		@@ -1,2 +0,2 @@
		"use strict";function _classCallCheck(e,t){if(!(e instanceof t))throw new TypeError("Cannot call a class as a function")}var _createClass=function(){function e(e,t){for(var r=0;r<t.length;r++){var n=t[r];n.enumerable=n.enumerable\|\|!1,n.configurable=!0,"value"in n&&(n.writable=!0),Object.defineProperty(e,n.key,n)}}return function(t,r,n){return r&&e(t.prototype,r),n&&e(t,n),t}}(),_typeof="function"==typeof Symbol&&"symbol"==typeof Symbol.iterator?function(e){return typeof e}:function(e){return e&&"function"==typeof Symbol&&e.constructor===Symbol?"symbol":typeof e};Date.now\|\|(Date.now=function(){return(new Date).getTime()}),Object.keys\|\|(Object.keys=function(){var e=Object.prototype.hasOwnProperty,t=!{toString:null}.propertyIsEnumerable("toString"),r=["toString","toLocaleString","valueOf","hasOwnProperty","isPrototypeOf","propertyIsEnumerable","constructor"],n=r.length;return function(o){if("object"!==("undefined"==typeof o?"undefined":_typeof(o))&&("function"!=typeof o\|\|null===o))throw new TypeError("Object.keys called on non-object");var a,i,s=[];for(a in o)e.call(o,a)&&s.push(a);if(t)for(i=0;n>i;i++)e.call(o,r[i])&&s.push(r[i]);return s}}()),Array.prototype.forEach\|\|(Array.prototype.forEach=function(e,t){var r,n;if(null==this)throw new TypeError(" this is null or not defined");var o=Object(this),a=o.length>>>0;if("function"!=typeof e)throw new TypeError(e+" is not a function");for(arguments.length>1&&(r=t),n=0;a>n;){var i;n in o&&(i=o[n],e.call(r,i,n,o)),n++}});var AcquiaHttpHmac=function(){function e(t){var r=t.realm,n=t.public_key,o=t.secret_key,a=t.version,i=void 0===a?"2.0":a,s=t.default_content_type,u=void 0===s?"application/json":s;if(_classCallCheck(this,e),!r)throw new Error('The "realm" must not be empty.');if(!n)throw new Error('The "public_key" must not be empty.');if(!o)throw new Error('The "secret_key" must not be empty.');var c=["2.0"];if(c.indexOf(i)<0)throw new Error('The version must be "'+c.join('" or "')+'". Version "'+i+'" is not supported.');var p=CryptoJS.enc.Base64.parse(o);this.config={realm:r,public_key:n,parsed_secret_key:p,version:i,default_content_type:u},this.SUPPORTED_METHODS=["GET","POST","PUT","DELETE","HEAD","OPTIONS","CUSTOM"]}return _createClass(e,[{key:"isXMLHttpRequest",value:function(e){return e instanceof XMLHttpRequest}},{key:"isPromiseRequest",value:function(e){return e.hasOwnProperty("setRequestHeader")&&e.hasOwnProperty("getResponseHeader")&&e.hasOwnProperty("promise")}},{key:"sign",value:function(e){var t=e.request,r=e.method,n=e.path,o=e.signed_headers,a=void 0===o?{}:o,i=e.content_type,s=void 0===i?this.config.default_content_type:i,u=e.body,c=void 0===u?"":u;if(!this.isXMLHttpRequest(t)&&!this.isPromiseRequest(t))throw new Error("The request must be a XMLHttpRequest or promise-based request Object (e.g. jqXHR).");if(this.SUPPORTED_METHODS.indexOf(r)<0)throw new Error('The method must be "'+this.SUPPORTED_METHODS.join('" or "')+'". "'+r+'" is not supported.');if(!n)throw new Error("The end point path must not be empty.");var p=function(e){var t=arguments.length<=1\|\|void 0===arguments[1]?"=":arguments[1],r=arguments.length<=2\|\|void 0===arguments[2]?"":arguments[2],n=arguments.length<=3\|\|void 0===arguments[3]?"&":arguments[3],o=arguments.length<=4\|\|void 0===arguments[4]?!0:arguments[4],a=Object.keys(e).sort(),i=[],s=void 0;return a.forEach(function(n){e.hasOwnProperty(n)&&(s=o?encodeURI(e[n]):e[n],i.push(""+n.toLocaleLowerCase()+t+s+r))}),i.join(n)},f=function(){var e=Date.now();return"xxxxxxxx-xxxx-4xxx-yxxx-xxxxxxxxxxxx".replace(/[xy]/g,function(t){var r=(e+16*Math.random())%16\|0;return e=Math.floor(e/16),("x"==t?r:7&r\|8).toString(16)})},h=function(e,t){var r=["GET","HEAD"];return 0!==e.length&&r.indexOf(t)<0},y=f(),l=document.createElement("a"),m={id:this.config.public_key,nonce:y,realm:this.config.realm,version:this.config.version},d=Math.floor(Date.now()/1e3).toString(),g=h(c,r)?CryptoJS.SHA256(c).toString(CryptoJS.enc.Base64):"",v=h(c,r)?"\n"+s+"\n"+g:"";l.href=n;var H=l.port?":"+l.port:"",w=""+l.hostname+H,x=l.search.substring(1),b=p(a,":","","\n",!1),S=""===b?"":b+"\n",E=r+"\n"+w+"\n"+l.pathname+"\n"+x+"\n"+p(m)+"\n"+S+d+v,O=p(m,'="','"',","),_=0===Object.keys(a).length?"":',headers="'+encodeURI(Object.keys(a).sort().join(";").toLowerCase())+'"',T=encodeURI(CryptoJS.HmacSHA256(E,this.config.parsed_secret_key).toString(CryptoJS.enc.Base64)),q="acquia-http-hmac "+O+_+',signature="'+T+'"';this.isXMLHttpRequest(t)&&0===t.readyState&&t.open(r,n,!0),t.acquiaHttpHmac={},t.acquiaHttpHmac.timestamp=d,t.acquiaHttpHmac.nonce=y,t.setRequestHeader("X-Authorization-Timestamp",d),t.setRequestHeader("Authorization",q),g&&t.setRequestHeader("X-Authorization-Content-SHA256",g)}},{key:"hasValidResponse",value:function(e){var t=e.acquiaHttpHmac.nonce+"\n"+e.acquiaHttpHmac.timestamp+"\n"+e.responseText,r=CryptoJS.HmacSHA256(t,this.config.parsed_secret_key).toString(CryptoJS.enc.Base64),n=e.getResponseHeader("X-Server-Authorization-HMAC-SHA256");return r===n}}]),e}();if("object"===("undefined"==typeof exports?"undefined":_typeof(exports))){var CryptoJS=require("crypto-js");module.exports=exports=AcquiaHttpHmac}else{if("function"==typeof define&&define.amd)throw new Error("Update here to support AMD.");window.AcquiaHttpHmac=AcquiaHttpHmac}
		"use strict";function _classCallCheck(e,t){if(!(e instanceof t))throw new TypeError("Cannot call a class as a function")}var _createClass=function(){function e(e,t){for(var n=0;n<t.length;n++){var o=t[n];o.enumerable=o.enumerable\|\|!1,o.configurable=!0,"value"in o&&(o.writable=!0),Object.defineProperty(e,o.key,o)}}return function(t,n,o){return n&&e(t.prototype,n),o&&e(t,o),t}}(),_typeof="function"==typeof Symbol&&"symbol"==typeof Symbol.iterator?function(e){return typeof e}:function(e){return e&&"function"==typeof Symbol&&e.constructor===Symbol?"symbol":typeof e};Date.now\|\|(Date.now=function(){return(new Date).getTime()}),Object.keys\|\|(Object.keys=function(){var e=Object.prototype.hasOwnProperty,t=!{toString:null}.propertyIsEnumerable("toString"),n=["toString","toLocaleString","valueOf","hasOwnProperty","isPrototypeOf","propertyIsEnumerable","constructor"],o=n.length;return function(r){if("object"!==("undefined"==typeof r?"undefined":_typeof(r))&&("function"!=typeof r\|\|null===r))throw new TypeError("Object.keys called on non-object");var a,i,s=[];for(a in r)e.call(r,a)&&s.push(a);if(t)for(i=0;o>i;i++)e.call(r,n[i])&&s.push(n[i]);return s}}()),Array.prototype.forEach\|\|(Array.prototype.forEach=function(e,t){var n,o;if(null==this)throw new TypeError(" this is null or not defined");var r=Object(this),a=r.length>>>0;if("function"!=typeof e)throw new TypeError(e+" is not a function");for(arguments.length>1&&(n=t),o=0;a>o;){var i;o in r&&(i=r[o],e.call(n,i,o,r)),o++}});var AcquiaHttpHmac=function(){function e(t){var n=t.realm,o=t.public_key,r=t.secret_key,a=t.version,i=void 0===a?"2.0":a,s=t.default_content_type,u=void 0===s?"application/json":s;if(_classCallCheck(this,e),!n)throw new Error('The "realm" must not be empty.');if(!o)throw new Error('The "public_key" must not be empty.');if(!r)throw new Error('The "secret_key" must not be empty.');var c=["2.0"];if(c.indexOf(i)<0)throw new Error('The version must be "'+c.join('" or "')+'". Version "'+i+'" is not supported.');var p=CryptoJS.enc.Base64.parse(r);this.config={realm:n,public_key:o,parsed_secret_key:p,version:i,default_content_type:u},this.SUPPORTED_METHODS=["GET","POST","PUT","DELETE","HEAD","OPTIONS","CUSTOM"]}return _createClass(e,[{key:"isXMLHttpRequest",value:function(e){return e instanceof XMLHttpRequest}},{key:"isPromiseRequest",value:function(e){return e.hasOwnProperty("setRequestHeader")&&e.hasOwnProperty("getResponseHeader")&&e.hasOwnProperty("promise")}},{key:"sign",value:function(e){var t=e.request,n=e.method,o=e.path,r=e.signed_headers,a=void 0===r?{}:r,i=e.content_type,s=void 0===i?this.config.default_content_type:i,u=e.body,c=void 0===u?"":u;if(!this.isXMLHttpRequest(t)&&!this.isPromiseRequest(t))throw new Error("The request must be a XMLHttpRequest or promise-based request Object (e.g. jqXHR).");if(this.SUPPORTED_METHODS.indexOf(n)<0)throw new Error('The method must be "'+this.SUPPORTED_METHODS.join('" or "')+'". "'+n+'" is not supported.');if(!o)throw new Error("The end point path must not be empty.");var p=function(e){var t=arguments.length<=1\|\|void 0===arguments[1]?"=":arguments[1],n=arguments.length<=2\|\|void 0===arguments[2]?"":arguments[2],o=arguments.length<=3\|\|void 0===arguments[3]?"&":arguments[3],r=arguments.length<=4\|\|void 0===arguments[4]?!0:arguments[4],a=Object.keys(e),i=[],s={},u=[];return a.forEach(function(t){if(e.hasOwnProperty(t)){var n=t.toLowerCase();i.push(n),s[n]=r?encodeURI(e[t]):e[t]}}),i.sort().forEach(function(e){s.hasOwnProperty(e)&&u.push(""+e+t+s[e]+n)}),u.join(o)},f=function(){var e=Date.now();return"xxxxxxxx-xxxx-4xxx-yxxx-xxxxxxxxxxxx".replace(/[xy]/g,function(t){var n=(e+16*Math.random())%16\|0;return e=Math.floor(e/16),("x"==t?n:7&n\|8).toString(16)})},l=function(e,t){var n=["GET","HEAD"];return 0!==e.length&&n.indexOf(t)<0},h=f(),y=document.createElement("a"),m={id:this.config.public_key,nonce:h,realm:this.config.realm,version:this.config.version},g=Math.floor(Date.now()/1e3).toString(),d=l(c,n)?CryptoJS.SHA256(c).toString(CryptoJS.enc.Base64):"",v=l(c,n)?"\n"+s+"\n"+d:"";y.href=o;var H=y.port?":"+y.port:"",x=""+y.hostname+H,b=y.search.substring(1),w=p(a,":","","\n",!1),_=""===w?"":w+"\n",S=n+"\n"+x+"\n"+y.pathname+"\n"+b+"\n"+p(m)+"\n"+_+g+v,E=p(m,'="','"',","),O=0===Object.keys(a).length?"":',headers="'+encodeURI(Object.keys(a).join("\|\|\|\|\|").toLowerCase().split("\|\|\|\|\|").sort().join(";"))+'"',T=encodeURI(CryptoJS.HmacSHA256(S,this.config.parsed_secret_key).toString(CryptoJS.enc.Base64)),q="acquia-http-hmac "+E+O+',signature="'+T+'"';this.isXMLHttpRequest(t)&&0===t.readyState&&t.open(n,o,!0),t.acquiaHttpHmac={},t.acquiaHttpHmac.timestamp=g,t.acquiaHttpHmac.nonce=h,t.setRequestHeader("X-Authorization-Timestamp",g),t.setRequestHeader("Authorization",q),d&&t.setRequestHeader("X-Authorization-Content-SHA256",d),console.log("signature_base_string",S),console.log("authorization",q),console.log("x_authorization_timestamp",g),console.log("nonce",h),console.log("x_authorization_content_sha256",d)}},{key:"hasValidResponse",value:function(e){var t=e.acquiaHttpHmac.nonce+"\n"+e.acquiaHttpHmac.timestamp+"\n"+e.responseText,n=CryptoJS.HmacSHA256(t,this.config.parsed_secret_key).toString(CryptoJS.enc.Base64),o=e.getResponseHeader("X-Server-Authorization-HMAC-SHA256");return console.log("signature_base_string",t),console.log("signature ",n),console.log("server_signature",o),n===o}}]),e}();if("object"===("undefined"==typeof exports?"undefined":_typeof(exports))){var CryptoJS=require("crypto-js");module.exports=exports=AcquiaHttpHmac}else{if("function"==typeof define&&define.amd)throw new Error("Update here to support AMD.");window.AcquiaHttpHmac=AcquiaHttpHmac}
		!function(t,n){"object"==typeof exports?module.exports=exports=n():"function"==typeof define&&define.amd?define([],n):t.CryptoJS=n()}(this,function(){var t=t\|\|function(t,n){var i={},e=i.lib={},r=e.Base=function(){function t(){}return{extend:function(n){t.prototype=this;var i=new t;return n&&i.mixIn(n),i.hasOwnProperty("init")\|\|(i.init=function(){i.$super.init.apply(this,arguments)}),i.init.prototype=i,i.$super=this,i},create:function(){var t=this.extend();return t.init.apply(t,arguments),t},init:function(){},mixIn:function(t){for(var n in t)t.hasOwnProperty(n)&&(this[n]=t[n]);t.hasOwnProperty("toString")&&(this.toString=t.toString)},clone:function(){return this.init.prototype.extend(this)}}}(),s=e.WordArray=r.extend({init:function(t,i){t=this.words=t\|\|[],i!=n?this.sigBytes=i:this.sigBytes=4t.length},toString:function(t){return(t\|\|a).stringify(this)},concat:function(t){var n=this.words,i=t.words,e=this.sigBytes,r=t.sigBytes;if(this.clamp(),e%4)for(var s=0;r>s;s++){var o=i[s>>>2]>>>24-s%48&255;n[e+s>>>2]\|=o<<24-(e+s)%48}else for(var s=0;r>s;s+=4)n[e+s>>>2]=i[s>>>2];return this.sigBytes+=r,this},clamp:function(){var n=this.words,i=this.sigBytes;n[i>>>2]&=4294967295<<32-i%48,n.length=t.ceil(i/4)},clone:function(){var t=r.clone.call(this);return t.words=this.words.slice(0),t},random:function(n){for(var i,e=[],r=function(n){var n=n,i=987654321,e=4294967295;return function(){i=36969(65535&i)+(i>>16)&e,n=18e3(65535&n)+(n>>16)&e;var r=(i<<16)+n&e;return r/=4294967296,r+=.5,r(t.random()>.5?1:-1)}},o=0;n>o;o+=4){var a=r(4294967296(i\|\|t.random()));i=987654071a(),e.push(4294967296a()\|0)}return new s.init(e,n)}}),o=i.enc={},a=o.Hex={stringify:function(t){for(var n=t.words,i=t.sigBytes,e=[],r=0;i>r;r++){var s=n[r>>>2]>>>24-r%48&255;e.push((s>>>4).toString(16)),e.push((15&s).toString(16))}return e.join("")},parse:function(t){for(var n=t.length,i=[],e=0;n>e;e+=2)i[e>>>3]\|=parseInt(t.substr(e,2),16)<<24-e%84;return new s.init(i,n/2)}},c=o.Latin1={stringify:function(t){for(var n=t.words,i=t.sigBytes,e=[],r=0;i>r;r++){var s=n[r>>>2]>>>24-r%48&255;e.push(String.fromCharCode(s))}return e.join("")},parse:function(t){for(var n=t.length,i=[],e=0;n>e;e++)i[e>>>2]\|=(255&t.charCodeAt(e))<<24-e%48;return new s.init(i,n)}},u=o.Utf8={stringify:function(t){try{return decodeURIComponent(escape(c.stringify(t)))}catch(n){throw new Error("Malformed UTF-8 data")}},parse:function(t){return c.parse(unescape(encodeURIComponent(t)))}},f=e.BufferedBlockAlgorithm=r.extend({reset:function(){this._data=new s.init,this._nDataBytes=0},_append:function(t){"string"==typeof t&&(t=u.parse(t)),this._data.concat(t),this._nDataBytes+=t.sigBytes},_process:function(n){var i=this._data,e=i.words,r=i.sigBytes,o=this.blockSize,a=4o,c=r/a;c=n?t.ceil(c):t.max((0\|c)-this._minBufferSize,0);var u=co,f=t.min(4*u,r);if(u){for(var h=0;u>h;h+=o)this._doProcessBlock(e,h);var p=e.splice(0,u);i.sigBytes-=f}return new s.init(p,f)},clone:function(){var t=r.clone.call(this);return t._data=this._data.clone(),t},_minBufferSize:0}),h=(e.Hasher=f.extend({cfg:r.extend(),init:function(t){this.cfg=this.cfg.extend(t),this.reset()},reset:function(){f.reset.call(this),this._doReset()},update:function(t){return this._append(t),this._process(),this},finalize:function(t){t&&this._append(t);var n=this._doFinalize();return n},blockSize:16,_createHelper:function(t){return function(n,i){return new t.init(i).finalize(n)}},_createHmacHelper:function(t){return function(n,i){return new h.HMAC.init(t,i).finalize(n)}}}),i.algo={});return i}(Math);return t});
		@@ -7,2 +7,2 @@ !function(e,t){"object"==typeof exports?module.exports=exports=t(require("./core")):"function"==typeof define&&define.amd?define(["./core"],t):t(e.CryptoJS)}(this,function(e){!function(){var t=e,i=t.lib,n=i.Base,s=t.enc,r=s.Utf8,o=t.algo;o.HMAC=n.extend({init:function(e,t){e=this._hasher=new e.init,"string"==typeof t&&(t=r.parse(t));var i=e.blockSize,n=4*i;t.sigBytes>n&&(t=e.finalize(t)),t.clamp();for(var s=this._oKey=t.clone(),o=this._iKey=t.clone(),a=s.words,f=o.words,c=0;i>c;c++)a[c]^=1549556828,f[c]^=909522486;s.sigBytes=o.sigBytes=n,this.reset()},reset:function(){var e=this._hasher;e.reset(),e.update(this._iKey)},update:function(e){return this._hasher.update(e),this},finalize:function(e){var t=this._hasher,i=t.finalize(e);t.reset();var n=t.finalize(this._oKey.clone().concat(i));return n}})}()});
		!function(r,e){"object"==typeof exports?module.exports=exports=e(require("./core")):"function"==typeof define&&define.amd?define(["./core"],e):e(r.CryptoJS)}(this,function(r){return function(){var e=r,t=e.lib,n=t.WordArray,a=e.enc;a.Base64={stringify:function(r){var e=r.words,t=r.sigBytes,n=this._map;r.clamp();for(var a=[],i=0;t>i;i+=3)for(var o=e[i>>>2]>>>24-i%48&255,f=e[i+1>>>2]>>>24-(i+1)%48&255,c=e[i+2>>>2]>>>24-(i+2)%48&255,s=o<<16\|f<<8\|c,p=0;4>p&&t>i+.75p;p++)a.push(n.charAt(s>>>6(3-p)&63));var u=n.charAt(64);if(u)for(;a.length%4;)a.push(u);return a.join("")},parse:function(r){var e=r.length,t=this._map,a=t.charAt(64);if(a){var i=r.indexOf(a);-1!=i&&(e=i)}for(var o=[],f=0,c=0;e>c;c++)if(c%4){var s=t.indexOf(r.charAt(c-1))<<c%42,p=t.indexOf(r.charAt(c))>>>6-c%42,u=s\|p;o[f>>>2]\|=u<<24-f%48,f++}return n.create(o,f)},_map:"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/="}}(),r.enc.Base64});
		"use strict";var method="GET",port=location.port?":"+location.port:"",pathname=location.pathname.replace(/html$/,"php"),path=location.protocol+"//"+location.hostname+port+pathname+"?first_word=Hello World&second_word=World#myAnchor",signed_headers={"x-acquia-plexus-client-id":"57ea14f4-9255-4bac-7f90-c19e47f5be2d","my-special-header":"my special header"},content_type="text/plain",hmac_config={realm:"dice",public_key:"ABCD-1234",secret_key:"d175024aa4c4d8b312a7114687790c772dd94fb725cb68016aaeae5a76d68102"},HMAC=new AcquiaHttpHmac(hmac_config),request=new XMLHttpRequest;request.onreadystatechange=function(){if(4===request.readyState){if(200!==request.status)throw new Error("Problem retrieving data.");if(!HMAC.hasValidResponse(request))throw new Error("The request does not have a valid response.");document.getElementById("text-display").innerHTML=request.response}};var sign_parameters={request:request,method:method,path:path,signed_headers:signed_headers,content_type:content_type};HMAC.sign(sign_parameters),request.setRequestHeader("Content-Type",content_type),request.setRequestHeader("Special-Header-1","special_header_1_value"),request.setRequestHeader("Special-Header-2","special_header_2_value"),request.setRequestHeader("Unsigned-Header-1","unsigned_header_1_value"),request.send();
		"use strict";var method="GET",port=location.port?":"+location.port:"",pathname=location.pathname.replace(/html$/,"php"),path=location.protocol+"//"+location.hostname+port+pathname+"?first_word=Hello&second_word=World#myAnchor",signed_headers={"Special-Header-1":"special_header_1_value","Special-Header-2":"special_header_2_value"},content_type="text/plain",hmac_config={realm:"dice",public_key:"ABCD-1234",secret_key:"d175024aa4c4d8b312a7114687790c772dd94fb725cb68016aaeae5a76d68102"},HMAC=new AcquiaHttpHmac(hmac_config),request=new XMLHttpRequest;request.onreadystatechange=function(){if(4===request.readyState){if(200!==request.status)throw new Error("Problem retrieving data.");if(!HMAC.hasValidResponse(request))throw new Error("The request does not have a valid response.");document.getElementById("text-display").innerHTML=request.response}};var sign_parameters={request:request,method:method,path:path,signed_headers:signed_headers,content_type:content_type};HMAC.sign(sign_parameters),request.setRequestHeader("Content-Type",content_type),request.setRequestHeader("Special-Header-1","special_header_1_value"),request.setRequestHeader("Special-Header-2","special_header_2_value"),request.setRequestHeader("Unsigned-Header-1","unsigned_header_1_value"),request.send();

demo/post.app.js

		@@ -1,2 +0,2 @@
		"use strict";function _classCallCheck(e,t){if(!(e instanceof t))throw new TypeError("Cannot call a class as a function")}var _createClass=function(){function e(e,t){for(var r=0;r<t.length;r++){var n=t[r];n.enumerable=n.enumerable\|\|!1,n.configurable=!0,"value"in n&&(n.writable=!0),Object.defineProperty(e,n.key,n)}}return function(t,r,n){return r&&e(t.prototype,r),n&&e(t,n),t}}(),_typeof="function"==typeof Symbol&&"symbol"==typeof Symbol.iterator?function(e){return typeof e}:function(e){return e&&"function"==typeof Symbol&&e.constructor===Symbol?"symbol":typeof e};Date.now\|\|(Date.now=function(){return(new Date).getTime()}),Object.keys\|\|(Object.keys=function(){var e=Object.prototype.hasOwnProperty,t=!{toString:null}.propertyIsEnumerable("toString"),r=["toString","toLocaleString","valueOf","hasOwnProperty","isPrototypeOf","propertyIsEnumerable","constructor"],n=r.length;return function(o){if("object"!==("undefined"==typeof o?"undefined":_typeof(o))&&("function"!=typeof o\|\|null===o))throw new TypeError("Object.keys called on non-object");var a,i,s=[];for(a in o)e.call(o,a)&&s.push(a);if(t)for(i=0;n>i;i++)e.call(o,r[i])&&s.push(r[i]);return s}}()),Array.prototype.forEach\|\|(Array.prototype.forEach=function(e,t){var r,n;if(null==this)throw new TypeError(" this is null or not defined");var o=Object(this),a=o.length>>>0;if("function"!=typeof e)throw new TypeError(e+" is not a function");for(arguments.length>1&&(r=t),n=0;a>n;){var i;n in o&&(i=o[n],e.call(r,i,n,o)),n++}});var AcquiaHttpHmac=function(){function e(t){var r=t.realm,n=t.public_key,o=t.secret_key,a=t.version,i=void 0===a?"2.0":a,s=t.default_content_type,u=void 0===s?"application/json":s;if(_classCallCheck(this,e),!r)throw new Error('The "realm" must not be empty.');if(!n)throw new Error('The "public_key" must not be empty.');if(!o)throw new Error('The "secret_key" must not be empty.');var c=["2.0"];if(c.indexOf(i)<0)throw new Error('The version must be "'+c.join('" or "')+'". Version "'+i+'" is not supported.');var p=CryptoJS.enc.Base64.parse(o);this.config={realm:r,public_key:n,parsed_secret_key:p,version:i,default_content_type:u},this.SUPPORTED_METHODS=["GET","POST","PUT","DELETE","HEAD","OPTIONS","CUSTOM"]}return _createClass(e,[{key:"isXMLHttpRequest",value:function(e){return e instanceof XMLHttpRequest}},{key:"isPromiseRequest",value:function(e){return e.hasOwnProperty("setRequestHeader")&&e.hasOwnProperty("getResponseHeader")&&e.hasOwnProperty("promise")}},{key:"sign",value:function(e){var t=e.request,r=e.method,n=e.path,o=e.signed_headers,a=void 0===o?{}:o,i=e.content_type,s=void 0===i?this.config.default_content_type:i,u=e.body,c=void 0===u?"":u;if(!this.isXMLHttpRequest(t)&&!this.isPromiseRequest(t))throw new Error("The request must be a XMLHttpRequest or promise-based request Object (e.g. jqXHR).");if(this.SUPPORTED_METHODS.indexOf(r)<0)throw new Error('The method must be "'+this.SUPPORTED_METHODS.join('" or "')+'". "'+r+'" is not supported.');if(!n)throw new Error("The end point path must not be empty.");var p=function(e){var t=arguments.length<=1\|\|void 0===arguments[1]?"=":arguments[1],r=arguments.length<=2\|\|void 0===arguments[2]?"":arguments[2],n=arguments.length<=3\|\|void 0===arguments[3]?"&":arguments[3],o=arguments.length<=4\|\|void 0===arguments[4]?!0:arguments[4],a=Object.keys(e).sort(),i=[],s=void 0;return a.forEach(function(n){e.hasOwnProperty(n)&&(s=o?encodeURI(e[n]):e[n],i.push(""+n.toLocaleLowerCase()+t+s+r))}),i.join(n)},f=function(){var e=Date.now();return"xxxxxxxx-xxxx-4xxx-yxxx-xxxxxxxxxxxx".replace(/[xy]/g,function(t){var r=(e+16*Math.random())%16\|0;return e=Math.floor(e/16),("x"==t?r:7&r\|8).toString(16)})},h=function(e,t){var r=["GET","HEAD"];return 0!==e.length&&r.indexOf(t)<0},y=f(),l=document.createElement("a"),m={id:this.config.public_key,nonce:y,realm:this.config.realm,version:this.config.version},d=Math.floor(Date.now()/1e3).toString(),g=h(c,r)?CryptoJS.SHA256(c).toString(CryptoJS.enc.Base64):"",v=h(c,r)?"\n"+s+"\n"+g:"";l.href=n;var H=l.port?":"+l.port:"",w=""+l.hostname+H,x=l.search.substring(1),b=p(a,":","","\n",!1),S=""===b?"":b+"\n",E=r+"\n"+w+"\n"+l.pathname+"\n"+x+"\n"+p(m)+"\n"+S+d+v,O=p(m,'="','"',","),_=0===Object.keys(a).length?"":',headers="'+encodeURI(Object.keys(a).sort().join(";").toLowerCase())+'"',T=encodeURI(CryptoJS.HmacSHA256(E,this.config.parsed_secret_key).toString(CryptoJS.enc.Base64)),q="acquia-http-hmac "+O+_+',signature="'+T+'"';this.isXMLHttpRequest(t)&&0===t.readyState&&t.open(r,n,!0),t.acquiaHttpHmac={},t.acquiaHttpHmac.timestamp=d,t.acquiaHttpHmac.nonce=y,t.setRequestHeader("X-Authorization-Timestamp",d),t.setRequestHeader("Authorization",q),g&&t.setRequestHeader("X-Authorization-Content-SHA256",g)}},{key:"hasValidResponse",value:function(e){var t=e.acquiaHttpHmac.nonce+"\n"+e.acquiaHttpHmac.timestamp+"\n"+e.responseText,r=CryptoJS.HmacSHA256(t,this.config.parsed_secret_key).toString(CryptoJS.enc.Base64),n=e.getResponseHeader("X-Server-Authorization-HMAC-SHA256");return r===n}}]),e}();if("object"===("undefined"==typeof exports?"undefined":_typeof(exports))){var CryptoJS=require("crypto-js");module.exports=exports=AcquiaHttpHmac}else{if("function"==typeof define&&define.amd)throw new Error("Update here to support AMD.");window.AcquiaHttpHmac=AcquiaHttpHmac}
		"use strict";function _classCallCheck(e,t){if(!(e instanceof t))throw new TypeError("Cannot call a class as a function")}var _createClass=function(){function e(e,t){for(var n=0;n<t.length;n++){var o=t[n];o.enumerable=o.enumerable\|\|!1,o.configurable=!0,"value"in o&&(o.writable=!0),Object.defineProperty(e,o.key,o)}}return function(t,n,o){return n&&e(t.prototype,n),o&&e(t,o),t}}(),_typeof="function"==typeof Symbol&&"symbol"==typeof Symbol.iterator?function(e){return typeof e}:function(e){return e&&"function"==typeof Symbol&&e.constructor===Symbol?"symbol":typeof e};Date.now\|\|(Date.now=function(){return(new Date).getTime()}),Object.keys\|\|(Object.keys=function(){var e=Object.prototype.hasOwnProperty,t=!{toString:null}.propertyIsEnumerable("toString"),n=["toString","toLocaleString","valueOf","hasOwnProperty","isPrototypeOf","propertyIsEnumerable","constructor"],o=n.length;return function(r){if("object"!==("undefined"==typeof r?"undefined":_typeof(r))&&("function"!=typeof r\|\|null===r))throw new TypeError("Object.keys called on non-object");var a,i,s=[];for(a in r)e.call(r,a)&&s.push(a);if(t)for(i=0;o>i;i++)e.call(r,n[i])&&s.push(n[i]);return s}}()),Array.prototype.forEach\|\|(Array.prototype.forEach=function(e,t){var n,o;if(null==this)throw new TypeError(" this is null or not defined");var r=Object(this),a=r.length>>>0;if("function"!=typeof e)throw new TypeError(e+" is not a function");for(arguments.length>1&&(n=t),o=0;a>o;){var i;o in r&&(i=r[o],e.call(n,i,o,r)),o++}});var AcquiaHttpHmac=function(){function e(t){var n=t.realm,o=t.public_key,r=t.secret_key,a=t.version,i=void 0===a?"2.0":a,s=t.default_content_type,u=void 0===s?"application/json":s;if(_classCallCheck(this,e),!n)throw new Error('The "realm" must not be empty.');if(!o)throw new Error('The "public_key" must not be empty.');if(!r)throw new Error('The "secret_key" must not be empty.');var c=["2.0"];if(c.indexOf(i)<0)throw new Error('The version must be "'+c.join('" or "')+'". Version "'+i+'" is not supported.');var p=CryptoJS.enc.Base64.parse(r);this.config={realm:n,public_key:o,parsed_secret_key:p,version:i,default_content_type:u},this.SUPPORTED_METHODS=["GET","POST","PUT","DELETE","HEAD","OPTIONS","CUSTOM"]}return _createClass(e,[{key:"isXMLHttpRequest",value:function(e){return e instanceof XMLHttpRequest}},{key:"isPromiseRequest",value:function(e){return e.hasOwnProperty("setRequestHeader")&&e.hasOwnProperty("getResponseHeader")&&e.hasOwnProperty("promise")}},{key:"sign",value:function(e){var t=e.request,n=e.method,o=e.path,r=e.signed_headers,a=void 0===r?{}:r,i=e.content_type,s=void 0===i?this.config.default_content_type:i,u=e.body,c=void 0===u?"":u;if(!this.isXMLHttpRequest(t)&&!this.isPromiseRequest(t))throw new Error("The request must be a XMLHttpRequest or promise-based request Object (e.g. jqXHR).");if(this.SUPPORTED_METHODS.indexOf(n)<0)throw new Error('The method must be "'+this.SUPPORTED_METHODS.join('" or "')+'". "'+n+'" is not supported.');if(!o)throw new Error("The end point path must not be empty.");var p=function(e){var t=arguments.length<=1\|\|void 0===arguments[1]?"=":arguments[1],n=arguments.length<=2\|\|void 0===arguments[2]?"":arguments[2],o=arguments.length<=3\|\|void 0===arguments[3]?"&":arguments[3],r=arguments.length<=4\|\|void 0===arguments[4]?!0:arguments[4],a=Object.keys(e),i=[],s={},u=[];return a.forEach(function(t){if(e.hasOwnProperty(t)){var n=t.toLowerCase();i.push(n),s[n]=r?encodeURI(e[t]):e[t]}}),i.sort().forEach(function(e){s.hasOwnProperty(e)&&u.push(""+e+t+s[e]+n)}),u.join(o)},f=function(){var e=Date.now();return"xxxxxxxx-xxxx-4xxx-yxxx-xxxxxxxxxxxx".replace(/[xy]/g,function(t){var n=(e+16*Math.random())%16\|0;return e=Math.floor(e/16),("x"==t?n:7&n\|8).toString(16)})},l=function(e,t){var n=["GET","HEAD"];return 0!==e.length&&n.indexOf(t)<0},h=f(),y=document.createElement("a"),m={id:this.config.public_key,nonce:h,realm:this.config.realm,version:this.config.version},g=Math.floor(Date.now()/1e3).toString(),d=l(c,n)?CryptoJS.SHA256(c).toString(CryptoJS.enc.Base64):"",v=l(c,n)?"\n"+s+"\n"+d:"";y.href=o;var H=y.port?":"+y.port:"",x=""+y.hostname+H,b=y.search.substring(1),w=p(a,":","","\n",!1),_=""===w?"":w+"\n",S=n+"\n"+x+"\n"+y.pathname+"\n"+b+"\n"+p(m)+"\n"+_+g+v,E=p(m,'="','"',","),O=0===Object.keys(a).length?"":',headers="'+encodeURI(Object.keys(a).join("\|\|\|\|\|").toLowerCase().split("\|\|\|\|\|").sort().join(";"))+'"',T=encodeURI(CryptoJS.HmacSHA256(S,this.config.parsed_secret_key).toString(CryptoJS.enc.Base64)),q="acquia-http-hmac "+E+O+',signature="'+T+'"';this.isXMLHttpRequest(t)&&0===t.readyState&&t.open(n,o,!0),t.acquiaHttpHmac={},t.acquiaHttpHmac.timestamp=g,t.acquiaHttpHmac.nonce=h,t.setRequestHeader("X-Authorization-Timestamp",g),t.setRequestHeader("Authorization",q),d&&t.setRequestHeader("X-Authorization-Content-SHA256",d),console.log("signature_base_string",S),console.log("authorization",q),console.log("x_authorization_timestamp",g),console.log("nonce",h),console.log("x_authorization_content_sha256",d)}},{key:"hasValidResponse",value:function(e){var t=e.acquiaHttpHmac.nonce+"\n"+e.acquiaHttpHmac.timestamp+"\n"+e.responseText,n=CryptoJS.HmacSHA256(t,this.config.parsed_secret_key).toString(CryptoJS.enc.Base64),o=e.getResponseHeader("X-Server-Authorization-HMAC-SHA256");return console.log("signature_base_string",t),console.log("signature ",n),console.log("server_signature",o),n===o}}]),e}();if("object"===("undefined"==typeof exports?"undefined":_typeof(exports))){var CryptoJS=require("crypto-js");module.exports=exports=AcquiaHttpHmac}else{if("function"==typeof define&&define.amd)throw new Error("Update here to support AMD.");window.AcquiaHttpHmac=AcquiaHttpHmac}
		!function(t,n){"object"==typeof exports?module.exports=exports=n():"function"==typeof define&&define.amd?define([],n):t.CryptoJS=n()}(this,function(){var t=t\|\|function(t,n){var i={},e=i.lib={},r=e.Base=function(){function t(){}return{extend:function(n){t.prototype=this;var i=new t;return n&&i.mixIn(n),i.hasOwnProperty("init")\|\|(i.init=function(){i.$super.init.apply(this,arguments)}),i.init.prototype=i,i.$super=this,i},create:function(){var t=this.extend();return t.init.apply(t,arguments),t},init:function(){},mixIn:function(t){for(var n in t)t.hasOwnProperty(n)&&(this[n]=t[n]);t.hasOwnProperty("toString")&&(this.toString=t.toString)},clone:function(){return this.init.prototype.extend(this)}}}(),s=e.WordArray=r.extend({init:function(t,i){t=this.words=t\|\|[],i!=n?this.sigBytes=i:this.sigBytes=4t.length},toString:function(t){return(t\|\|a).stringify(this)},concat:function(t){var n=this.words,i=t.words,e=this.sigBytes,r=t.sigBytes;if(this.clamp(),e%4)for(var s=0;r>s;s++){var o=i[s>>>2]>>>24-s%48&255;n[e+s>>>2]\|=o<<24-(e+s)%48}else for(var s=0;r>s;s+=4)n[e+s>>>2]=i[s>>>2];return this.sigBytes+=r,this},clamp:function(){var n=this.words,i=this.sigBytes;n[i>>>2]&=4294967295<<32-i%48,n.length=t.ceil(i/4)},clone:function(){var t=r.clone.call(this);return t.words=this.words.slice(0),t},random:function(n){for(var i,e=[],r=function(n){var n=n,i=987654321,e=4294967295;return function(){i=36969(65535&i)+(i>>16)&e,n=18e3(65535&n)+(n>>16)&e;var r=(i<<16)+n&e;return r/=4294967296,r+=.5,r(t.random()>.5?1:-1)}},o=0;n>o;o+=4){var a=r(4294967296(i\|\|t.random()));i=987654071a(),e.push(4294967296a()\|0)}return new s.init(e,n)}}),o=i.enc={},a=o.Hex={stringify:function(t){for(var n=t.words,i=t.sigBytes,e=[],r=0;i>r;r++){var s=n[r>>>2]>>>24-r%48&255;e.push((s>>>4).toString(16)),e.push((15&s).toString(16))}return e.join("")},parse:function(t){for(var n=t.length,i=[],e=0;n>e;e+=2)i[e>>>3]\|=parseInt(t.substr(e,2),16)<<24-e%84;return new s.init(i,n/2)}},c=o.Latin1={stringify:function(t){for(var n=t.words,i=t.sigBytes,e=[],r=0;i>r;r++){var s=n[r>>>2]>>>24-r%48&255;e.push(String.fromCharCode(s))}return e.join("")},parse:function(t){for(var n=t.length,i=[],e=0;n>e;e++)i[e>>>2]\|=(255&t.charCodeAt(e))<<24-e%48;return new s.init(i,n)}},u=o.Utf8={stringify:function(t){try{return decodeURIComponent(escape(c.stringify(t)))}catch(n){throw new Error("Malformed UTF-8 data")}},parse:function(t){return c.parse(unescape(encodeURIComponent(t)))}},f=e.BufferedBlockAlgorithm=r.extend({reset:function(){this._data=new s.init,this._nDataBytes=0},_append:function(t){"string"==typeof t&&(t=u.parse(t)),this._data.concat(t),this._nDataBytes+=t.sigBytes},_process:function(n){var i=this._data,e=i.words,r=i.sigBytes,o=this.blockSize,a=4o,c=r/a;c=n?t.ceil(c):t.max((0\|c)-this._minBufferSize,0);var u=co,f=t.min(4*u,r);if(u){for(var h=0;u>h;h+=o)this._doProcessBlock(e,h);var p=e.splice(0,u);i.sigBytes-=f}return new s.init(p,f)},clone:function(){var t=r.clone.call(this);return t._data=this._data.clone(),t},_minBufferSize:0}),h=(e.Hasher=f.extend({cfg:r.extend(),init:function(t){this.cfg=this.cfg.extend(t),this.reset()},reset:function(){f.reset.call(this),this._doReset()},update:function(t){return this._append(t),this._process(),this},finalize:function(t){t&&this._append(t);var n=this._doFinalize();return n},blockSize:16,_createHelper:function(t){return function(n,i){return new t.init(i).finalize(n)}},_createHmacHelper:function(t){return function(n,i){return new h.HMAC.init(t,i).finalize(n)}}}),i.algo={});return i}(Math);return t});
		@@ -3,0 +3,0 @@ !function(e,t){"object"==typeof exports?module.exports=exports=t(require("./core")):"function"==typeof define&&define.amd?define(["./core"],t):t(e.CryptoJS)}(this,function(e){!function(){var t=e,i=t.lib,n=i.Base,s=t.enc,r=s.Utf8,o=t.algo;o.HMAC=n.extend({init:function(e,t){e=this._hasher=new e.init,"string"==typeof t&&(t=r.parse(t));var i=e.blockSize,n=4*i;t.sigBytes>n&&(t=e.finalize(t)),t.clamp();for(var s=this._oKey=t.clone(),o=this._iKey=t.clone(),a=s.words,f=o.words,c=0;i>c;c++)a[c]^=1549556828,f[c]^=909522486;s.sigBytes=o.sigBytes=n,this.reset()},reset:function(){var e=this._hasher;e.reset(),e.update(this._iKey)},update:function(e){return this._hasher.update(e),this},finalize:function(e){var t=this._hasher,i=t.finalize(e);t.reset();var n=t.finalize(this._oKey.clone().concat(i));return n}})}()});

gulpfile.js

		@@ -26,3 +26,3 @@ const gulp = require('gulp');
		return gulp.src(['./src/hmac.js'])
		.pipe(stripDebug())
		// .pipe(stripDebug())
		.pipe(gulp.dest('./lib/es6'))
		@@ -29,0 +29,0 @@ .pipe(babel({

lib/es5/hmac.js

		@@ -205,3 +205,3 @@ 'use strict';
		* @param {string} path
		* End point's full URL path.
		* End point's full URL path, including schema, port, query string, etc. It should already be URL encoded.
		* @param {object} signed_headers
		@@ -259,6 +259,10 @@ * Signed headers.

		var parameter_keys = Object.keys(parameters).sort(),
		parameters_array = [],
		value = undefined;
		var parameter_keys = Object.keys(parameters),
		processed_parameter_keys = [],
		processed_parameters = {},
		result_string_array = [];

		// Process the headers.
		// 1) Process the parameter keys into lowercase, and
		// 2) Process values to URI encoded if applicable.
		parameter_keys.forEach(function (parameter_key) {
		@@ -268,6 +272,15 @@ if (!parameters.hasOwnProperty(parameter_key)) {
		}
		value = encode ? encodeURI(parameters[parameter_key]) : parameters[parameter_key];
		parameters_array.push('' + parameter_key.toLocaleLowerCase() + value_prefix + value + value_suffix);
		var processed_parameter_key = parameter_key.toLowerCase();
		processed_parameter_keys.push(processed_parameter_key);
		processed_parameters[processed_parameter_key] = encode ? encodeURI(parameters[parameter_key]) : parameters[parameter_key];
		});
		return parameters_array.join(glue);

		// Process into result string.
		processed_parameter_keys.sort().forEach(function (processed_parameter_key) {
		if (!processed_parameters.hasOwnProperty(processed_parameter_key)) {
		return;
		}
		result_string_array.push('' + processed_parameter_key + value_prefix + processed_parameters[processed_parameter_key] + value_suffix);
		});
		return result_string_array.join(glue);
		};
		@@ -323,7 +336,7 @@
		url_query_string = parser.search.substring(1),
		signed_headers_raw_string = parametersToString(signed_headers, ':', '', '\n', false),
		signed_headers_string = signed_headers_raw_string === '' ? '' : signed_headers_raw_string + '\n',
		signature_base_string = method + '\n' + site_name_and_port + '\n' + parser.pathname + '\n' + url_query_string + '\n' + parametersToString(authorization_parameters) + '\n' + signed_headers_string + x_authorization_timestamp + signature_base_string_content_suffix,
		signed_headers_string = parametersToString(signed_headers, ':', '', '\n', false),
		signature_base_signed_headers_string = signed_headers_string === '' ? '' : signed_headers_string + '\n',
		signature_base_string = method + '\n' + site_name_and_port + '\n' + parser.pathname + '\n' + url_query_string + '\n' + parametersToString(authorization_parameters) + '\n' + signature_base_signed_headers_string + x_authorization_timestamp + signature_base_string_content_suffix,
		authorization_string = parametersToString(authorization_parameters, '="', '"', ','),
		authorization_signed_headers_string = Object.keys(signed_headers).length === 0 ? '' : ',headers="' + encodeURI(Object.keys(signed_headers).sort().join(';').toLowerCase()) + '"',
		authorization_signed_headers_string = Object.keys(signed_headers).length === 0 ? '' : ',headers="' + encodeURI(Object.keys(signed_headers).join('\|\|\|\|\|').toLowerCase().split('\|\|\|\|\|').sort().join(';')) + '"',
		signature = encodeURI(CryptoJS.HmacSHA256(signature_base_string, this.config.parsed_secret_key).toString(CryptoJS.enc.Base64)),
		@@ -346,7 +359,7 @@ authorization = 'acquia-http-hmac ' + authorization_string + authorization_signed_headers_string + ',signature="' + signature + '"';

		void 0;
		void 0;
		void 0;
		void 0;
		void 0;
		console.log('signature_base_string', signature_base_string);
		console.log('authorization', authorization);
		console.log('x_authorization_timestamp', x_authorization_timestamp);
		console.log('nonce', nonce);
		console.log('x_authorization_content_sha256', x_authorization_content_sha256);
		}
		@@ -369,5 +382,5 @@ }, {

		void 0;
		void 0;
		void 0;
		console.log('signature_base_string', signature_base_string);
		console.log('signature ', signature);
		console.log('server_signature', server_signature);

		@@ -374,0 +387,0 @@ return signature === server_signature;

lib/es5/hmac.min.js

		@@ -1,1 +0,1 @@
		"use strict";function _classCallCheck(e,t){if(!(e instanceof t))throw new TypeError("Cannot call a class as a function")}var _createClass=function(){function e(e,t){for(var r=0;r<t.length;r++){var n=t[r];n.enumerable=n.enumerable\|\|!1,n.configurable=!0,"value"in n&&(n.writable=!0),Object.defineProperty(e,n.key,n)}}return function(t,r,n){return r&&e(t.prototype,r),n&&e(t,n),t}}(),_typeof="function"==typeof Symbol&&"symbol"==typeof Symbol.iterator?function(e){return typeof e}:function(e){return e&&"function"==typeof Symbol&&e.constructor===Symbol?"symbol":typeof e};Date.now\|\|(Date.now=function(){return(new Date).getTime()}),Object.keys\|\|(Object.keys=function(){var e=Object.prototype.hasOwnProperty,t=!{toString:null}.propertyIsEnumerable("toString"),r=["toString","toLocaleString","valueOf","hasOwnProperty","isPrototypeOf","propertyIsEnumerable","constructor"],n=r.length;return function(o){if("object"!==("undefined"==typeof o?"undefined":_typeof(o))&&("function"!=typeof o\|\|null===o))throw new TypeError("Object.keys called on non-object");var a,i,s=[];for(a in o)e.call(o,a)&&s.push(a);if(t)for(i=0;n>i;i++)e.call(o,r[i])&&s.push(r[i]);return s}}()),Array.prototype.forEach\|\|(Array.prototype.forEach=function(e,t){var r,n;if(null==this)throw new TypeError(" this is null or not defined");var o=Object(this),a=o.length>>>0;if("function"!=typeof e)throw new TypeError(e+" is not a function");for(arguments.length>1&&(r=t),n=0;a>n;){var i;n in o&&(i=o[n],e.call(r,i,n,o)),n++}});var AcquiaHttpHmac=function(){function e(t){var r=t.realm,n=t.public_key,o=t.secret_key,a=t.version,i=void 0===a?"2.0":a,s=t.default_content_type,u=void 0===s?"application/json":s;if(_classCallCheck(this,e),!r)throw new Error('The "realm" must not be empty.');if(!n)throw new Error('The "public_key" must not be empty.');if(!o)throw new Error('The "secret_key" must not be empty.');var c=["2.0"];if(c.indexOf(i)<0)throw new Error('The version must be "'+c.join('" or "')+'". Version "'+i+'" is not supported.');var p=CryptoJS.enc.Base64.parse(o);this.config={realm:r,public_key:n,parsed_secret_key:p,version:i,default_content_type:u},this.SUPPORTED_METHODS=["GET","POST","PUT","DELETE","HEAD","OPTIONS","CUSTOM"]}return _createClass(e,[{key:"isXMLHttpRequest",value:function(e){return e instanceof XMLHttpRequest}},{key:"isPromiseRequest",value:function(e){return e.hasOwnProperty("setRequestHeader")&&e.hasOwnProperty("getResponseHeader")&&e.hasOwnProperty("promise")}},{key:"sign",value:function(e){var t=e.request,r=e.method,n=e.path,o=e.signed_headers,a=void 0===o?{}:o,i=e.content_type,s=void 0===i?this.config.default_content_type:i,u=e.body,c=void 0===u?"":u;if(!this.isXMLHttpRequest(t)&&!this.isPromiseRequest(t))throw new Error("The request must be a XMLHttpRequest or promise-based request Object (e.g. jqXHR).");if(this.SUPPORTED_METHODS.indexOf(r)<0)throw new Error('The method must be "'+this.SUPPORTED_METHODS.join('" or "')+'". "'+r+'" is not supported.');if(!n)throw new Error("The end point path must not be empty.");var p=function(e){var t=arguments.length<=1\|\|void 0===arguments[1]?"=":arguments[1],r=arguments.length<=2\|\|void 0===arguments[2]?"":arguments[2],n=arguments.length<=3\|\|void 0===arguments[3]?"&":arguments[3],o=arguments.length<=4\|\|void 0===arguments[4]?!0:arguments[4],a=Object.keys(e).sort(),i=[],s=void 0;return a.forEach(function(n){e.hasOwnProperty(n)&&(s=o?encodeURI(e[n]):e[n],i.push(""+n.toLocaleLowerCase()+t+s+r))}),i.join(n)},f=function(){var e=Date.now();return"xxxxxxxx-xxxx-4xxx-yxxx-xxxxxxxxxxxx".replace(/[xy]/g,function(t){var r=(e+16*Math.random())%16\|0;return e=Math.floor(e/16),("x"==t?r:7&r\|8).toString(16)})},h=function(e,t){var r=["GET","HEAD"];return 0!==e.length&&r.indexOf(t)<0},y=f(),l=document.createElement("a"),m={id:this.config.public_key,nonce:y,realm:this.config.realm,version:this.config.version},d=Math.floor(Date.now()/1e3).toString(),g=h(c,r)?CryptoJS.SHA256(c).toString(CryptoJS.enc.Base64):"",v=h(c,r)?"\n"+s+"\n"+g:"";l.href=n;var H=l.port?":"+l.port:"",w=""+l.hostname+H,x=l.search.substring(1),b=p(a,":","","\n",!1),S=""===b?"":b+"\n",E=r+"\n"+w+"\n"+l.pathname+"\n"+x+"\n"+p(m)+"\n"+S+d+v,O=p(m,'="','"',","),_=0===Object.keys(a).length?"":',headers="'+encodeURI(Object.keys(a).sort().join(";").toLowerCase())+'"',T=encodeURI(CryptoJS.HmacSHA256(E,this.config.parsed_secret_key).toString(CryptoJS.enc.Base64)),q="acquia-http-hmac "+O+_+',signature="'+T+'"';this.isXMLHttpRequest(t)&&0===t.readyState&&t.open(r,n,!0),t.acquiaHttpHmac={},t.acquiaHttpHmac.timestamp=d,t.acquiaHttpHmac.nonce=y,t.setRequestHeader("X-Authorization-Timestamp",d),t.setRequestHeader("Authorization",q),g&&t.setRequestHeader("X-Authorization-Content-SHA256",g)}},{key:"hasValidResponse",value:function(e){var t=e.acquiaHttpHmac.nonce+"\n"+e.acquiaHttpHmac.timestamp+"\n"+e.responseText,r=CryptoJS.HmacSHA256(t,this.config.parsed_secret_key).toString(CryptoJS.enc.Base64),n=e.getResponseHeader("X-Server-Authorization-HMAC-SHA256");return r===n}}]),e}();if("object"===("undefined"==typeof exports?"undefined":_typeof(exports))){var CryptoJS=require("crypto-js");module.exports=exports=AcquiaHttpHmac}else{if("function"==typeof define&&define.amd)throw new Error("Update here to support AMD.");window.AcquiaHttpHmac=AcquiaHttpHmac}
		"use strict";function _classCallCheck(e,t){if(!(e instanceof t))throw new TypeError("Cannot call a class as a function")}var _createClass=function(){function e(e,t){for(var n=0;n<t.length;n++){var o=t[n];o.enumerable=o.enumerable\|\|!1,o.configurable=!0,"value"in o&&(o.writable=!0),Object.defineProperty(e,o.key,o)}}return function(t,n,o){return n&&e(t.prototype,n),o&&e(t,o),t}}(),_typeof="function"==typeof Symbol&&"symbol"==typeof Symbol.iterator?function(e){return typeof e}:function(e){return e&&"function"==typeof Symbol&&e.constructor===Symbol?"symbol":typeof e};Date.now\|\|(Date.now=function(){return(new Date).getTime()}),Object.keys\|\|(Object.keys=function(){var e=Object.prototype.hasOwnProperty,t=!{toString:null}.propertyIsEnumerable("toString"),n=["toString","toLocaleString","valueOf","hasOwnProperty","isPrototypeOf","propertyIsEnumerable","constructor"],o=n.length;return function(r){if("object"!==("undefined"==typeof r?"undefined":_typeof(r))&&("function"!=typeof r\|\|null===r))throw new TypeError("Object.keys called on non-object");var a,i,s=[];for(a in r)e.call(r,a)&&s.push(a);if(t)for(i=0;o>i;i++)e.call(r,n[i])&&s.push(n[i]);return s}}()),Array.prototype.forEach\|\|(Array.prototype.forEach=function(e,t){var n,o;if(null==this)throw new TypeError(" this is null or not defined");var r=Object(this),a=r.length>>>0;if("function"!=typeof e)throw new TypeError(e+" is not a function");for(arguments.length>1&&(n=t),o=0;a>o;){var i;o in r&&(i=r[o],e.call(n,i,o,r)),o++}});var AcquiaHttpHmac=function(){function e(t){var n=t.realm,o=t.public_key,r=t.secret_key,a=t.version,i=void 0===a?"2.0":a,s=t.default_content_type,u=void 0===s?"application/json":s;if(_classCallCheck(this,e),!n)throw new Error('The "realm" must not be empty.');if(!o)throw new Error('The "public_key" must not be empty.');if(!r)throw new Error('The "secret_key" must not be empty.');var c=["2.0"];if(c.indexOf(i)<0)throw new Error('The version must be "'+c.join('" or "')+'". Version "'+i+'" is not supported.');var p=CryptoJS.enc.Base64.parse(r);this.config={realm:n,public_key:o,parsed_secret_key:p,version:i,default_content_type:u},this.SUPPORTED_METHODS=["GET","POST","PUT","DELETE","HEAD","OPTIONS","CUSTOM"]}return _createClass(e,[{key:"isXMLHttpRequest",value:function(e){return e instanceof XMLHttpRequest}},{key:"isPromiseRequest",value:function(e){return e.hasOwnProperty("setRequestHeader")&&e.hasOwnProperty("getResponseHeader")&&e.hasOwnProperty("promise")}},{key:"sign",value:function(e){var t=e.request,n=e.method,o=e.path,r=e.signed_headers,a=void 0===r?{}:r,i=e.content_type,s=void 0===i?this.config.default_content_type:i,u=e.body,c=void 0===u?"":u;if(!this.isXMLHttpRequest(t)&&!this.isPromiseRequest(t))throw new Error("The request must be a XMLHttpRequest or promise-based request Object (e.g. jqXHR).");if(this.SUPPORTED_METHODS.indexOf(n)<0)throw new Error('The method must be "'+this.SUPPORTED_METHODS.join('" or "')+'". "'+n+'" is not supported.');if(!o)throw new Error("The end point path must not be empty.");var p=function(e){var t=arguments.length<=1\|\|void 0===arguments[1]?"=":arguments[1],n=arguments.length<=2\|\|void 0===arguments[2]?"":arguments[2],o=arguments.length<=3\|\|void 0===arguments[3]?"&":arguments[3],r=arguments.length<=4\|\|void 0===arguments[4]?!0:arguments[4],a=Object.keys(e),i=[],s={},u=[];return a.forEach(function(t){if(e.hasOwnProperty(t)){var n=t.toLowerCase();i.push(n),s[n]=r?encodeURI(e[t]):e[t]}}),i.sort().forEach(function(e){s.hasOwnProperty(e)&&u.push(""+e+t+s[e]+n)}),u.join(o)},f=function(){var e=Date.now();return"xxxxxxxx-xxxx-4xxx-yxxx-xxxxxxxxxxxx".replace(/[xy]/g,function(t){var n=(e+16*Math.random())%16\|0;return e=Math.floor(e/16),("x"==t?n:7&n\|8).toString(16)})},l=function(e,t){var n=["GET","HEAD"];return 0!==e.length&&n.indexOf(t)<0},h=f(),y=document.createElement("a"),m={id:this.config.public_key,nonce:h,realm:this.config.realm,version:this.config.version},g=Math.floor(Date.now()/1e3).toString(),d=l(c,n)?CryptoJS.SHA256(c).toString(CryptoJS.enc.Base64):"",v=l(c,n)?"\n"+s+"\n"+d:"";y.href=o;var H=y.port?":"+y.port:"",x=""+y.hostname+H,b=y.search.substring(1),w=p(a,":","","\n",!1),_=""===w?"":w+"\n",S=n+"\n"+x+"\n"+y.pathname+"\n"+b+"\n"+p(m)+"\n"+_+g+v,E=p(m,'="','"',","),O=0===Object.keys(a).length?"":',headers="'+encodeURI(Object.keys(a).join("\|\|\|\|\|").toLowerCase().split("\|\|\|\|\|").sort().join(";"))+'"',T=encodeURI(CryptoJS.HmacSHA256(S,this.config.parsed_secret_key).toString(CryptoJS.enc.Base64)),q="acquia-http-hmac "+E+O+',signature="'+T+'"';this.isXMLHttpRequest(t)&&0===t.readyState&&t.open(n,o,!0),t.acquiaHttpHmac={},t.acquiaHttpHmac.timestamp=g,t.acquiaHttpHmac.nonce=h,t.setRequestHeader("X-Authorization-Timestamp",g),t.setRequestHeader("Authorization",q),d&&t.setRequestHeader("X-Authorization-Content-SHA256",d),console.log("signature_base_string",S),console.log("authorization",q),console.log("x_authorization_timestamp",g),console.log("nonce",h),console.log("x_authorization_content_sha256",d)}},{key:"hasValidResponse",value:function(e){var t=e.acquiaHttpHmac.nonce+"\n"+e.acquiaHttpHmac.timestamp+"\n"+e.responseText,n=CryptoJS.HmacSHA256(t,this.config.parsed_secret_key).toString(CryptoJS.enc.Base64),o=e.getResponseHeader("X-Server-Authorization-HMAC-SHA256");return console.log("signature_base_string",t),console.log("signature ",n),console.log("server_signature",o),n===o}}]),e}();if("object"===("undefined"==typeof exports?"undefined":_typeof(exports))){var CryptoJS=require("crypto-js");module.exports=exports=AcquiaHttpHmac}else{if("function"==typeof define&&define.amd)throw new Error("Update here to support AMD.");window.AcquiaHttpHmac=AcquiaHttpHmac}

lib/es6/hmac.js

		@@ -185,3 +185,3 @@ 'use strict';
		* @param {string} path
		* End point's full URL path.
		* End point's full URL path, including schema, port, query string, etc. It should already be URL encoded.
		* @param {object} signed_headers
		@@ -221,6 +221,10 @@ * Signed headers.
		let parametersToString = (parameters, value_prefix = '=', value_suffix = '', glue = '&', encode = true) => {
		let parameter_keys = Object.keys(parameters).sort(),
		parameters_array = [],
		value;
		let parameter_keys = Object.keys(parameters),
		processed_parameter_keys = [],
		processed_parameters = {},
		result_string_array = [];

		// Process the headers.
		// 1) Process the parameter keys into lowercase, and
		// 2) Process values to URI encoded if applicable.
		parameter_keys.forEach((parameter_key) => {
		@@ -230,6 +234,15 @@ if (!parameters.hasOwnProperty(parameter_key)) {
		}
		value = encode ? encodeURI(parameters[parameter_key]) : parameters[parameter_key];
		parameters_array.push(`${parameter_key.toLocaleLowerCase()}${value_prefix}${value}${value_suffix}`);
		let processed_parameter_key = parameter_key.toLowerCase();
		processed_parameter_keys.push(processed_parameter_key);
		processed_parameters[processed_parameter_key] = encode ? encodeURI(parameters[parameter_key]) : parameters[parameter_key];
		});
		return parameters_array.join(glue);

		// Process into result string.
		processed_parameter_keys.sort().forEach((processed_parameter_key) => {
		if (!processed_parameters.hasOwnProperty(processed_parameter_key)) {
		return;
		}
		result_string_array.push(`${processed_parameter_key}${value_prefix}${processed_parameters[processed_parameter_key]}${value_suffix}`);
		});
		return result_string_array.join(glue);
		};
		@@ -285,7 +298,7 @@
		url_query_string = parser.search.substring(1),
		signed_headers_raw_string = parametersToString(signed_headers, ':', '', '\n', false),
		signed_headers_string = signed_headers_raw_string === '' ? '' : `${signed_headers_raw_string}\n`,
		signature_base_string = `${method}\n${site_name_and_port}\n${parser.pathname}\n${url_query_string}\n${parametersToString(authorization_parameters)}\n${signed_headers_string}${x_authorization_timestamp}${signature_base_string_content_suffix}`,
		signed_headers_string = parametersToString(signed_headers, ':', '', '\n', false),
		signature_base_signed_headers_string = signed_headers_string === '' ? '' : `${signed_headers_string}\n`,
		signature_base_string = `${method}\n${site_name_and_port}\n${parser.pathname}\n${url_query_string}\n${parametersToString(authorization_parameters)}\n${signature_base_signed_headers_string}${x_authorization_timestamp}${signature_base_string_content_suffix}`,
		authorization_string = parametersToString(authorization_parameters, '="', '"', ','),
		authorization_signed_headers_string = Object.keys(signed_headers).length === 0 ? '' : `,headers="${encodeURI(Object.keys(signed_headers).sort().join(';').toLowerCase())}"`,
		authorization_signed_headers_string = Object.keys(signed_headers).length === 0 ? '' : `,headers="${encodeURI(Object.keys(signed_headers).join('\|\|\|\|\|').toLowerCase().split('\|\|\|\|\|').sort().join(';'))}"`,
		signature = encodeURI(CryptoJS.HmacSHA256(signature_base_string, this.config.parsed_secret_key).toString(CryptoJS.enc.Base64)),
		@@ -308,7 +321,7 @@ authorization = `acquia-http-hmac ${authorization_string}${authorization_signed_headers_string},signature="${signature}"`;

		void 0;
		void 0;
		void 0;
		void 0;
		void 0;
		console.log('signature_base_string', signature_base_string);
		console.log('authorization', authorization);
		console.log('x_authorization_timestamp', x_authorization_timestamp);
		console.log('nonce', nonce);
		console.log('x_authorization_content_sha256', x_authorization_content_sha256);
		};
		@@ -329,5 +342,5 @@

		void 0;
		void 0;
		void 0;
		console.log('signature_base_string', signature_base_string);
		console.log('signature ', signature);
		console.log('server_signature', server_signature);

		@@ -334,0 +347,0 @@ return signature === server_signature;

package.json

		{
		"name": "http-hmac-javascript",
		"version": "0.1.7",
		"version": "0.1.8",
		"description": "HTTP HMAC JavaScript Library",
		@@ -5,0 +5,0 @@ "main": "./lib/es5/hmac.js",

qunit/hmac.tests.js

		@@ -6,3 +6,3 @@ /**
		var request, HMAC = new AcquiaHttpHmac({
		realm: 'dice',
		realm: 'dice^',
		public_key: 'ABCD-1234',
		@@ -58,3 +58,3 @@ secret_key: 'd175024aa4c4d8b312a7114687790c772dd94fb725cb68016aaeae5a76d68102'

		var authorization = 'acquia-http-hmac id="ABCD-1234",nonce="11bdbac4-1111-4111-9111-111111111111",realm="dice",version="2.0",signature="8kr0UO7sRpoPIdl9UIa7OMlbvned5AcXzjFg2K8yuE8="';
		var authorization = 'acquia-http-hmac id="ABCD-1234",nonce="11bdbac4-1111-4111-9111-111111111111",realm="dice%5E",version="2.0",signature="aeOVMGoyBcWZPyyzdjrzFkGAF8gAGaeqbfA324L5q8Y="';
		assert.equal(request.acquiaHttpHmac.nonce, '11bdbac4-1111-4111-9111-111111111111', 'sign() records a nonce to the XHR object.');
		@@ -67,8 +67,12 @@ assert.equal(request.acquiaHttpHmac.timestamp, 1000000, 'sign() records a timestamp to the XHR object.');

		QUnit.test('Test sign(), asserts GET pass with body and without request.open().', function(assert) {
		QUnit.test('Test sign(), asserts GET pass with full URL path, body, various signed headers, and without request.open().', function(assert) {
		expect(5);

		var method = 'GET',
		path = 'http://fakesite.com:8888',
		signed_headers = {},
		path = 'http://fakesite.com:8888/fake-api?first_param=first_value&second_param=second_value',
		signed_headers = {
		'UPPERCASE-HEADER': 'UPPERCASE HEADER VALUE',
		'lowercase-header': 'lowercase header value',
		'header^with special#char': 'header^with special#char value'
		},
		content_type = 'text/plain',
		@@ -96,3 +100,3 @@ body = 'correct request text',

		var authorization = 'acquia-http-hmac id="ABCD-1234",nonce="11bdbac4-1111-4111-9111-111111111111",realm="dice",version="2.0",signature="8kr0UO7sRpoPIdl9UIa7OMlbvned5AcXzjFg2K8yuE8="';
		var authorization = 'acquia-http-hmac id="ABCD-1234",nonce="11bdbac4-1111-4111-9111-111111111111",realm="dice%5E",version="2.0",headers="header%5Ewith%20special#char;lowercase-header;uppercase-header",signature="enTl9k7vcbOEn5wDDMSKrvVizafbR7n7a6XMqZCfPSA="';
		assert.equal(request.acquiaHttpHmac.nonce, '11bdbac4-1111-4111-9111-111111111111', 'sign() records a nonce to the XHR object.');
		@@ -131,3 +135,3 @@ assert.equal(request.acquiaHttpHmac.timestamp, 1000000, 'sign() records a timestamp to the XHR object.');

		var authorization = 'acquia-http-hmac id="ABCD-1234",nonce="11bdbac4-1111-4111-9111-111111111111",realm="dice",version="2.0",signature="8kr0UO7sRpoPIdl9UIa7OMlbvned5AcXzjFg2K8yuE8="';
		var authorization = 'acquia-http-hmac id="ABCD-1234",nonce="11bdbac4-1111-4111-9111-111111111111",realm="dice%5E",version="2.0",signature="aeOVMGoyBcWZPyyzdjrzFkGAF8gAGaeqbfA324L5q8Y="';
		assert.equal(request.acquiaHttpHmac.nonce, '11bdbac4-1111-4111-9111-111111111111', 'sign() records a nonce to the jqXHR object.');
		@@ -164,3 +168,3 @@ assert.equal(request.acquiaHttpHmac.timestamp, 1000000, 'sign() records a timestamp to the jqXHR object.');

		var authorization = 'acquia-http-hmac id="ABCD-1234",nonce="11bdbac4-1111-4111-9111-111111111111",realm="dice",version="2.0",signature="+2Oh3416Mr5HVda3LFA3lq7wYM4BNMMlDgyXv4k386o="';
		var authorization = 'acquia-http-hmac id="ABCD-1234",nonce="11bdbac4-1111-4111-9111-111111111111",realm="dice%5E",version="2.0",signature="pNUQl+h18e+F6Lzd2lDGe53uaWCDbqQ5eqGnxrC433M="';
		assert.equal(request.acquiaHttpHmac.nonce, '11bdbac4-1111-4111-9111-111111111111', 'sign() records a nonce to the XHR object.');
		@@ -167,0 +171,0 @@ assert.equal(request.acquiaHttpHmac.timestamp, 1000000, 'sign() records a timestamp to the XHR object.');

src/demo/get.js

		@@ -10,8 +10,6 @@ /**
		// Example path: http://localhost:9000/http-hmac-javascript/demo/get.php?first_word=Hello&second_word=World#myAnchor
		path = `${location.protocol}//${location.hostname}${port}${pathname}?first_word=Hello World&second_word=World#myAnchor`,
		path = `${location.protocol}//${location.hostname}${port}${pathname}?first_word=Hello&second_word=World#myAnchor`,
		signed_headers = {
		'x-acquia-plexus-client-id': '57ea14f4-9255-4bac-7f90-c19e47f5be2d',
		'my-special-header': 'my special header'
		// 'Special-Header-1': 'special_header_1_value',
		// 'Special-Header-2': 'special_header_2_value'
		'Special-Header-1': 'special_header_1_value',
		'Special-Header-2': 'special_header_2_value'
		},
		@@ -18,0 +16,0 @@ content_type = 'text/plain';

src/hmac.js

		@@ -185,3 +185,3 @@ 'use strict';
		* @param {string} path
		* End point's full URL path.
		* End point's full URL path, including schema, port, query string, etc. It should already be URL encoded.
		* @param {object} signed_headers
		@@ -221,6 +221,10 @@ * Signed headers.
		let parametersToString = (parameters, value_prefix = '=', value_suffix = '', glue = '&', encode = true) => {
		let parameter_keys = Object.keys(parameters).sort(),
		parameters_array = [],
		value;
		let parameter_keys = Object.keys(parameters),
		processed_parameter_keys = [],
		processed_parameters = {},
		result_string_array = [];

		// Process the headers.
		// 1) Process the parameter keys into lowercase, and
		// 2) Process values to URI encoded if applicable.
		parameter_keys.forEach((parameter_key) => {
		@@ -230,6 +234,15 @@ if (!parameters.hasOwnProperty(parameter_key)) {
		}
		value = encode ? encodeURI(parameters[parameter_key]) : parameters[parameter_key];
		parameters_array.push(`${parameter_key.toLocaleLowerCase()}${value_prefix}${value}${value_suffix}`);
		let processed_parameter_key = parameter_key.toLowerCase();
		processed_parameter_keys.push(processed_parameter_key);
		processed_parameters[processed_parameter_key] = encode ? encodeURI(parameters[parameter_key]) : parameters[parameter_key];
		});
		return parameters_array.join(glue);

		// Process into result string.
		processed_parameter_keys.sort().forEach((processed_parameter_key) => {
		if (!processed_parameters.hasOwnProperty(processed_parameter_key)) {
		return;
		}
		result_string_array.push(`${processed_parameter_key}${value_prefix}${processed_parameters[processed_parameter_key]}${value_suffix}`);
		});
		return result_string_array.join(glue);
		};
		@@ -285,7 +298,7 @@
		url_query_string = parser.search.substring(1),
		signed_headers_raw_string = parametersToString(signed_headers, ':', '', '\n', false),
		signed_headers_string = signed_headers_raw_string === '' ? '' : `${signed_headers_raw_string}\n`,
		signature_base_string = `${method}\n${site_name_and_port}\n${parser.pathname}\n${url_query_string}\n${parametersToString(authorization_parameters)}\n${signed_headers_string}${x_authorization_timestamp}${signature_base_string_content_suffix}`,
		signed_headers_string = parametersToString(signed_headers, ':', '', '\n', false),
		signature_base_signed_headers_string = signed_headers_string === '' ? '' : `${signed_headers_string}\n`,
		signature_base_string = `${method}\n${site_name_and_port}\n${parser.pathname}\n${url_query_string}\n${parametersToString(authorization_parameters)}\n${signature_base_signed_headers_string}${x_authorization_timestamp}${signature_base_string_content_suffix}`,
		authorization_string = parametersToString(authorization_parameters, '="', '"', ','),
		authorization_signed_headers_string = Object.keys(signed_headers).length === 0 ? '' : `,headers="${encodeURI(Object.keys(signed_headers).sort().join(';').toLowerCase())}"`,
		authorization_signed_headers_string = Object.keys(signed_headers).length === 0 ? '' : `,headers="${encodeURI(Object.keys(signed_headers).join('\|\|\|\|\|').toLowerCase().split('\|\|\|\|\|').sort().join(';'))}"`,
		signature = encodeURI(CryptoJS.HmacSHA256(signature_base_string, this.config.parsed_secret_key).toString(CryptoJS.enc.Base64)),
		@@ -292,0 +305,0 @@ authorization = `acquia-http-hmac ${authorization_string}${authorization_signed_headers_string},signature="${signature}"`;

demo/ajax.app.js

Sorry, the diff of this file is too big to display

		@@ -1,2 +0,2 @@
		"use strict";function _classCallCheck(e,t){if(!(e instanceof t))throw new TypeError("Cannot call a class as a function")}var _createClass=function(){function e(e,t){for(var r=0;r<t.length;r++){var n=t[r];n.enumerable=n.enumerable\|\|!1,n.configurable=!0,"value"in n&&(n.writable=!0),Object.defineProperty(e,n.key,n)}}return function(t,r,n){return r&&e(t.prototype,r),n&&e(t,n),t}}(),_typeof="function"==typeof Symbol&&"symbol"==typeof Symbol.iterator?function(e){return typeof e}:function(e){return e&&"function"==typeof Symbol&&e.constructor===Symbol?"symbol":typeof e};Date.now\|\|(Date.now=function(){return(new Date).getTime()}),Object.keys\|\|(Object.keys=function(){var e=Object.prototype.hasOwnProperty,t=!{toString:null}.propertyIsEnumerable("toString"),r=["toString","toLocaleString","valueOf","hasOwnProperty","isPrototypeOf","propertyIsEnumerable","constructor"],n=r.length;return function(o){if("object"!==("undefined"==typeof o?"undefined":_typeof(o))&&("function"!=typeof o\|\|null===o))throw new TypeError("Object.keys called on non-object");var a,i,s=[];for(a in o)e.call(o,a)&&s.push(a);if(t)for(i=0;n>i;i++)e.call(o,r[i])&&s.push(r[i]);return s}}()),Array.prototype.forEach\|\|(Array.prototype.forEach=function(e,t){var r,n;if(null==this)throw new TypeError(" this is null or not defined");var o=Object(this),a=o.length>>>0;if("function"!=typeof e)throw new TypeError(e+" is not a function");for(arguments.length>1&&(r=t),n=0;a>n;){var i;n in o&&(i=o[n],e.call(r,i,n,o)),n++}});var AcquiaHttpHmac=function(){function e(t){var r=t.realm,n=t.public_key,o=t.secret_key,a=t.version,i=void 0===a?"2.0":a,s=t.default_content_type,u=void 0===s?"application/json":s;if(_classCallCheck(this,e),!r)throw new Error('The "realm" must not be empty.');if(!n)throw new Error('The "public_key" must not be empty.');if(!o)throw new Error('The "secret_key" must not be empty.');var c=["2.0"];if(c.indexOf(i)<0)throw new Error('The version must be "'+c.join('" or "')+'". Version "'+i+'" is not supported.');var p=CryptoJS.enc.Base64.parse(o);this.config={realm:r,public_key:n,parsed_secret_key:p,version:i,default_content_type:u},this.SUPPORTED_METHODS=["GET","POST","PUT","DELETE","HEAD","OPTIONS","CUSTOM"]}return _createClass(e,[{key:"isXMLHttpRequest",value:function(e){return e instanceof XMLHttpRequest}},{key:"isPromiseRequest",value:function(e){return e.hasOwnProperty("setRequestHeader")&&e.hasOwnProperty("getResponseHeader")&&e.hasOwnProperty("promise")}},{key:"sign",value:function(e){var t=e.request,r=e.method,n=e.path,o=e.signed_headers,a=void 0===o?{}:o,i=e.content_type,s=void 0===i?this.config.default_content_type:i,u=e.body,c=void 0===u?"":u;if(!this.isXMLHttpRequest(t)&&!this.isPromiseRequest(t))throw new Error("The request must be a XMLHttpRequest or promise-based request Object (e.g. jqXHR).");if(this.SUPPORTED_METHODS.indexOf(r)<0)throw new Error('The method must be "'+this.SUPPORTED_METHODS.join('" or "')+'". "'+r+'" is not supported.');if(!n)throw new Error("The end point path must not be empty.");var p=function(e){var t=arguments.length<=1\|\|void 0===arguments[1]?"=":arguments[1],r=arguments.length<=2\|\|void 0===arguments[2]?"":arguments[2],n=arguments.length<=3\|\|void 0===arguments[3]?"&":arguments[3],o=arguments.length<=4\|\|void 0===arguments[4]?!0:arguments[4],a=Object.keys(e).sort(),i=[],s=void 0;return a.forEach(function(n){e.hasOwnProperty(n)&&(s=o?encodeURI(e[n]):e[n],i.push(""+n.toLocaleLowerCase()+t+s+r))}),i.join(n)},f=function(){var e=Date.now();return"xxxxxxxx-xxxx-4xxx-yxxx-xxxxxxxxxxxx".replace(/[xy]/g,function(t){var r=(e+16*Math.random())%16\|0;return e=Math.floor(e/16),("x"==t?r:7&r\|8).toString(16)})},h=function(e,t){var r=["GET","HEAD"];return 0!==e.length&&r.indexOf(t)<0},y=f(),l=document.createElement("a"),m={id:this.config.public_key,nonce:y,realm:this.config.realm,version:this.config.version},d=Math.floor(Date.now()/1e3).toString(),g=h(c,r)?CryptoJS.SHA256(c).toString(CryptoJS.enc.Base64):"",v=h(c,r)?"\n"+s+"\n"+g:"";l.href=n;var H=l.port?":"+l.port:"",w=""+l.hostname+H,x=l.search.substring(1),b=p(a,":","","\n",!1),S=""===b?"":b+"\n",E=r+"\n"+w+"\n"+l.pathname+"\n"+x+"\n"+p(m)+"\n"+S+d+v,O=p(m,'="','"',","),_=0===Object.keys(a).length?"":',headers="'+encodeURI(Object.keys(a).sort().join(";").toLowerCase())+'"',T=encodeURI(CryptoJS.HmacSHA256(E,this.config.parsed_secret_key).toString(CryptoJS.enc.Base64)),q="acquia-http-hmac "+O+_+',signature="'+T+'"';this.isXMLHttpRequest(t)&&0===t.readyState&&t.open(r,n,!0),t.acquiaHttpHmac={},t.acquiaHttpHmac.timestamp=d,t.acquiaHttpHmac.nonce=y,t.setRequestHeader("X-Authorization-Timestamp",d),t.setRequestHeader("Authorization",q),g&&t.setRequestHeader("X-Authorization-Content-SHA256",g)}},{key:"hasValidResponse",value:function(e){var t=e.acquiaHttpHmac.nonce+"\n"+e.acquiaHttpHmac.timestamp+"\n"+e.responseText,r=CryptoJS.HmacSHA256(t,this.config.parsed_secret_key).toString(CryptoJS.enc.Base64),n=e.getResponseHeader("X-Server-Authorization-HMAC-SHA256");return r===n}}]),e}();if("object"===("undefined"==typeof exports?"undefined":_typeof(exports))){var CryptoJS=require("crypto-js");module.exports=exports=AcquiaHttpHmac}else{if("function"==typeof define&&define.amd)throw new Error("Update here to support AMD.");window.AcquiaHttpHmac=AcquiaHttpHmac}
		"use strict";function _classCallCheck(e,t){if(!(e instanceof t))throw new TypeError("Cannot call a class as a function")}var _createClass=function(){function e(e,t){for(var n=0;n<t.length;n++){var o=t[n];o.enumerable=o.enumerable\|\|!1,o.configurable=!0,"value"in o&&(o.writable=!0),Object.defineProperty(e,o.key,o)}}return function(t,n,o){return n&&e(t.prototype,n),o&&e(t,o),t}}(),_typeof="function"==typeof Symbol&&"symbol"==typeof Symbol.iterator?function(e){return typeof e}:function(e){return e&&"function"==typeof Symbol&&e.constructor===Symbol?"symbol":typeof e};Date.now\|\|(Date.now=function(){return(new Date).getTime()}),Object.keys\|\|(Object.keys=function(){var e=Object.prototype.hasOwnProperty,t=!{toString:null}.propertyIsEnumerable("toString"),n=["toString","toLocaleString","valueOf","hasOwnProperty","isPrototypeOf","propertyIsEnumerable","constructor"],o=n.length;return function(r){if("object"!==("undefined"==typeof r?"undefined":_typeof(r))&&("function"!=typeof r\|\|null===r))throw new TypeError("Object.keys called on non-object");var a,i,s=[];for(a in r)e.call(r,a)&&s.push(a);if(t)for(i=0;o>i;i++)e.call(r,n[i])&&s.push(n[i]);return s}}()),Array.prototype.forEach\|\|(Array.prototype.forEach=function(e,t){var n,o;if(null==this)throw new TypeError(" this is null or not defined");var r=Object(this),a=r.length>>>0;if("function"!=typeof e)throw new TypeError(e+" is not a function");for(arguments.length>1&&(n=t),o=0;a>o;){var i;o in r&&(i=r[o],e.call(n,i,o,r)),o++}});var AcquiaHttpHmac=function(){function e(t){var n=t.realm,o=t.public_key,r=t.secret_key,a=t.version,i=void 0===a?"2.0":a,s=t.default_content_type,u=void 0===s?"application/json":s;if(_classCallCheck(this,e),!n)throw new Error('The "realm" must not be empty.');if(!o)throw new Error('The "public_key" must not be empty.');if(!r)throw new Error('The "secret_key" must not be empty.');var c=["2.0"];if(c.indexOf(i)<0)throw new Error('The version must be "'+c.join('" or "')+'". Version "'+i+'" is not supported.');var p=CryptoJS.enc.Base64.parse(r);this.config={realm:n,public_key:o,parsed_secret_key:p,version:i,default_content_type:u},this.SUPPORTED_METHODS=["GET","POST","PUT","DELETE","HEAD","OPTIONS","CUSTOM"]}return _createClass(e,[{key:"isXMLHttpRequest",value:function(e){return e instanceof XMLHttpRequest}},{key:"isPromiseRequest",value:function(e){return e.hasOwnProperty("setRequestHeader")&&e.hasOwnProperty("getResponseHeader")&&e.hasOwnProperty("promise")}},{key:"sign",value:function(e){var t=e.request,n=e.method,o=e.path,r=e.signed_headers,a=void 0===r?{}:r,i=e.content_type,s=void 0===i?this.config.default_content_type:i,u=e.body,c=void 0===u?"":u;if(!this.isXMLHttpRequest(t)&&!this.isPromiseRequest(t))throw new Error("The request must be a XMLHttpRequest or promise-based request Object (e.g. jqXHR).");if(this.SUPPORTED_METHODS.indexOf(n)<0)throw new Error('The method must be "'+this.SUPPORTED_METHODS.join('" or "')+'". "'+n+'" is not supported.');if(!o)throw new Error("The end point path must not be empty.");var p=function(e){var t=arguments.length<=1\|\|void 0===arguments[1]?"=":arguments[1],n=arguments.length<=2\|\|void 0===arguments[2]?"":arguments[2],o=arguments.length<=3\|\|void 0===arguments[3]?"&":arguments[3],r=arguments.length<=4\|\|void 0===arguments[4]?!0:arguments[4],a=Object.keys(e),i=[],s={},u=[];return a.forEach(function(t){if(e.hasOwnProperty(t)){var n=t.toLowerCase();i.push(n),s[n]=r?encodeURI(e[t]):e[t]}}),i.sort().forEach(function(e){s.hasOwnProperty(e)&&u.push(""+e+t+s[e]+n)}),u.join(o)},f=function(){var e=Date.now();return"xxxxxxxx-xxxx-4xxx-yxxx-xxxxxxxxxxxx".replace(/[xy]/g,function(t){var n=(e+16*Math.random())%16\|0;return e=Math.floor(e/16),("x"==t?n:7&n\|8).toString(16)})},l=function(e,t){var n=["GET","HEAD"];return 0!==e.length&&n.indexOf(t)<0},h=f(),y=document.createElement("a"),m={id:this.config.public_key,nonce:h,realm:this.config.realm,version:this.config.version},g=Math.floor(Date.now()/1e3).toString(),d=l(c,n)?CryptoJS.SHA256(c).toString(CryptoJS.enc.Base64):"",v=l(c,n)?"\n"+s+"\n"+d:"";y.href=o;var H=y.port?":"+y.port:"",x=""+y.hostname+H,b=y.search.substring(1),w=p(a,":","","\n",!1),_=""===w?"":w+"\n",S=n+"\n"+x+"\n"+y.pathname+"\n"+b+"\n"+p(m)+"\n"+_+g+v,E=p(m,'="','"',","),O=0===Object.keys(a).length?"":',headers="'+encodeURI(Object.keys(a).join("\|\|\|\|\|").toLowerCase().split("\|\|\|\|\|").sort().join(";"))+'"',T=encodeURI(CryptoJS.HmacSHA256(S,this.config.parsed_secret_key).toString(CryptoJS.enc.Base64)),q="acquia-http-hmac "+E+O+',signature="'+T+'"';this.isXMLHttpRequest(t)&&0===t.readyState&&t.open(n,o,!0),t.acquiaHttpHmac={},t.acquiaHttpHmac.timestamp=g,t.acquiaHttpHmac.nonce=h,t.setRequestHeader("X-Authorization-Timestamp",g),t.setRequestHeader("Authorization",q),d&&t.setRequestHeader("X-Authorization-Content-SHA256",d),console.log("signature_base_string",S),console.log("authorization",q),console.log("x_authorization_timestamp",g),console.log("nonce",h),console.log("x_authorization_content_sha256",d)}},{key:"hasValidResponse",value:function(e){var t=e.acquiaHttpHmac.nonce+"\n"+e.acquiaHttpHmac.timestamp+"\n"+e.responseText,n=CryptoJS.HmacSHA256(t,this.config.parsed_secret_key).toString(CryptoJS.enc.Base64),o=e.getResponseHeader("X-Server-Authorization-HMAC-SHA256");return console.log("signature_base_string",t),console.log("signature ",n),console.log("server_signature",o),n===o}}]),e}();if("object"===("undefined"==typeof exports?"undefined":_typeof(exports))){var CryptoJS=require("crypto-js");module.exports=exports=AcquiaHttpHmac}else{if("function"==typeof define&&define.amd)throw new Error("Update here to support AMD.");window.AcquiaHttpHmac=AcquiaHttpHmac}
		!function(t,n){"object"==typeof exports?module.exports=exports=n():"function"==typeof define&&define.amd?define([],n):t.CryptoJS=n()}(this,function(){var t=t\|\|function(t,n){var i={},e=i.lib={},r=e.Base=function(){function t(){}return{extend:function(n){t.prototype=this;var i=new t;return n&&i.mixIn(n),i.hasOwnProperty("init")\|\|(i.init=function(){i.$super.init.apply(this,arguments)}),i.init.prototype=i,i.$super=this,i},create:function(){var t=this.extend();return t.init.apply(t,arguments),t},init:function(){},mixIn:function(t){for(var n in t)t.hasOwnProperty(n)&&(this[n]=t[n]);t.hasOwnProperty("toString")&&(this.toString=t.toString)},clone:function(){return this.init.prototype.extend(this)}}}(),s=e.WordArray=r.extend({init:function(t,i){t=this.words=t\|\|[],i!=n?this.sigBytes=i:this.sigBytes=4t.length},toString:function(t){return(t\|\|a).stringify(this)},concat:function(t){var n=this.words,i=t.words,e=this.sigBytes,r=t.sigBytes;if(this.clamp(),e%4)for(var s=0;r>s;s++){var o=i[s>>>2]>>>24-s%48&255;n[e+s>>>2]\|=o<<24-(e+s)%48}else for(var s=0;r>s;s+=4)n[e+s>>>2]=i[s>>>2];return this.sigBytes+=r,this},clamp:function(){var n=this.words,i=this.sigBytes;n[i>>>2]&=4294967295<<32-i%48,n.length=t.ceil(i/4)},clone:function(){var t=r.clone.call(this);return t.words=this.words.slice(0),t},random:function(n){for(var i,e=[],r=function(n){var n=n,i=987654321,e=4294967295;return function(){i=36969(65535&i)+(i>>16)&e,n=18e3(65535&n)+(n>>16)&e;var r=(i<<16)+n&e;return r/=4294967296,r+=.5,r(t.random()>.5?1:-1)}},o=0;n>o;o+=4){var a=r(4294967296(i\|\|t.random()));i=987654071a(),e.push(4294967296a()\|0)}return new s.init(e,n)}}),o=i.enc={},a=o.Hex={stringify:function(t){for(var n=t.words,i=t.sigBytes,e=[],r=0;i>r;r++){var s=n[r>>>2]>>>24-r%48&255;e.push((s>>>4).toString(16)),e.push((15&s).toString(16))}return e.join("")},parse:function(t){for(var n=t.length,i=[],e=0;n>e;e+=2)i[e>>>3]\|=parseInt(t.substr(e,2),16)<<24-e%84;return new s.init(i,n/2)}},c=o.Latin1={stringify:function(t){for(var n=t.words,i=t.sigBytes,e=[],r=0;i>r;r++){var s=n[r>>>2]>>>24-r%48&255;e.push(String.fromCharCode(s))}return e.join("")},parse:function(t){for(var n=t.length,i=[],e=0;n>e;e++)i[e>>>2]\|=(255&t.charCodeAt(e))<<24-e%48;return new s.init(i,n)}},u=o.Utf8={stringify:function(t){try{return decodeURIComponent(escape(c.stringify(t)))}catch(n){throw new Error("Malformed UTF-8 data")}},parse:function(t){return c.parse(unescape(encodeURIComponent(t)))}},f=e.BufferedBlockAlgorithm=r.extend({reset:function(){this._data=new s.init,this._nDataBytes=0},_append:function(t){"string"==typeof t&&(t=u.parse(t)),this._data.concat(t),this._nDataBytes+=t.sigBytes},_process:function(n){var i=this._data,e=i.words,r=i.sigBytes,o=this.blockSize,a=4o,c=r/a;c=n?t.ceil(c):t.max((0\|c)-this._minBufferSize,0);var u=co,f=t.min(4*u,r);if(u){for(var h=0;u>h;h+=o)this._doProcessBlock(e,h);var p=e.splice(0,u);i.sigBytes-=f}return new s.init(p,f)},clone:function(){var t=r.clone.call(this);return t._data=this._data.clone(),t},_minBufferSize:0}),h=(e.Hasher=f.extend({cfg:r.extend(),init:function(t){this.cfg=this.cfg.extend(t),this.reset()},reset:function(){f.reset.call(this),this._doReset()},update:function(t){return this._append(t),this._process(),this},finalize:function(t){t&&this._append(t);var n=this._doFinalize();return n},blockSize:16,_createHelper:function(t){return function(n,i){return new t.init(i).finalize(n)}},_createHmacHelper:function(t){return function(n,i){return new h.HMAC.init(t,i).finalize(n)}}}),i.algo={});return i}(Math);return t});
		@@ -3,0 +3,0 @@ !function(e,t){"object"==typeof exports?module.exports=exports=t(require("./core")):"function"==typeof define&&define.amd?define(["./core"],t):t(e.CryptoJS)}(this,function(e){!function(){var t=e,i=t.lib,n=i.Base,s=t.enc,r=s.Utf8,o=t.algo;o.HMAC=n.extend({init:function(e,t){e=this._hasher=new e.init,"string"==typeof t&&(t=r.parse(t));var i=e.blockSize,n=4*i;t.sigBytes>n&&(t=e.finalize(t)),t.clamp();for(var s=this._oKey=t.clone(),o=this._iKey=t.clone(),a=s.words,f=o.words,c=0;i>c;c++)a[c]^=1549556828,f[c]^=909522486;s.sigBytes=o.sigBytes=n,this.reset()},reset:function(){var e=this._hasher;e.reset(),e.update(this._iKey)},update:function(e){return this._hasher.update(e),this},finalize:function(e){var t=this._hasher,i=t.finalize(e);t.reset();var n=t.finalize(this._oKey.clone().concat(i));return n}})}()});

http-hmac-javascript - npm Package Compare versions

Improved metrics