http-signature
Advanced tools
Comparing version 0.9.7 to 0.9.8
@@ -87,3 +87,3 @@ # Abstract | ||
headers in useful signature calculation, it is deemed simpler to simply use | ||
`request-line` then to add a separate parameter for it. | ||
`request-line` than to add a separate parameter for it. | ||
@@ -109,3 +109,3 @@ #### extensions | ||
appear, and separate with an ASCII newline `\n`. The last header in the list | ||
MUST include a trailing ASCII newline. | ||
MUST NOT include a trailing ASCII newline. | ||
@@ -131,6 +131,7 @@ # Example Requests | ||
The client would compose the signing string as: | ||
The client would compose the signing string as (`+ "\n"` inserted for | ||
readability): | ||
application/json | ||
Tue, 07 Jun 2011 20:51:35 GMT | ||
application/json + "\n" | ||
Tue, 07 Jun 2011 20:51:35 GMT + "\n" | ||
h0auK8hnYJKmHTLhKtMTkQ== | ||
@@ -206,1 +207,71 @@ | ||
URI: http://www.joyent.com | ||
# Appendix A - Test Values | ||
The following test data uses the RSA (2048b) keys, which we will refer | ||
to as `keyId=Test` in the following samples: | ||
-----BEGIN PUBLIC KEY----- | ||
MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDCFENGw33yGihy92pDjZQhl0C3 | ||
6rPJj+CvfSC8+q28hxA161QFNUd13wuCTUcq0Qd2qsBe/2hFyc2DCJJg0h1L78+6 | ||
Z4UMR7EOcpfdUE9Hf3m/hs+FUR45uBJeDK1HSFHD8bHKD6kv8FPGfJTotc+2xjJw | ||
oYi+1hqp1fIekaxsyQIDAQAB | ||
-----END PUBLIC KEY----- | ||
-----BEGIN RSA PRIVATE KEY----- | ||
MIICXgIBAAKBgQDCFENGw33yGihy92pDjZQhl0C36rPJj+CvfSC8+q28hxA161QF | ||
NUd13wuCTUcq0Qd2qsBe/2hFyc2DCJJg0h1L78+6Z4UMR7EOcpfdUE9Hf3m/hs+F | ||
UR45uBJeDK1HSFHD8bHKD6kv8FPGfJTotc+2xjJwoYi+1hqp1fIekaxsyQIDAQAB | ||
AoGBAJR8ZkCUvx5kzv+utdl7T5MnordT1TvoXXJGXK7ZZ+UuvMNUCdN2QPc4sBiA | ||
QWvLw1cSKt5DsKZ8UETpYPy8pPYnnDEz2dDYiaew9+xEpubyeW2oH4Zx71wqBtOK | ||
kqwrXa/pzdpiucRRjk6vE6YY7EBBs/g7uanVpGibOVAEsqH1AkEA7DkjVH28WDUg | ||
f1nqvfn2Kj6CT7nIcE3jGJsZZ7zlZmBmHFDONMLUrXR/Zm3pR5m0tCmBqa5RK95u | ||
412jt1dPIwJBANJT3v8pnkth48bQo/fKel6uEYyboRtA5/uHuHkZ6FQF7OUkGogc | ||
mSJluOdc5t6hI1VsLn0QZEjQZMEOWr+wKSMCQQCC4kXJEsHAve77oP6HtG/IiEn7 | ||
kpyUXRNvFsDE0czpJJBvL/aRFUJxuRK91jhjC68sA7NsKMGg5OXb5I5Jj36xAkEA | ||
gIT7aFOYBFwGgQAQkWNKLvySgKbAZRTeLBacpHMuQdl1DfdntvAyqpAZ0lY0RKmW | ||
G6aFKaqQfOXKCyWoUiVknQJAXrlgySFci/2ueKlIE1QqIiLSZ8V8OlpFLRnb1pzI | ||
7U1yQXnTAEFYM560yJlzUpOb1V4cScGd365tiSMvxLOvTA== | ||
-----END RSA PRIVATE KEY----- | ||
And all examples use this request: | ||
POST /foo?param=value&pet=dog HTTP/1.1 | ||
Host: example.com | ||
Date: Thu, 05 Jan 2012 21:31:40 GMT | ||
Content-Type: application/json | ||
Content-MD5: Sd/dVLAcvNLSq16eXua5uQ== | ||
Content-Length: 18 | ||
{"hello": "world"} | ||
### Default | ||
The string to sign would be: | ||
``` | ||
Thu, 05 Jan 2012 21:31:40 GMT | ||
``` | ||
The Authorization header would be: | ||
Authorization: Signature keyId="Test",algorithm="rsa-sha256" MDyO5tSvin5FBVdq3gMBTwtVgE8U/JpzSwFvY7gu7Q2tiZ5TvfHzf/RzmRoYwO8PoV1UGaw6IMwWzxDQkcoYOwvG/w4ljQBBoNusO/mYSvKrbqxUmZi8rNtrMcb82MS33bai5IeLnOGl31W1UbL4qE/wL8U9wCPGRJlCFLsTgD8= | ||
### All Headers | ||
Parameterized to include all headers, the string to sign would be: | ||
``` | ||
/foo?param=value&pet=dog HTTP/1.1 | ||
example.com | ||
Thu, 05 Jan 2012 21:31:40 GMT | ||
application/json | ||
Sd/dVLAcvNLSq16eXua5uQ== | ||
18 | ||
``` | ||
The Authorization header would be: | ||
Authorization: Signature | ||
keyId="Test",algorithm="rsa-sha256",headers="request-line host date content-type content-md5 content-length" gVrKP7wVh1+FmWbNlhj0pNXIe9XmeOA6EcnoOKAvUILnwaMFzaKaam9UmeDPwjC9TdT+jSRqjtyZE49kZcSpYAHxGlPQ4ziXFRfPprlN/3Xwg3sUOGqbBiS3WFuY3QOOWv4tzc5p70g74U/QvHNNiYMcjoz89vRJhefbFSNwCDs= | ||
@@ -119,3 +119,4 @@ // Copyright 2011 Joyent, Inc. All rights reserved. | ||
if (!request.headers.authorization) | ||
throw new TypeError('no authorization header present in the requset'); | ||
throw new MissingHeaderError('no authorization header present in ' + | ||
'the requset'); | ||
@@ -122,0 +123,0 @@ if (options && typeof(options) !== 'object') |
@@ -5,3 +5,3 @@ { | ||
"description": "Reference implementation of Joyent's HTTP Signature Scheme", | ||
"version": "0.9.7", | ||
"version": "0.9.8", | ||
"homepage": "http://www.joyent.com", | ||
@@ -8,0 +8,0 @@ "repository": { |
@@ -84,3 +84,3 @@ // Copyright 2011 Joyent, Inc. All rights reserved. | ||
} catch (e) { | ||
t.equal(e.name, 'TypeError'); | ||
t.equal(e.name, 'MissingHeaderError'); | ||
} | ||
@@ -87,0 +87,0 @@ res.writeHead(200); |
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
58406
1329