Skip to content
This repository has been archived by the owner on Apr 5, 2024. It is now read-only.

Commit

Permalink
Cleanup, lint
Browse files Browse the repository at this point in the history
  • Loading branch information
@hueniverse
hueniverse committed Jun 13, 2015
1 parent 1e8fe56 commit 1cefc96
Show file tree
Hide file tree
Showing 13 changed files with 2,118 additions and 1,869 deletions.
5 changes: 2 additions & 3 deletions README.md
View file
Expand Up @@ -3,10 +3,9 @@
<img align="right" src="https://raw.github.com/hueniverse/hawk/master/images/logo.png" /> **Hawk** is an HTTP authentication scheme using a message authentication code (MAC) algorithm to provide partial
HTTP request cryptographic verification. For more complex use cases such as access delegation, see [Oz](https://github.com/hueniverse/oz).

Current version: **2.3**
Current version: **3.x**

Note: 2.x is the same exact protocol as 1.1. The version increment reflects a change in the internal error format
used by the module and used by the node API.
Note: 3.x and 2.x are the same exact protocol as 1.1. The version increments reflect changes in the node API.

[![Build Status](https://secure.travis-ci.org/hueniverse/hawk.png)](http://travis-ci.org/hueniverse/hawk)

Expand Down
2 changes: 1 addition & 1 deletion example/usage.js
View file
Expand Up @@ -10,7 +10,7 @@ var Hawk = require('../lib');
var internals = {
credentials: {
dh37fgj492je: {
id: 'dh37fgj492je', // Required by Hawk.client.header
id: 'dh37fgj492je', // Required by Hawk.client.header
key: 'werxhqb98rpaxn39848xrunpaw3489ruxnpa98w4rxn',
algorithm: 'sha256',
user: 'Steve'
Expand Down
14 changes: 8 additions & 6 deletions lib/browser.js
View file
Expand Up @@ -238,18 +238,18 @@ hawk.client = {

// Parse HTTP WWW-Authenticate header

var attributes = hawk.utils.parseAuthorizationHeader(wwwAuthenticate, ['ts', 'tsm', 'error']);
if (!attributes) {
var wwwAttributes = hawk.utils.parseAuthorizationHeader(wwwAuthenticate, ['ts', 'tsm', 'error']);
if (!wwwAttributes) {
return false;
}

if (attributes.ts) {
var tsm = hawk.crypto.calculateTsMac(attributes.ts, credentials);
if (tsm !== attributes.tsm) {
if (wwwAttributes.ts) {
var tsm = hawk.crypto.calculateTsMac(wwwAttributes.ts, credentials);
if (tsm !== wwwAttributes.tsm) {
return false;
}

hawk.utils.setNtpOffset(attributes.ts - Math.floor((new Date()).getTime() / 1000)); // Keep offset at 1 second precision
hawk.utils.setNtpOffset(wwwAttributes.ts - Math.floor((new Date()).getTime() / 1000)); // Keep offset at 1 second precision
}
}

Expand Down Expand Up @@ -617,6 +617,7 @@ hawk.utils = {


// $lab:coverage:off$
/* eslint-disable */

// Based on: Crypto-JS v3.1.2
// Copyright (c) 2009-2013, Jeff Mott. All rights reserved.
Expand All @@ -638,4 +639,5 @@ if (typeof module !== 'undefined' && module.exports) {
module.exports = hawk;
}

/* eslint-enable */
// $lab:coverage:on$
10 changes: 5 additions & 5 deletions lib/client.js
View file
Expand Up @@ -153,16 +153,16 @@ exports.authenticate = function (res, credentials, artifacts, options) {

// Parse HTTP WWW-Authenticate header

var attributes = Utils.parseAuthorizationHeader(res.headers['www-authenticate'], ['ts', 'tsm', 'error']);
if (attributes instanceof Error) {
var wwwAttributes = Utils.parseAuthorizationHeader(res.headers['www-authenticate'], ['ts', 'tsm', 'error']);
if (wwwAttributes instanceof Error) {
return false;
}

// Validate server timestamp (not used to update clock since it is done via the SNPT client)

if (attributes.ts) {
var tsm = Crypto.calculateTsMac(attributes.ts, credentials);
if (tsm !== attributes.tsm) {
if (wwwAttributes.ts) {
var tsm = Crypto.calculateTsMac(wwwAttributes.ts, credentials);
if (tsm !== wwwAttributes.tsm) {
return false;
}
}
Expand Down
12 changes: 9 additions & 3 deletions lib/server.js
View file
Expand Up @@ -88,7 +88,7 @@ exports.authenticate = function (req, credentialsFunc, options, callback) {

// Default options

options.nonceFunc = options.nonceFunc || function (key, nonce, ts, nonceCallback) { return nonceCallback(); }; // No validation
options.nonceFunc = options.nonceFunc || internals.nonceFunc;
options.timestampSkewSec = options.timestampSkewSec || 60; // 60 seconds

// Application time
Expand Down Expand Up @@ -448,7 +448,7 @@ exports.authenticateMessage = function (host, port, message, authorization, cred

// Default options

options.nonceFunc = options.nonceFunc || function (key, nonce, ts, nonceCallback) { return nonceCallback(); }; // No validation
options.nonceFunc = options.nonceFunc || internals.nonceFunc;
options.timestampSkewSec = options.timestampSkewSec || 60; // 60 seconds

// Application time
Expand All @@ -463,7 +463,7 @@ exports.authenticateMessage = function (host, port, message, authorization, cred
!authorization.hash ||
!authorization.mac) {

return callback(Boom.badRequest('Invalid authorization'))
return callback(Boom.badRequest('Invalid authorization'));
}

// Fetch Hawk credentials
Expand Down Expand Up @@ -532,3 +532,9 @@ exports.authenticateMessage = function (host, port, message, authorization, cred
});
});
};


internals.nonceFunc = function (key, nonce, ts, nonceCallback) {

return nonceCallback(); // No validation
};
2 changes: 1 addition & 1 deletion lib/utils.js
View file
Expand Up @@ -60,7 +60,7 @@ exports.parseRequest = function (req, options) {
if (!req.headers) {
return req;
}

// Obtain host and port information

if (!options.host || !options.port) {
Expand Down
44 changes: 25 additions & 19 deletions test/browser.js
View file
Expand Up @@ -82,7 +82,7 @@ describe('Browser', function () {
});
});

describe('#bewit', function () {
describe('bewit()', function () {

it('returns a valid bewit value', function (done) {

Expand Down Expand Up @@ -516,7 +516,7 @@ describe('Browser', function () {

var localStorage = new Browser.internals.LocalStorage();

Browser.utils.setStorage(localStorage)
Browser.utils.setStorage(localStorage);

Browser.utils.setNtpOffset(60 * 60 * 1000);
var header = Browser.client.header('http://example.com:8080/resource/4?filter=a', req.method, { credentials: credentials, ext: 'some-app-data' });
Expand Down Expand Up @@ -741,7 +741,7 @@ describe('Browser', function () {

describe('client', function () {

describe('#header', function () {
describe('header()', function () {

it('returns a valid authorization header (sha1)', function (done) {

Expand Down Expand Up @@ -950,7 +950,7 @@ describe('Browser', function () {
});
});

describe('#authenticate', function () {
describe('authenticate()', function () {

it('skips tsm validation when missing ts', function (done) {

Expand Down Expand Up @@ -1119,7 +1119,7 @@ describe('Browser', function () {
});
});

describe('#message', function () {
describe('message()', function () {

it('generates an authorization then successfully parse it', function (done) {

Expand Down Expand Up @@ -1270,7 +1270,7 @@ describe('Browser', function () {
});
});

describe('#authenticateTimestamp', function (done) {
describe('authenticateTimestamp()', function (done) {

it('validates a timestamp', function (done) {

Expand Down Expand Up @@ -1342,7 +1342,7 @@ describe('Browser', function () {

describe('utils', function () {

describe('#setStorage', function () {
describe('setStorage()', function () {

it('sets storage for the first time', function (done) {

Expand All @@ -1358,29 +1358,37 @@ describe('Browser', function () {
});
});

describe('#setNtpOffset', function (done) {
describe('setNtpOffset()', function (done) {

it('catches localStorage errors', function (done) {
it('catches localStorage errors', { parallel: false }, function (done) {

var orig = Browser.utils.storage.setItem;
var error = console.error;
var consoleOrig = console.error;
var count = 0;
console.error = function () { if (count++ === 2) { console.error = error; } };
console.error = function () {

if (count++ === 2) {

console.error = consoleOrig;
}
};

Browser.utils.storage.setItem = function () {

Browser.utils.storage.setItem = orig;
throw new Error()
throw new Error();
};

expect(function () {

Browser.utils.setNtpOffset(100);
}).not.to.throw();

done();
});
});

describe('#parseAuthorizationHeader', function (done) {
describe('parseAuthorizationHeader()', function (done) {

it('returns null on missing header', function (done) {

Expand Down Expand Up @@ -1419,7 +1427,7 @@ describe('Browser', function () {
});
});

describe('#parseUri', function () {
describe('parseUri()', function () {

it('returns empty port when unknown scheme', function (done) {

Expand All @@ -1436,18 +1444,16 @@ describe('Browser', function () {
});
});

var str = "https://www.google.ca/webhp?sourceid=chrome-instant&ion=1&espv=2&ie=UTF-8#q=url";
var base64str = "aHR0cHM6Ly93d3cuZ29vZ2xlLmNhL3dlYmhwP3NvdXJjZWlkPWNocm9tZS1pbnN0YW50Jmlvbj0xJmVzcHY9MiZpZT1VVEYtOCNxPXVybA";
var str = 'https://www.google.ca/webhp?sourceid=chrome-instant&ion=1&espv=2&ie=UTF-8#q=url';
var base64str = 'aHR0cHM6Ly93d3cuZ29vZ2xlLmNhL3dlYmhwP3NvdXJjZWlkPWNocm9tZS1pbnN0YW50Jmlvbj0xJmVzcHY9MiZpZT1VVEYtOCNxPXVybA';

describe('#base64urlEncode', function () {
describe('base64urlEncode()', function () {

it('should base64 URL-safe decode a string', function (done) {

expect(Browser.utils.base64urlEncode(str)).to.equal(base64str);
done();
});

});

});
});

0 comments on commit 1cefc96

Please sign in to comment.