authenticatePayloadHash()

lib/server.js

@@ -219,6 +219,19 @@ exports.authenticatePayload = function (payload, credentials, artifacts, content
 };
 
 
+// Authenticate payload hash - used when payload cannot be provided during authenticate()
+
+/*
+    calculatedHash: the payload hash calculated using Crypto.calculatePayloadHash()
+    artifacts:      from authenticate callback
+*/
+
+exports.authenticatePayloadHash = function (calculatedHash, artifacts) {
+
+    return Cryptiles.fixedTimeComparison(calculatedHash, artifacts.hash);
+};
+
+
 // Generate a Server-Authorization header for a given response
 
 /*

package.json

@@ -1,7 +1,7 @@
 {
   "name": "hawk",
   "description": "HTTP Hawk Authentication Scheme",
-  "version": "2.0.0",
+  "version": "2.1.0",
   "author": "Eran Hammer <eran@hueniverse.com> (http://hueniverse.com)",
   "contributors": [],
   "repository": "git://github.com/hueniverse/hawk",

test/server.js

@@ -682,5 +682,15 @@ describe('Hawk', function () {
                 done();
             });
         });
+
+        describe('#authenticatePayloadHash', function () {
+
+            it('checks payload hash', function (done) {
+
+                expect(Hawk.server.authenticatePayloadHash('abcdefg', { hash: 'abcdefg' })).to.equal(true);
+                expect(Hawk.server.authenticatePayloadHash('1234567', { hash: 'abcdefg' })).to.equal(false);
+                done();
+            });
+        });
     });
 });