http-signature
Advanced tools
Comparing version 1.1.1 to 1.2.0
@@ -119,8 +119,11 @@ // Copyright 2012 Joyent, Inc. All rights reserved. | ||
assert.arrayOfString(options.headers, 'options.headers'); | ||
assert.optionalNumber(options.clockSkew, 'options.clockSkew'); | ||
assert.optionalFinite(options.clockSkew, 'options.clockSkew'); | ||
if (!request.headers.authorization) | ||
throw new MissingHeaderError('no authorization header present in ' + | ||
'the request'); | ||
var authzHeaderName = options.authorizationHeaderName || 'authorization'; | ||
if (!request.headers[authzHeaderName]) { | ||
throw new MissingHeaderError('no ' + authzHeaderName + ' header ' + | ||
'present in the request'); | ||
} | ||
options.clockSkew = options.clockSkew || 300; | ||
@@ -138,14 +141,6 @@ | ||
params: {}, | ||
signingString: '', | ||
get algorithm() { | ||
return this.params.algorithm.toUpperCase(); | ||
}, | ||
get keyId() { | ||
return this.params.keyId; | ||
} | ||
signingString: '' | ||
}; | ||
var authz = request.headers.authorization; | ||
var authz = request.headers[authzHeaderName]; | ||
for (i = 0; i < authz.length; i++) { | ||
@@ -307,3 +302,3 @@ var c = authz.charAt(i); | ||
// were in the request, so if this passes we're good. | ||
if (parsed.params.headers.indexOf(hdr) < 0) | ||
if (parsed.params.headers.indexOf(hdr.toLowerCase()) < 0) | ||
throw new MissingHeaderError(hdr + ' was not a signed header'); | ||
@@ -318,2 +313,4 @@ }); | ||
parsed.algorithm = parsed.params.algorithm.toUpperCase(); | ||
parsed.keyId = parsed.params.keyId; | ||
return parsed; | ||
@@ -320,0 +317,0 @@ } |
@@ -390,3 +390,5 @@ // Copyright 2012 Joyent, Inc. All rights reserved. | ||
request.setHeader('Authorization', sprintf(AUTHZ_FMT, | ||
var authzHeaderName = options.authorizationHeaderName || 'Authorization'; | ||
request.setHeader(authzHeaderName, sprintf(AUTHZ_FMT, | ||
options.keyId, | ||
@@ -393,0 +395,0 @@ options.algorithm, |
{ | ||
"name": "http-signature", | ||
"description": "Reference implementation of Joyent's HTTP Signature scheme.", | ||
"version": "1.1.1", | ||
"version": "1.2.0", | ||
"license": "MIT", | ||
@@ -31,3 +31,3 @@ "author": "Joyent, Inc", | ||
"dependencies": { | ||
"assert-plus": "^0.2.0", | ||
"assert-plus": "^1.0.0", | ||
"jsprim": "^1.2.2", | ||
@@ -37,5 +37,5 @@ "sshpk": "^1.7.0" | ||
"devDependencies": { | ||
"node-uuid": "^1.4.1", | ||
"tap": "0.4.2" | ||
"tap": "0.4.2", | ||
"uuid": "^2.0.2" | ||
} | ||
} |
48415
791
- Removedassert-plus@0.2.0(transitive)
Updatedassert-plus@^1.0.0