Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More →
hc-service-client
Advanced tools
hc-service-client - npm Package Compare versions
Comparing version 1.3.0-alpha.0 to 1.3.0-alpha.1
@@ -172,4 +172,6 @@ 'use strict'; | ||
| writer.on('finish', function() { | ||
| options.stream = fs.createReadStream(tmpFile); | ||
| headers['Content-Length'] = len; | ||
| resolve() | ||
@@ -179,2 +181,3 @@ }); | ||
| options.stream.on('data', function (chunk) { | ||
| len += chunk.length | ||
| sign.update(chunk); | ||
@@ -181,0 +184,0 @@ }); |
| 'use strict'; | ||
| const crypto = require('crypto'); | ||
| const _ = require('lodash'); | ||
| const Url = require('url'); | ||
| const debug = require('debug')('hc-service-client'); | ||
| function sha1(stringToSign, secret) { | ||
| return crypto.createHmac('sha1', secret).update(stringToSign).digest().toString('base64'); | ||
| } | ||
| class Signature { | ||
@@ -17,3 +12,6 @@ constructor(options) { | ||
| update(buf) { | ||
| this.md5.update(buf); | ||
| if (this.options.disableBodySign) { | ||
| return; | ||
| } | ||
| this.md5.update(buf, 'utf8'); | ||
| } | ||
@@ -24,21 +22,29 @@ end(date) { | ||
| const path = options.path; | ||
| const content = options.data; | ||
| const accessKeyId = options.accessKeyId; | ||
| const accessKeySecret = options.accessKeySecret; | ||
| const log = options.log; | ||
| const signatureHeader = options.signatureHeader; | ||
| const disableBodySign = options.disableBodySign; | ||
| let body = content || {}; | ||
| let bodymd5 = ''; | ||
| let headers = {}; | ||
| if (body && _.size(body) && ['POST', 'PUT', 'PATCH'].indexOf(method.toUpperCase()) >= 0) { | ||
| bodymd5 = crypto.createHash('md5').update(Buffer.from(JSON.stringify(body))).digest('base64'); | ||
| headers['Content-MD5'] = bodymd5; | ||
| let contentMd5; | ||
| let toSignStr; | ||
| const headers = {}; | ||
| if (!disableBodySign && ['POST', 'PUT', 'PATCH'].indexOf(method) >= 0) { | ||
| contentMd5 = this.md5.digest('base64'); | ||
| toSignStr = `${method}\n${path}\n${date}\n${contentMd5}`; | ||
| headers['Content-MD5'] = contentMd5; | ||
| log.debug('request post body: ', options.data); | ||
| } else { | ||
| toSignStr = `${method}\n${path}\n${date}`; | ||
| } | ||
| let stringToSign = method + '\n' + Url.parse(path).path + '\n' + date; | ||
| if (bodymd5) { | ||
| stringToSign = stringToSign + '\n' + bodymd5; | ||
| } | ||
| let signature = sha1(stringToSign, this.options.accessKeySecret); | ||
| headers[this.options.signatureHeader || 'signature'] = `common-user-ak-v1 ${this.options.accessKeyId}:${signature}`; | ||
| debug('beSignStr: ', toSignStr); | ||
| log.debug('beSignStr: ', toSignStr); | ||
| let signature = crypto.createHmac('sha1', accessKeySecret).update(toSignStr, 'utf8').digest('base64'); | ||
| headers[signatureHeader || 'signature'] = `common-user-ak-v1 ${accessKeyId}:${signature}`; | ||
| return headers; | ||
| } | ||
| } | ||
| }; | ||
| function signature(options) { | ||
@@ -45,0 +51,0 @@ let sign = new Signature(options); |
| { | ||
| "name": "hc-service-client", | ||
| "version": "1.3.0-alpha.0", | ||
| "version": "1.3.0-alpha.1", | ||
| "description": "Service Client Extension for Honeybee", | ||
@@ -5,0 +5,0 @@ "main": "index.js", |
Fixed alerts
New author
Supply chain riskA new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.
Found 1 instance in 1 package
Improved metrics
- Total package byte prevSize
- increased by0.49%
51578
- Lines of code
- increased by0.62%
1137
- Number of medium supply chain risk alerts
- decreased by-50%
1
No dependency changes