UNPKG

@3846masa/http-signature

Version:

Create / Verify HTTP Signatures (https://tools.ietf.org/html/draft-cavage-http-signatures-10)

github.com/3846masa/http-signature

3846masa/http-signature

149 lines (121 loc) 5.02 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
# [@3846masa/http-signature](https://www.npmjs.com/package/@3846masa/http-signature) <!-- omit in toc --> [![NPM](https://nodei.co/npm/@3846masa/http-signature.png?mini=true)](https://www.npmjs.com/package/@3846masa/http-signature) [![CircleCI](https://flat.badgen.net/circleci/github/3846masa/http-signature)](https://circleci.com/gh/3846masa/http-signature) [![Codecov](https://flat.badgen.net/codecov/c/github/3846masa/http-signature)](https://codecov.io/gh/3846masa/http-signature) > Create / Verify [HTTP Signatures](https://tools.ietf.org/html/draft-cavage-http-signatures-10) ## Table of Contents <!-- omit in toc --> - [Install](#install) - [Usage](#usage) - [Create signature](#create-signature) - [Parse signature](#parse-signature) - [Verify signature](#verify-signature) - [Contributing](#contributing) - [License](#license) ## Install ```bash npm install --save @3846masa/http-signature ``` ```bash yarn add @3846masa/http-signature ``` TypeScript definitions is included. ## Usage ### Create signature ```ts import { createSignature } from '@3846masa/http-signature'; const privateKey = ` -----BEGIN RSA PRIVATE KEY----- MIICXgIBAAKBgQDCFENGw33yGihy92pDjZQhl0C36rPJj+CvfSC8+q28hxA161QF NUd13wuCTUcq0Qd2qsBe/2hFyc2DCJJg0h1L78+6Z4UMR7EOcpfdUE9Hf3m/hs+F UR45uBJeDK1HSFHD8bHKD6kv8FPGfJTotc+2xjJwoYi+1hqp1fIekaxsyQIDAQAB AoGBAJR8ZkCUvx5kzv+utdl7T5MnordT1TvoXXJGXK7ZZ+UuvMNUCdN2QPc4sBiA QWvLw1cSKt5DsKZ8UETpYPy8pPYnnDEz2dDYiaew9+xEpubyeW2oH4Zx71wqBtOK kqwrXa/pzdpiucRRjk6vE6YY7EBBs/g7uanVpGibOVAEsqH1AkEA7DkjVH28WDUg f1nqvfn2Kj6CT7nIcE3jGJsZZ7zlZmBmHFDONMLUrXR/Zm3pR5m0tCmBqa5RK95u 412jt1dPIwJBANJT3v8pnkth48bQo/fKel6uEYyboRtA5/uHuHkZ6FQF7OUkGogc mSJluOdc5t6hI1VsLn0QZEjQZMEOWr+wKSMCQQCC4kXJEsHAve77oP6HtG/IiEn7 kpyUXRNvFsDE0czpJJBvL/aRFUJxuRK91jhjC68sA7NsKMGg5OXb5I5Jj36xAkEA gIT7aFOYBFwGgQAQkWNKLvySgKbAZRTeLBacpHMuQdl1DfdntvAyqpAZ0lY0RKmW G6aFKaqQfOXKCyWoUiVknQJAXrlgySFci/2ueKlIE1QqIiLSZ8V8OlpFLRnb1pzI 7U1yQXnTAEFYM560yJlzUpOb1V4cScGd365tiSMvxLOvTA== -----END RSA PRIVATE KEY----- `.trim(); createSignature({ privateKey, keyId: 'Test', method: 'POST', pathname: '/foo?param=value&pet=dog', headers: { Host: 'example.com', Date: 'Sun, 05 Jan 2014 21:31:40 GMT', 'Content-Type': 'application/json', Digest: 'SHA-256=X48E9qOokqqrvdts8nOJRJN3OWDUoyWxBf7kbu9DBPE=', 'Content-Length': 18, }, properties: ['(request-target)', 'host', 'date'], algorithm: 'rsa-sha256', }); // keyId="Test",algorithm="rsa-sha256",headers="(request-target) host date",signature="qdx+H7PHHDZgy4y/Ahn9Tny9V3GP6YgBPyUXMmoxWtLbHpUnXS2mg2+SbrQDMCJypxBLSPQR2aAjn7ndmw2iicw3HMbe8VfEdKFYRqzic+efkb3nndiv/x1xSHDJWeSWkx3ButlYSuBskLu6kd9Fswtemr3lgdDEmn04swr2Os0=" ``` ### Parse signature ```ts import { parseSignature } from '@3846masa/http-signature'; const signatureObj = parseSignature( `keyId="Test",algorithm="rsa-sha256",headers="(request-target) host date",signature="qdx+H7PHHDZgy4y/Ahn9Tny9V3GP6YgBPyUXMmoxWtLbHpUnXS2mg2+SbrQDMCJypxBLSPQR2aAjn7ndmw2iicw3HMbe8VfEdKFYRqzic+efkb3nndiv/x1xSHDJWeSWkx3ButlYSuBskLu6kd9Fswtemr3lgdDEmn04swr2Os0="`, ); /** * { * keyId: 'Test', * algorithm: 'rsa-sha256', * headers: '(request-target) host date', * signature: 'qdx+H7PHHDZgy4y/Ahn9Tny9V3GP6YgBPyUXMmoxWtLbHpUnXS2mg2+SbrQDMCJypxBLSPQR2aAjn7ndmw2iicw3HMbe8VfEdKFYRqzic+efkb3nndiv/x1xSHDJWeSWkx3ButlYSuBskLu6kd9Fswtemr3lgdDEmn04swr2Os0=' * } */ ``` ### Verify signature ```ts import { verifySignature } from '@3846masa/http-signature'; const publicKey = ` -----BEGIN PUBLIC KEY----- MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDCFENGw33yGihy92pDjZQhl0C3 6rPJj+CvfSC8+q28hxA161QFNUd13wuCTUcq0Qd2qsBe/2hFyc2DCJJg0h1L78+6 Z4UMR7EOcpfdUE9Hf3m/hs+FUR45uBJeDK1HSFHD8bHKD6kv8FPGfJTotc+2xjJw oYi+1hqp1fIekaxsyQIDAQAB -----END PUBLIC KEY----- `.trim(); try { verifySignature({ publicKey, signature: { keyId: 'Test', algorithm: 'rsa-sha256', headers: '(request-target) host date', signature: 'qdx+H7PHHDZgy4y/Ahn9Tny9V3GP6YgBPyUXMmoxWtLbHpUnXS2mg2+SbrQDMCJypxBLSPQR2aAjn7ndmw2iicw3HMbe8VfEdKFYRqzic+efkb3nndiv/x1xSHDJWeSWkx3ButlYSuBskLu6kd9Fswtemr3lgdDEmn04swr2Os0=', }, method: 'POST', pathname: '/foo?param=value&pet=dog', headers: { Host: 'example.com', Date: 'Sun, 05 Jan 2014 21:31:40 GMT', 'Content-Type': 'application/json', Digest: 'SHA-256=X48E9qOokqqrvdts8nOJRJN3OWDUoyWxBf7kbu9DBPE=', 'Content-Length': 18, }, algorithm: 'rsa-sha256', }); } catch (err) { console.error(err); } ``` ## Contributing 1. [Fork it](http://github.com/3846masa/http-signature/fork) 2. Create your feature branch (`git checkout -b my-new-feature`) 3. Commit your changes (`git commit -am 'Add some feature'`) 4. Lint codes before pushing (`yarn lint`) 5. Push to the branch (`git push origin my-new-feature`) 6. Run tests before creating PR (`yarn test`) 7. Create new Pull Request PRs accepted. ## License [MIT (c) 3846masa](https://github.com/3846masa/http-signature/blob/master/LICENSE)