http-signature - npm Package Compare versions

http-signature

Package Overview

Dependencies

Maintainers

Advanced tools

Install Socket

Detect and block malicious and high-risk dependencies

Install

Comparing version 0.9.7 to 0.9.8

.npmignore

http_signing.md

		@@ -87,3 +87,3 @@ # Abstract
		headers in useful signature calculation, it is deemed simpler to simply use
		`request-line` then to add a separate parameter for it.
		`request-line` than to add a separate parameter for it.

		@@ -109,3 +109,3 @@ #### extensions
		appear, and separate with an ASCII newline `\n`. The last header in the list
		MUST include a trailing ASCII newline.
		MUST NOT include a trailing ASCII newline.

		@@ -131,6 +131,7 @@ # Example Requests

		The client would compose the signing string as:
		The client would compose the signing string as (`+ "\n"` inserted for
		readability):

		application/json
		Tue, 07 Jun 2011 20:51:35 GMT
		application/json + "\n"
		Tue, 07 Jun 2011 20:51:35 GMT + "\n"
		h0auK8hnYJKmHTLhKtMTkQ==
		@@ -206,1 +207,71 @@
		URI: http://www.joyent.com

		# Appendix A - Test Values

		The following test data uses the RSA (2048b) keys, which we will refer
		to as `keyId=Test` in the following samples:

		-----BEGIN PUBLIC KEY-----
		MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDCFENGw33yGihy92pDjZQhl0C3
		6rPJj+CvfSC8+q28hxA161QFNUd13wuCTUcq0Qd2qsBe/2hFyc2DCJJg0h1L78+6
		Z4UMR7EOcpfdUE9Hf3m/hs+FUR45uBJeDK1HSFHD8bHKD6kv8FPGfJTotc+2xjJw
		oYi+1hqp1fIekaxsyQIDAQAB
		-----END PUBLIC KEY-----

		-----BEGIN RSA PRIVATE KEY-----
		MIICXgIBAAKBgQDCFENGw33yGihy92pDjZQhl0C36rPJj+CvfSC8+q28hxA161QF
		NUd13wuCTUcq0Qd2qsBe/2hFyc2DCJJg0h1L78+6Z4UMR7EOcpfdUE9Hf3m/hs+F
		UR45uBJeDK1HSFHD8bHKD6kv8FPGfJTotc+2xjJwoYi+1hqp1fIekaxsyQIDAQAB
		AoGBAJR8ZkCUvx5kzv+utdl7T5MnordT1TvoXXJGXK7ZZ+UuvMNUCdN2QPc4sBiA
		QWvLw1cSKt5DsKZ8UETpYPy8pPYnnDEz2dDYiaew9+xEpubyeW2oH4Zx71wqBtOK
		kqwrXa/pzdpiucRRjk6vE6YY7EBBs/g7uanVpGibOVAEsqH1AkEA7DkjVH28WDUg
		f1nqvfn2Kj6CT7nIcE3jGJsZZ7zlZmBmHFDONMLUrXR/Zm3pR5m0tCmBqa5RK95u
		412jt1dPIwJBANJT3v8pnkth48bQo/fKel6uEYyboRtA5/uHuHkZ6FQF7OUkGogc
		mSJluOdc5t6hI1VsLn0QZEjQZMEOWr+wKSMCQQCC4kXJEsHAve77oP6HtG/IiEn7
		kpyUXRNvFsDE0czpJJBvL/aRFUJxuRK91jhjC68sA7NsKMGg5OXb5I5Jj36xAkEA
		gIT7aFOYBFwGgQAQkWNKLvySgKbAZRTeLBacpHMuQdl1DfdntvAyqpAZ0lY0RKmW
		G6aFKaqQfOXKCyWoUiVknQJAXrlgySFci/2ueKlIE1QqIiLSZ8V8OlpFLRnb1pzI
		7U1yQXnTAEFYM560yJlzUpOb1V4cScGd365tiSMvxLOvTA==
		-----END RSA PRIVATE KEY-----

		And all examples use this request:

		POST /foo?param=value&pet=dog HTTP/1.1
		Host: example.com
		Date: Thu, 05 Jan 2012 21:31:40 GMT
		Content-Type: application/json
		Content-MD5: Sd/dVLAcvNLSq16eXua5uQ==
		Content-Length: 18

		{"hello": "world"}

		### Default

		The string to sign would be:

		```
		Thu, 05 Jan 2012 21:31:40 GMT
		```

		The Authorization header would be:

		Authorization: Signature keyId="Test",algorithm="rsa-sha256" MDyO5tSvin5FBVdq3gMBTwtVgE8U/JpzSwFvY7gu7Q2tiZ5TvfHzf/RzmRoYwO8PoV1UGaw6IMwWzxDQkcoYOwvG/w4ljQBBoNusO/mYSvKrbqxUmZi8rNtrMcb82MS33bai5IeLnOGl31W1UbL4qE/wL8U9wCPGRJlCFLsTgD8=

		### All Headers

		Parameterized to include all headers, the string to sign would be:

		```
		/foo?param=value&pet=dog HTTP/1.1
		example.com
		Thu, 05 Jan 2012 21:31:40 GMT
		application/json
		Sd/dVLAcvNLSq16eXua5uQ==
		18
		```

		The Authorization header would be:

		Authorization: Signature
		keyId="Test",algorithm="rsa-sha256",headers="request-line host date content-type content-md5 content-length" gVrKP7wVh1+FmWbNlhj0pNXIe9XmeOA6EcnoOKAvUILnwaMFzaKaam9UmeDPwjC9TdT+jSRqjtyZE49kZcSpYAHxGlPQ4ziXFRfPprlN/3Xwg3sUOGqbBiS3WFuY3QOOWv4tzc5p70g74U/QvHNNiYMcjoz89vRJhefbFSNwCDs=

lib/parser.js

		@@ -119,3 +119,4 @@ // Copyright 2011 Joyent, Inc. All rights reserved.
		if (!request.headers.authorization)
		throw new TypeError('no authorization header present in the requset');
		throw new MissingHeaderError('no authorization header present in ' +
		'the requset');

		@@ -122,0 +123,0 @@ if (options && typeof(options) !== 'object')

package.json

		@@ -5,3 +5,3 @@ {
		"description": "Reference implementation of Joyent's HTTP Signature Scheme",
		"version": "0.9.7",
		"version": "0.9.8",
		"homepage": "http://www.joyent.com",
		@@ -8,0 +8,0 @@ "repository": {

tst/parser.test.js

		@@ -84,3 +84,3 @@ // Copyright 2011 Joyent, Inc. All rights reserved.
		} catch (e) {
		t.equal(e.name, 'TypeError');
		t.equal(e.name, 'MissingHeaderError');
		}
		@@ -87,0 +87,0 @@ res.writeHead(200);

.gitignore

Improved metrics