"code": "3.x.x", | ||
"lab": "10.x.x" | ||
}, | ||
@@ -32,0 +32,0 @@ "babel": { |
@@ -6,5 +6,5 @@ ![hawk Logo](https://raw.github.com/hueniverse/hawk/master/images/hawk.png) | ||
Current version: **4.x** | ||
Current version: **5.x** | ||
Note: 4.x, 3.x, and 2.x are the same exact protocol as 1.1. The version increments reflect changes in the node API. | ||
Note: 5.x, 4.x, 3.x, and 2.x are the same exact protocol as 1.1. The version increments reflect changes in the node API. | ||
@@ -22,6 +22,4 @@ [![Build Status](https://travis-ci.org/hueniverse/hawk.svg?branch=master)](https://travis-ci.org/hueniverse/hawk) | ||
- [Browser Support and Considerations](#browser-support-and-considerations) | ||
<p></p> | ||
- [**Single URI Authorization**](#single-uri-authorization) | ||
- [Usage Example](#bewit-usage-example) | ||
<p></p> | ||
- [**Security Considerations**](#security-considerations) | ||
@@ -38,5 +36,3 @@ - [MAC Keys Transmission](#mac-keys-transmission) | ||
- [Host Header Forgery](#host-header-forgery) | ||
<p></p> | ||
- [**Frequently Asked Questions**](#frequently-asked-questions) | ||
<p></p> | ||
- [**Implementations**](#implementations) | ||
@@ -88,3 +84,3 @@ - [**Acknowledgements**](#acknowledgements) | ||
The timestamp enables the server to restrict the validity period of the credentials where requests occuring afterwards | ||
The timestamp enables the server to restrict the validity period of the credentials where requests occurring afterwards | ||
are rejected. It also removes the need for the server to retain an unbounded number of nonce values for future checks. | ||
@@ -200,3 +196,3 @@ By default, **Hawk** uses a time window of 1 minute to allow for time skew between the client and server (which in | ||
**Hawk** utilized the [**SNTP**](https://github.com/hueniverse/sntp) module for time sync management. By default, the local | ||
machine time is used. To automatically retrieve and synchronice the clock within the application, use the SNTP 'start()' method. | ||
machine time is used. To automatically retrieve and synchronize the clock within the application, use the SNTP 'start()' method. | ||
@@ -631,2 +627,3 @@ ```javascript | ||
- [Kumar's Mohawk in Python](https://github.com/kumar303/mohawk/) | ||
- [Hiyosi in Go](https://github.com/hiyosi/hawk) | ||
@@ -633,0 +630,0 @@ # Acknowledgements |
@@ -475,3 +475,3 @@ 'use strict'; | ||
Browser.utils.setNtpOffset(60 * 60 * 1000); | ||
Browser.utils.setNtpSecOffset(60 * 60 * 1000); | ||
const header = Browser.client.header('http://example.com:8080/resource/4?filter=a', req.method, { credentials: credentials1, ext: 'some-app-data' }); | ||
@@ -496,5 +496,5 @@ req.authorization = header.field; | ||
expect(Browser.utils.getNtpOffset()).to.equal(60 * 60 * 1000); | ||
expect(Browser.utils.getNtpSecOffset()).to.equal(60 * 60 * 1000); | ||
expect(Browser.client.authenticate(res, credentials2, header.artifacts)).to.equal(true); | ||
expect(Browser.utils.getNtpOffset()).to.equal(0); | ||
expect(Browser.utils.getNtpSecOffset()).to.equal(0); | ||
@@ -532,3 +532,3 @@ req.authorization = Browser.client.header('http://example.com:8080/resource/4?filter=a', req.method, { credentials: credentials2, ext: 'some-app-data' }).field; | ||
Browser.utils.setNtpOffset(60 * 60 * 1000); | ||
Browser.utils.setNtpSecOffset(60 * 60 * 1000); | ||
const header = Browser.client.header('http://example.com:8080/resource/4?filter=a', req.method, { credentials: credentials1, ext: 'some-app-data' }); | ||
@@ -554,5 +554,5 @@ req.authorization = header.field; | ||
expect(parseInt(localStorage.getItem('hawk_ntp_offset'))).to.equal(60 * 60 * 1000); | ||
expect(Browser.utils.getNtpOffset()).to.equal(60 * 60 * 1000); | ||
expect(Browser.utils.getNtpSecOffset()).to.equal(60 * 60 * 1000); | ||
expect(Browser.client.authenticate(res, credentials2, header.artifacts)).to.equal(true); | ||
expect(Browser.utils.getNtpOffset()).to.equal(0); | ||
expect(Browser.utils.getNtpSecOffset()).to.equal(0); | ||
expect(parseInt(localStorage.getItem('hawk_ntp_offset'))).to.equal(0); | ||
@@ -1344,6 +1344,6 @@ | ||
const offset = Browser.utils.getNtpOffset(); | ||
const offset = Browser.utils.getNtpSecOffset(); | ||
const tsm = Hawk.crypto.timestampMessage(credentials, 10000); | ||
expect(Browser.client.authenticateTimestamp(tsm, credentials, false)).to.equal(true); | ||
expect(offset).to.equal(Browser.utils.getNtpOffset()); | ||
expect(offset).to.equal(Browser.utils.getNtpSecOffset()); | ||
done(); | ||
@@ -1419,3 +1419,3 @@ }); | ||
describe('setNtpOffset()', (done) => { | ||
describe('setNtpSecOffset()', (done) => { | ||
@@ -1443,3 +1443,3 @@ it('catches localStorage errors', { parallel: false }, (done) => { | ||
Browser.utils.setNtpOffset(100); | ||
Browser.utils.setNtpSecOffset(100); | ||
}).not.to.throw(); | ||
@@ -1495,3 +1495,3 @@ | ||
const uri = Browser.utils.parseUri('ftp'); | ||
expect(uri).to.deep.equal({ host: '', port: '', resource: '' }); | ||
expect(uri).to.equal({ host: '', port: '', resource: '' }); | ||
done(); | ||
@@ -1498,0 +1498,0 @@ }); |
@@ -369,3 +369,3 @@ 'use strict'; | ||
expect(err).to.not.exist(); | ||
expect(headers).to.deep.equal({ | ||
expect(headers).to.equal({ | ||
'www-authenticate': null, | ||
@@ -372,0 +372,0 @@ 'server-authorization': { |
@@ -0,0 +0,0 @@ 'use strict'; |
@@ -0,0 +0,0 @@ 'use strict'; |
@@ -0,0 +0,0 @@ 'use strict'; |
@@ -0,0 +0,0 @@ 'use strict'; |
@@ -0,0 +0,0 @@ 'use strict'; |
@@ -0,0 +0,0 @@ 'use strict'; |
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
5874
393604
632
- Removedhoek@3.0.4(transitive)
Updatedhoek@4.x.x