http-signature - npm Package Compare versions

		@@ -6,6 +6,7 @@ // Copyright 2011 Joyent, Inc. All rights reserved.
		var verify = require('./verify');
		var util = require('./util');



		///--- Exported API
		///--- API

		@@ -20,5 +21,6 @@ module.exports = {

		sshKeyToPEM: util.sshKeyToPEM,

		verify: verify.verifySignature,
		verifySignature: verify.verifySignature

		};

package.json

		@@ -5,3 +5,3 @@ {
		"description": "Reference implementation of Joyent's HTTP Signature Scheme",
		"version": "0.9.0",
		"version": "0.9.2",
		"homepage": "http://www.joyent.com",
		@@ -13,3 +13,3 @@ "repository": {
		"engines": {
		"node": "~0.4.9"
		"node": ">=0.4.9"
		},
		@@ -19,12 +19,14 @@ "main": "lib/index.js",
		"pretest": "which gjslint; if [[ \"$?\" = 0 ]] ; then gjslint --nojsdoc -r . -e node_modules; else echo \"Missing gjslint. Skipping lint\"; fi",
		"test": "./node_modules/.bin/whiskey --quiet --sequential --timeout 2500 -t \"`find tst -name *.test.js \| xargs`\""
		"test": "./node_modules/.bin/tap tst/*.js"
		},
		"dependencies": {
		"asn1": "0.1.5",
		"ctype": "0.0.3",
		"sprintf": "0.1.1"
		},
		"devDependencies": {
		"httpu": "0.0.1",
		"httpu": "1.0.0",
		"node-uuid": "1.2.0",
		"whiskey": "0.4.0"
		"tap": "0.0.9"
		}
		}

359

tst/parser.test.js

		@@ -6,2 +6,3 @@ // Copyright 2011 Joyent, Inc. All rights reserved.
		var httpu = require('httpu');
		var test = require('tap').test;
		var uuid = require('node-uuid');
		@@ -61,3 +62,3 @@

		exports.setUp = function(test, assert) {
		test('setup', function(t) {
		socket = '/tmp/.' + uuid();
		@@ -75,15 +76,14 @@ options = {
		server.listen(socket, function() {
		test.finish();
		t.end();
		});
		};
		});


		exports.test_no_authorization = function(test, assert) {
		test('no authorization', function(t) {
		server.tester = function(req, res) {
		assert.throws(
		function() {
		httpSignature.parseRequest(req);
		},
		TypeError);

		try {
		httpSignature.parseRequest(req);
		} catch (e) {
		t.equal(e.name, 'TypeError');
		}
		res.writeHead(200);
		@@ -94,16 +94,16 @@ res.end();
		httpu.get(options, function(res) {
		assert.equal(res.statusCode, 200);
		test.finish();
		t.equal(res.statusCode, 200);
		t.end();
		});
		};
		});


		exports.test_bad_scheme = function(test, assert) {
		test('bad scheme', function(t) {
		server.tester = function(req, res) {
		assert.throws(
		function() {
		httpSignature.parseRequest(req);
		},
		/InvalidHeaderError: scheme was not "Signature"/
		);
		try {
		httpSignature.parseRequest(req);
		} catch (e) {
		t.equal(e.name, 'InvalidHeaderError');
		t.equal(e.message, 'scheme was not "Signature"');
		}

		@@ -116,16 +116,16 @@ res.writeHead(200);
		httpu.get(options, function(res) {
		assert.equal(res.statusCode, 200);
		test.finish();
		t.equal(res.statusCode, 200);
		t.end();
		});
		};
		});


		exports.test_no_key_id = function(test, assert) {
		test('no key id', function(t) {
		server.tester = function(req, res) {
		assert.throws(
		function() {
		httpSignature.parseRequest(req);
		},
		/InvalidHeaderError: keyId was not specified/
		);
		try {
		httpSignature.parseRequest(req);
		} catch (e) {
		t.equal(e.name, 'InvalidHeaderError');
		t.equal(e.message, 'keyId was not specified');
		}

		@@ -138,16 +138,16 @@ res.writeHead(200);
		httpu.get(options, function(res) {
		assert.equal(res.statusCode, 200);
		test.finish();
		t.equal(res.statusCode, 200);
		t.end();
		});
		};
		});


		exports.test_key_id_no_value = function(test, assert) {
		test('key id no value', function(t) {
		server.tester = function(req, res) {
		assert.throws(
		function() {
		httpSignature.parseRequest(req);
		},
		/InvalidHeaderError: keyId was not specified/
		);
		try {
		httpSignature.parseRequest(req);
		} catch (e) {
		t.equal(e.name, 'InvalidHeaderError');
		t.equal(e.message, 'keyId was not specified');
		}

		@@ -160,16 +160,16 @@ res.writeHead(200);
		httpu.get(options, function(res) {
		assert.equal(res.statusCode, 200);
		test.finish();
		t.equal(res.statusCode, 200);
		t.end();
		});
		};
		});


		exports.test_key_id_no_quotes = function(test, assert) {
		test('key id no quotes', function(t) {
		server.tester = function(req, res) {
		assert.throws(
		function() {
		httpSignature.parseRequest(req);
		},
		/InvalidHeaderError: keyId was not specified/
		);
		try {
		httpSignature.parseRequest(req);
		} catch (e) {
		t.equal(e.name, 'InvalidHeaderError');
		t.equal(e.message, 'keyId was not specified');
		}

		@@ -183,16 +183,16 @@ res.writeHead(200);
		httpu.get(options, function(res) {
		assert.equal(res.statusCode, 200);
		test.finish();
		t.equal(res.statusCode, 200);
		t.end();
		});
		};
		});


		exports.test_no_algorithm = function(test, assert) {
		test('no algorithm', function(t) {
		server.tester = function(req, res) {
		assert.throws(
		function() {
		httpSignature.parseRequest(req);
		},
		/InvalidHeaderError: algorithm was not specified/
		);
		try {
		httpSignature.parseRequest(req);
		} catch (e) {
		t.equal(e.name, 'InvalidHeaderError');
		t.equal(e.message, 'algorithm was not specified');
		}

		@@ -205,16 +205,16 @@ res.writeHead(200);
		httpu.get(options, function(res) {
		assert.equal(res.statusCode, 200);
		test.finish();
		t.equal(res.statusCode, 200);
		t.end();
		});
		};
		});


		exports.test_algorithm_no_value = function(test, assert) {
		test('algorithm no value', function(t) {
		server.tester = function(req, res) {
		assert.throws(
		function() {
		httpSignature.parseRequest(req);
		},
		/InvalidHeaderError: algorithm was not specified/
		);
		try {
		httpSignature.parseRequest(req);
		} catch (e) {
		t.equal(e.name, 'InvalidHeaderError');
		t.equal(e.message, 'algorithm was not specified');
		}

		@@ -227,16 +227,16 @@ res.writeHead(200);
		httpu.get(options, function(res) {
		assert.equal(res.statusCode, 200);
		test.finish();
		t.equal(res.statusCode, 200);
		t.end();
		});
		};
		});


		exports.test_no_signature = function(test, assert) {
		test('no signature', function(t) {
		server.tester = function(req, res) {
		assert.throws(
		function() {
		httpSignature.parseRequest(req);
		},
		/InvalidHeaderError: signature was empty/
		);
		try {
		httpSignature.parseRequest(req);
		} catch (e) {
		t.equal(e.name, 'InvalidHeaderError');
		t.equal(e.message, 'signature was empty');
		}

		@@ -249,16 +249,16 @@ res.writeHead(200);
		httpu.get(options, function(res) {
		assert.equal(res.statusCode, 200);
		test.finish();
		t.equal(res.statusCode, 200);
		t.end();
		});
		};
		});


		exports.test_invalid_algorithm = function(test, assert) {
		test('invalid algorithm', function(t) {
		server.tester = function(req, res) {
		assert.throws(
		function() {
		httpSignature.parseRequest(req);
		},
		/InvalidParamsError: foo is not supported/
		);
		try {
		httpSignature.parseRequest(req);
		} catch (e) {
		t.equal(e.name, 'InvalidParamsError');
		t.equal(e.message, 'foo is not supported');
		}

		@@ -272,16 +272,16 @@ res.writeHead(200);
		httpu.get(options, function(res) {
		assert.equal(res.statusCode, 200);
		test.finish();
		t.equal(res.statusCode, 200);
		t.end();
		});
		};
		});


		exports.test_no_date_header = function(test, assert) {
		test('no date header', function(t) {
		server.tester = function(req, res) {
		assert.throws(
		function() {
		httpSignature.parseRequest(req);
		},
		/MissingHeaderError: date was not in the request/
		);
		try {
		httpSignature.parseRequest(req);
		} catch (e) {
		t.equal(e.name, 'MissingHeaderError');
		t.equal(e.message, 'date was not in the request');
		}

		@@ -295,13 +295,15 @@ res.writeHead(200);
		httpu.get(options, function(res) {
		assert.equal(res.statusCode, 200);
		test.finish();
		t.equal(res.statusCode, 200);
		t.end();
		});
		};
		});


		exports.test_valid_default_headers = function(test, assert) {
		test('valid default headers', function(t) {
		server.tester = function(req, res) {
		assert.doesNotThrow(function() {
		try {
		httpSignature.parseRequest(req);
		});
		} catch (e) {
		t.fail(e.stack);
		}

		@@ -316,16 +318,16 @@ res.writeHead(200);
		httpu.get(options, function(res) {
		assert.equal(res.statusCode, 200);
		test.finish();
		t.equal(res.statusCode, 200);
		t.end();
		});
		};
		});


		exports.test_explicit_headers_missing = function(test, assert) {
		test('explicit headers missing', function(t) {
		server.tester = function(req, res) {
		assert.throws(
		function() {
		httpSignature.parseRequest(req);
		},
		/MissingHeaderError: content-md5 was not in the request/
		);
		try {
		httpSignature.parseRequest(req);
		} catch (e) {
		t.equal(e.name, 'MissingHeaderError');
		t.equal(e.message, 'content-md5 was not in the request');
		}

		@@ -341,16 +343,14 @@ res.writeHead(200);
		httpu.get(options, function(res) {
		assert.equal(res.statusCode, 200);
		test.finish();
		t.equal(res.statusCode, 200);
		t.end();
		});
		};
		});


		exports.test_valid_explicit_headers = function(test, assert) {
		test('valid explicit headers', function(t) {
		server.tester = function(req, res) {
		assert.doesNotThrow(function() {
		var parsed = httpSignature.parseRequest(req);
		res.writeHead(200);
		res.write(JSON.stringify(parsed, null, 2));
		res.end();
		});
		var parsed = httpSignature.parseRequest(req);
		res.writeHead(200);
		res.write(JSON.stringify(parsed, null, 2));
		res.end();
		};
		@@ -365,4 +365,5 @@
		options.headers['content-md5'] = uuid();

		httpu.get(options, function(res) {
		assert.equal(res.statusCode, 200);
		t.equal(res.statusCode, 200);

		@@ -378,29 +379,29 @@ var body = '';
		var parsed = JSON.parse(body);
		assert.ok(parsed);
		assert.equal(parsed.scheme, 'Signature');
		assert.ok(parsed.params);
		assert.equal(parsed.params.keyId, 'fo,o');
		assert.equal(parsed.params.algorithm, 'rsa-sha256');
		assert.equal(parsed.params.extensions, 'blah blah');
		assert.ok(parsed.params.headers);
		assert.equal(parsed.params.headers.length, 3);
		assert.equal(parsed.params.headers[0], 'date');
		assert.equal(parsed.params.headers[1], 'content-md5');
		assert.equal(parsed.params.headers[2], 'request-line');
		assert.equal(parsed.signature, 'digitalSignature');
		assert.ok(parsed.signingString);
		assert.equal(parsed.signingString,
		t.ok(parsed);
		t.equal(parsed.scheme, 'Signature');
		t.ok(parsed.params);
		t.equal(parsed.params.keyId, 'fo,o');
		t.equal(parsed.params.algorithm, 'rsa-sha256');
		t.equal(parsed.params.extensions, 'blah blah');
		t.ok(parsed.params.headers);
		t.equal(parsed.params.headers.length, 3);
		t.equal(parsed.params.headers[0], 'date');
		t.equal(parsed.params.headers[1], 'content-md5');
		t.equal(parsed.params.headers[2], 'request-line');
		t.equal(parsed.signature, 'digitalSignature');
		t.ok(parsed.signingString);
		t.equal(parsed.signingString,
		(options.headers.Date + '\n' +
		options.headers['content-md5'] + '\n' +
		'GET / HTTP/1.1'));
		assert.equal(parsed.params.keyId, parsed.keyId);
		assert.equal(parsed.params.algorithm.toUpperCase(),
		parsed.algorithm);
		test.finish();
		t.equal(parsed.params.keyId, parsed.keyId);
		t.equal(parsed.params.algorithm.toUpperCase(),
		parsed.algorithm);
		t.end();
		});
		});
		};
		});


		exports.test_expired = function(test, assert) {
		test('expired', function(t) {
		server.tester = function(req, res) {
		@@ -413,8 +414,8 @@ var options = {
		setTimeout(function() {
		assert.throws(
		function() {
		httpSignature.parseRequest(req, options);
		},
		/ExpiredRequestError: clock skew of \d\.\d+s was greater than 1s/
		);
		try {
		httpSignature.parseRequest(req);
		} catch (e) {
		t.equal(e.name, 'ExpiredRequestError');
		t.ok(/clock skew of \d\.\d+s was greater than 1s/.test(e.message));
		}

		@@ -432,9 +433,9 @@ res.writeHead(200);
		httpu.get(options, function(res) {
		assert.equal(res.statusCode, 200);
		test.finish();
		t.equal(res.statusCode, 200);
		t.end();
		});
		};
		});


		exports.test_missing_required_header = function(test, assert) {
		test('missing required header', function(t) {
		server.tester = function(req, res) {
		@@ -446,8 +447,8 @@ var options = {

		assert.throws(
		function() {
		httpSignature.parseRequest(req, options);
		},
		/MissingHeaderError: x-unit-test was not a signed header/
		);
		try {
		httpSignature.parseRequest(req, options);
		} catch (e) {
		t.equal('MissingHeaderError', e.name);
		t.equal('x-unit-test was not a signed header', e.message);
		}

		@@ -464,9 +465,9 @@ res.writeHead(200);
		httpu.get(options, function(res) {
		assert.equal(res.statusCode, 200);
		test.finish();
		t.equal(res.statusCode, 200);
		t.end();
		});
		};
		});


		exports.test_not_whitelist_algorithm = function(test, assert) {
		test('not whitelisted algorithm', function(t) {
		server.tester = function(req, res) {
		@@ -478,8 +479,8 @@ var options = {

		assert.throws(
		function() {
		httpSignature.parseRequest(req, options);
		},
		/InvalidParamsError: rsa-sha256 is not a supported algorithm/
		);
		try {
		httpSignature.parseRequest(req, options);
		} catch (e) {
		t.equal('InvalidParamsError', e.name);
		t.equal('rsa-sha256 is not a supported algorithm', e.message);
		}

		@@ -496,13 +497,13 @@ res.writeHead(200);
		httpu.get(options, function(res) {
		assert.equal(res.statusCode, 200);
		test.finish();
		t.equal(res.statusCode, 200);
		t.end();
		});
		};
		});


		exports.tearDown = function(test, assert) {
		test('tearDown', function(t) {
		server.on('close', function() {
		test.finish();
		t.end();
		});
		server.close();
		};
		});

tst/signer.test.js

		@@ -8,2 +8,3 @@ // Copyright 2011 Joyent, Inc. All rights reserved.
		var httpu = require('httpu');
		var test = require('tap').test;
		var uuid = require('node-uuid');
		@@ -21,2 +22,4 @@
		var signOptions = null;
		var server = null;
		var socket = null;

		@@ -27,34 +30,48 @@

		exports.setUp = function(test, assert) {

		test('setup', function(t) {
		rsaPrivate = fs.readFileSync(__dirname + '/rsa_private.pem', 'ascii');
		assert.ok(rsaPrivate);
		t.ok(rsaPrivate);

		hmacKey = uuid();
		httpOptions = {
		socketPath: uuid(),
		path: '/',
		method: 'GET',
		headers: {}
		};
		socket = '/tmp/.' + uuid();

		signOptions = {
		key: rsaPrivate,
		keyId: 'unitTest'
		};
		server = http.createServer(function(req, res) {
		res.writeHead(200);
		res.end();
		});

		test.finish();
		};
		server.listen(socket, function() {
		hmacKey = uuid();
		httpOptions = {
		socketPath: socket,
		path: '/',
		method: 'GET',
		headers: {}
		};

		signOptions = {
		key: rsaPrivate,
		keyId: 'unitTest'
		};

		exports.test_defaults = function(test, assert) {
		var req = httpu.request(httpOptions, function(res) {});
		assert.ok(httpSignature.sign(req, signOptions));
		assert.ok(req.getHeader('Authorization'));
		t.end();
		});
		});


		test('defaults', function(t) {
		var req = httpu.request(httpOptions, function(res) {
		t.end();
		});
		t.ok(httpSignature.sign(req, signOptions));
		t.ok(req.getHeader('Authorization'));
		console.log('> ' + req.getHeader('Authorization'));
		test.finish();
		};
		req.end();
		});


		exports.test_request_line = function(test, assert) {
		var req = httpu.request(httpOptions, function(res) {});
		test('request line', function(t) {
		var req = httpu.request(httpOptions, function(res) {
		t.end();
		});
		var opts = {
		@@ -66,11 +83,13 @@ keyId: 'unit',

		assert.ok(httpSignature.sign(req, opts));
		assert.ok(req.getHeader('Authorization'));
		t.ok(httpSignature.sign(req, opts));
		t.ok(req.getHeader('Authorization'));
		console.log('> ' + req.getHeader('Authorization'));
		test.finish();
		};
		req.end();
		});


		exports.test_hmac = function(test, assert) {
		var req = httpu.request(httpOptions, function(res) {});
		test('hmac', function(t) {
		var req = httpu.request(httpOptions, function(res) {
		t.end();
		});
		var opts = {
		@@ -82,11 +101,14 @@ keyId: 'unit',

		assert.ok(httpSignature.sign(req, opts));
		assert.ok(req.getHeader('Authorization'));
		t.ok(httpSignature.sign(req, opts));
		t.ok(req.getHeader('Authorization'));
		console.log('> ' + req.getHeader('Authorization'));
		test.finish();
		};
		req.end();
		});


		exports.tearDown = function(test, assert) {
		test.finish();
		};
		test('tear down', function(t) {
		server.on('close', function() {
		t.end();
		});
		server.close();
		});

tst/verify.test.js

		@@ -8,2 +8,3 @@ // Copyright 2011 Joyent, Inc. All rights reserved.
		var httpu = require('httpu');
		var test = require('tap').test;
		var uuid = require('node-uuid');
		@@ -66,7 +67,7 @@

		exports.setUp = function(test, assert) {
		test('setup', function(t) {
		rsaPrivate = fs.readFileSync(__dirname + '/rsa_private.pem', 'ascii');
		rsaPublic = fs.readFileSync(__dirname + '/rsa_public.pem', 'ascii');
		assert.ok(rsaPrivate);
		assert.ok(rsaPublic);
		t.ok(rsaPrivate);
		t.ok(rsaPublic);

		@@ -86,17 +87,15 @@ hmacKey = uuid();
		server.listen(socket, function() {
		test.finish();
		t.end();
		});
		};
		});


		exports.test_invalid_hmac = function(test, assert) {
		test('invalid hmac', function(t) {
		server.tester = function(req, res) {
		assert.doesNotThrow(function() {
		var parsed = httpSignature.parseRequest(req);
		assert.ok(!httpSignature.verify(parsed, hmacKey));
		var parsed = httpSignature.parseRequest(req);
		t.ok(!httpSignature.verify(parsed, hmacKey));

		res.writeHead(200);
		res.write(JSON.stringify(parsed, null, 2));
		res.end();
		});
		res.writeHead(200);
		res.write(JSON.stringify(parsed, null, 2));
		res.end();
		};
		@@ -110,18 +109,16 @@
		httpu.get(options, function(res) {
		assert.equal(res.statusCode, 200);
		test.finish();
		t.equal(res.statusCode, 200);
		t.end();
		});
		};
		});


		exports.test_valid_hmac = function(test, assert) {
		test('valid hmac', function(t) {
		server.tester = function(req, res) {
		assert.doesNotThrow(function() {
		var parsed = httpSignature.parseRequest(req);
		assert.ok(httpSignature.verify(parsed, hmacKey));
		var parsed = httpSignature.parseRequest(req);
		t.ok(httpSignature.verify(parsed, hmacKey));

		res.writeHead(200);
		res.write(JSON.stringify(parsed, null, 2));
		res.end();
		});
		res.writeHead(200);
		res.write(JSON.stringify(parsed, null, 2));
		res.end();
		};
		@@ -137,19 +134,16 @@
		httpu.get(options, function(res) {
		assert.equal(res.statusCode, 200);
		test.finish();
		t.equal(res.statusCode, 200);
		t.end();
		});
		};
		});



		exports.test_invalid_rsa = function(test, assert) {
		test('invalid rsa', function(t) {
		server.tester = function(req, res) {
		assert.doesNotThrow(function() {
		var parsed = httpSignature.parseRequest(req);
		assert.ok(!httpSignature.verify(parsed, rsaPublic));
		var parsed = httpSignature.parseRequest(req);
		t.ok(!httpSignature.verify(parsed, rsaPublic));

		res.writeHead(200);
		res.write(JSON.stringify(parsed, null, 2));
		res.end();
		});
		res.writeHead(200);
		res.write(JSON.stringify(parsed, null, 2));
		res.end();
		};
		@@ -163,18 +157,16 @@
		httpu.get(options, function(res) {
		assert.equal(res.statusCode, 200);
		test.finish();
		t.equal(res.statusCode, 200);
		t.end();
		});
		};
		});


		exports.test_valid_rsa = function(test, assert) {
		test('valid rsa', function(t) {
		server.tester = function(req, res) {
		assert.doesNotThrow(function() {
		var parsed = httpSignature.parseRequest(req);
		assert.ok(httpSignature.verify(parsed, rsaPublic));
		var parsed = httpSignature.parseRequest(req);
		t.ok(httpSignature.verify(parsed, rsaPublic));

		res.writeHead(200);
		res.write(JSON.stringify(parsed, null, 2));
		res.end();
		});
		res.writeHead(200);
		res.write(JSON.stringify(parsed, null, 2));
		res.end();
		};
		@@ -190,13 +182,13 @@
		httpu.get(options, function(res) {
		assert.equal(res.statusCode, 200);
		test.finish();
		t.equal(res.statusCode, 200);
		t.end();
		});
		};
		});


		exports.tearDown = function(test, assert) {
		test('tear down', function(t) {
		server.on('close', function() {
		test.finish();
		t.end();
		});
		server.close();
		};
		});

Improved metrics

Worsened metrics

Dependency changes