ims-lti/lib/hmac-sha1.js

Module for building an LTI Tool Provider and accept LTI launch requests

// Generated by CoffeeScript 1.10.0
(function() {
  var HMAC_SHA1, _clean_request_body, crypto, exports, url, utils;

  crypto = require('crypto');

  url = require('url');

  utils = require('./utils');

  _clean_request_body = function(body, query) {
    var cleanParams, encodeParam, out;
    out = [];
    encodeParam = function(key, val) {
      return key + "=" + (utils.special_encode(val));
    };
    cleanParams = function(params) {
      var i, key, len, val, vals;
      if (typeof params !== 'object') {
        return;
      }
      for (key in params) {
        vals = params[key];
        if (key === 'oauth_signature') {
          continue;
        }
        if (Array.isArray(vals) === true) {
          for (i = 0, len = vals.length; i < len; i++) {
            val = vals[i];
            out.push(encodeParam(key, val));
          }
        } else {
          out.push(encodeParam(key, vals));
        }
      }
    };
    cleanParams(body);
    cleanParams(query);
    return utils.special_encode(out.sort().join('&'));
  };

  HMAC_SHA1 = (function() {
    function HMAC_SHA1() {}

    HMAC_SHA1.prototype.toString = function() {
      return 'HMAC_SHA1';
    };

    HMAC_SHA1.prototype.build_signature_raw = function(req_url, parsed_url, method, params, consumer_secret, token) {
      var sig;
      sig = [method.toUpperCase(), utils.special_encode(req_url), _clean_request_body(params, parsed_url.query)];
      return this.sign_string(sig.join('&'), consumer_secret, token);
    };

    HMAC_SHA1.prototype.build_signature = function(req, body, consumer_secret, token) {
      var encrypted, hapiRawReq, hitUrl, originalUrl, parsedUrl, protocol;
      hapiRawReq = req.raw && req.raw.req;
      if (hapiRawReq) {
        req = hapiRawReq;
      }
      originalUrl = req.originalUrl || req.url;
      protocol = req.protocol;
      if (body.tool_consumer_info_product_family_code === 'canvas') {
        originalUrl = url.parse(originalUrl).pathname;
      }
      if (protocol === void 0) {
        encrypted = req.connection.encrypted;
        protocol = (encrypted && 'https') || 'http';
      }
      parsedUrl = url.parse(originalUrl, true);
      hitUrl = protocol + '://' + req.headers.host + parsedUrl.pathname;
      return this.build_signature_raw(hitUrl, parsedUrl, req.method, body, consumer_secret, token);
    };

    HMAC_SHA1.prototype.sign_string = function(str, key, token) {
      key = key + "&";
      if (token) {
        key += token;
      }
      return crypto.createHmac('sha1', key).update(str).digest('base64');
    };

    return HMAC_SHA1;

  })();

  exports = module.exports = HMAC_SHA1;

}).call(this);