sinch-rtc/npm/src/ocra/auth/SignatureV1.js

RTC JavaScript/Web SDK

"use strict";
Object.defineProperty(exports, "__esModule", { value: true });
exports.SignatureV1 = void 0;
const utils_1 = require("../../utils/");
class SignatureV1 {
    /**
     * Returns a full signature for given request
     */
    static signature(request, secret) {
        const sinchDate = request.headers[SignatureV1.XSinDateHeader];
        const canonicalRequest = SignatureV1.buildCanonicalRequest(request);
        const stringToSign = SignatureV1.buildStringToSign(canonicalRequest, sinchDate);
        const signingKey = SignatureV1.deriveSigningKey(sinchDate, secret);
        return SignatureV1.computeSignature(signingKey, stringToSign);
    }
    /**
     * Returns canonical request built according to AWS requirements
     */
    static buildCanonicalRequest(request) {
        const cr = [];
        cr.push(request.method.toUpperCase());
        cr.push("\n");
        cr.push(SignatureV1.buildCanonicalURI(request.url.pathname));
        cr.push("\n");
        cr.push("\n");
        cr.push(SignatureV1.buildCanonicalRequiredHeaders(request));
        cr.push("\n");
        cr.push(SignatureV1.buildRequestBodyHash(request.content));
        return cr.join("");
    }
    static buildCanonicalURI(uri) {
        if (!uri) {
            return "/";
        }
        const segments = uri.split("/");
        const encSegments = [];
        for (const s of segments) {
            encSegments.push(encodeURIComponent(s));
        }
        return encSegments.join("/");
    }
    static buildCanonicalRequiredHeaders(request) {
        const crh = [];
        const method = request.method.toUpperCase();
        const requiredHeaders = [SignatureV1.XSinDateHeader];
        if (method === "POST" || method === "PUT" || method === "PATCH") {
            requiredHeaders.push("Content-Type");
        }
        for (const h of requiredHeaders.sort()) {
            const value = request.headers[h];
            if (value) {
                crh.push(h.toLowerCase());
                crh.push(":");
                crh.push(value.replace(/\s{2,}/g, " "));
                crh.push("\n");
            }
        }
        return crh.join("");
    }
    static buildRequestBodyHash(body) {
        if (!body) {
            return SignatureV1.emptyRequestBodySha256;
        }
        else {
            const data = utils_1.CryptoHelper.convertUTF8ToByteArray(body);
            return utils_1.CryptoHelper.convertByteArrayToHex(utils_1.CryptoHelper.SHA256FromByteArray(data));
        }
    }
    static buildStringToSign(canonicalRequest, sinchDate) {
        const sts = [];
        const crBytes = utils_1.CryptoHelper.convertUTF8ToByteArray(canonicalRequest);
        sts.push(sinchDate);
        sts.push("\n");
        sts.push(utils_1.CryptoHelper.convertByteArrayToHex(utils_1.CryptoHelper.SHA256FromByteArray(crBytes)));
        return sts.join("");
    }
    static deriveSigningKey(sinchDate, secret) {
        return utils_1.CryptoHelper.HMAC_SHA256(sinchDate, secret);
    }
    static computeSignature(signingKey, stringToSign) {
        const signingResult = utils_1.CryptoHelper.HMAC_SHA256(stringToSign, signingKey);
        return utils_1.CryptoHelper.convertByteArrayToHex(signingResult);
    }
    static sortObject(o) {
        const sorted = {};
        for (const k of Object.keys(o).sort((a, b) => a.localeCompare(b))) {
            sorted[k] = o[k];
        }
        return sorted;
    }
}
exports.SignatureV1 = SignatureV1;
SignatureV1.emptyRequestBodySha256 = "e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855";
SignatureV1.XSinDateHeader = "x-sin-date";
//# sourceMappingURL=SignatureV1.js.map