		@@ -37,2 +37,4 @@ # Change Log
		### V0.7.4
		+ Prepare for publishing and update package metadata
		+ Prepare for publishing and update package metadata
		### V0.7.5
		+ Added logic to getSignatureBaseString to generate nonce and timestamp.

lib/ApiSigningUtil.js

		@@ -253,5 +253,13 @@ const nonceLib = require('nonce')();
		/**
		* Formulate Signature base string
		* Formulate Apex Signature base string
		*
		* @param {object} baseProps Base string formulation request properties in JSON object
		* @param {string} baseProps.authPrefix Apex auth prefix
		* @param {string} baseProps.signatureMethod If L1 auth, HMACSHA256; if L2 auth, SHA256withRSA
		* @param {string} baseProps.appId Apex app ID
		* @param {string} baseProps.httpMethod HTTP Verb
		* @param {number} [baseProps.nonce] A nonce. Use once only
		* @param {number} [baseProps.timestamp] Unix timestamp (ms)
		* @param {object} [baseProps.queryString] Query string in API
		* @param {object} [baseProps.formData] HTTP POST or PUT body in x-www-form-urlencoded format
		*
		@@ -285,5 +293,5 @@ * @returns {string} sigBaseString Signature base string for signing
		defaultParams[prefixedAppId] = baseProps.appId;
		defaultParams[prefixedNonce] = baseProps.nonce;
		defaultParams[prefixedNonce] = baseProps.nonce \|\| nonceLib();
		defaultParams[prefixedSignatureMethod] = baseProps.signatureMethod;
		defaultParams[prefixedTimestamp] = baseProps.timestamp;
		defaultParams[prefixedTimestamp] = baseProps.timestamp \|\| (new Date).getTime();
		defaultParams[prefixedVersion] = '1.0';
		@@ -315,3 +323,3 @@
		/**
		* Generate HTTP Authorize HMAC256 Signature Header for API Gateway
		* (Deprecated) Generate HTTP Authorize HMAC256 Signature Header for API Gateway
		* Legacy interface to be deprecated, please change to getSignatureToken instead
		@@ -351,3 +359,3 @@ *
		/**
		* Generate HTTP Authorize RSA256 Signature Header for API Gateway with a given Private Key Cert file path
		* (Deprecated) Generate HTTP Authorize RSA256 Signature Header for API Gateway with a given Private Key Cert file path
		* Legacy interface to be deprecated, please change to getSignatureToken instead
		@@ -389,3 +397,3 @@ *
		/**
		* Generate HTTP Authorize RSA256 Signature Header for API Gateway with a given Private Key content
		* (Deprecated) Generate HTTP Authorize RSA256 Signature Header for API Gateway with a given Private Key content
		* Legacy interface to be deprecated, please change to getSignatureToken instead
		@@ -392,0 +400,0 @@ *

package.json

		{
		"name": "node-apex-api-security",
		"version": "0.7.4",
		"version": "0.7.5",
		"description": "APEX API security utiity. Includes helper operations to generate HMAC-SHA256 and RSA-SHA256 signatures",
		@@ -5,0 +5,0 @@ "main": "index.js",

README.md

		# APEX API Node.js Security Utility
		[![npm version](https://badge.fury.io/js/node-apex-api-security.svg)](https://badge.fury.io/js/node-apex-api-security)
		[![Codacy Badge](https://api.codacy.com/project/badge/Grade/eb0547096e2d4693b8cd19a87977f14f)](https://www.codacy.com/app/GovTech/node-apex-api-security?utm_source=github.com&utm_medium=referral&utm_content=GovTechSG/node-apex-api-security&utm_campaign=Badge_Grade)
		@@ -20,14 +21,6 @@ [![Build Status](https://travis-ci.org/GovTechSG/node-apex-api-security.svg?branch=master)](https://travis-ci.org/GovTechSG/node-apex-api-security)

		Add this package as a dependency in `package.json`.

		```json
		"dependencies": {
		"node-apex-api-security": "git+https://github.com/GovTechSG/node-apex-api-security.git",
		}
		```

		### Installation

		```
		$ npm install
		$ npm install node-apex-api-security
		```
		@@ -34,0 +27,0 @@

.idea/codeStyles/codeStyleConfig.xml

.idea/jsLibraryMappings.xml

.idea/markdown-navigator.xml

.idea/markdown-navigator/profiles_settings.xml

.idea/misc.xml

.idea/modules.xml

.idea/node-apex-api-security.iml

.idea/vcs.xml

.idea/watcherTasks.xml

.idea/workspace.xml

node-apex-api-security - npm Package Compare versions

New alerts

Fixed alerts

Improved metrics

Worsened metrics