@hardenlabs/hmac 0.1.0 → 0.1.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (2) hide show
  1. package/README.md +82 -0
  2. package/package.json +15 -2
package/README.md ADDED
@@ -0,0 +1,82 @@
1
+ # @hardenlabs/hmac
2
+
3
+ Cross-language HMAC-SHA256 request signing with a defined canonical string format. Guaranteed identical signatures across C#, Python, TypeScript, and Go.
4
+
5
+ ## Installation
6
+
7
+ ```bash
8
+ npm install @hardenlabs/hmac
9
+ ```
10
+
11
+ ## Quick Start — Server (Express)
12
+
13
+ ```typescript
14
+ import express from "express";
15
+ import { createHmacConfig, hardenHmacMiddleware } from "@hardenlabs/hmac";
16
+
17
+ const config = createHmacConfig("your-base64-encoded-secret", {
18
+ timestampToleranceSeconds: 30,
19
+ clients: {
20
+ "order-service": { sharedSecret: "orders-base64-secret" },
21
+ },
22
+ });
23
+
24
+ const app = express();
25
+ // IMPORTANT: Use express.text(), NOT express.json()
26
+ app.use(express.text({ type: "*/*" }));
27
+ app.use(hardenHmacMiddleware(config));
28
+
29
+ app.get("/api/hello", (_req, res) => {
30
+ res.json({ message: "Authenticated!" });
31
+ });
32
+
33
+ app.listen(3000);
34
+ ```
35
+
36
+ ## Quick Start — Client (fetch)
37
+
38
+ ```typescript
39
+ import { createHmacConfig, createHmacClientFactory } from "@hardenlabs/hmac";
40
+
41
+ const config = createHmacConfig("your-base64-encoded-secret", {
42
+ targets: {
43
+ "my-service": {
44
+ baseUrl: "https://api.example.com",
45
+ sharedSecret: "your-base64-encoded-secret",
46
+ },
47
+ },
48
+ });
49
+
50
+ const factory = createHmacClientFactory(config);
51
+ const client = factory.createClient("my-service");
52
+ const response = await client.get("/api/hello"); // automatically signed
53
+ const data = await response.json();
54
+ ```
55
+
56
+ ## Quick Start — Client (axios)
57
+
58
+ ```typescript
59
+ import axios from "axios";
60
+ import { createHmacConfig, createHmacClientFactory } from "@hardenlabs/hmac";
61
+
62
+ const config = createHmacConfig("your-base64-encoded-secret", {
63
+ targets: {
64
+ "my-service": {
65
+ baseUrl: "https://api.example.com",
66
+ sharedSecret: "your-base64-encoded-secret",
67
+ },
68
+ },
69
+ });
70
+
71
+ const factory = createHmacClientFactory(config, { axios: axios.create() });
72
+ const client = factory.createClient("my-service");
73
+ const response = await client.get("/api/hello"); // automatically signed
74
+ ```
75
+
76
+ ## Documentation
77
+
78
+ Full documentation, canonical string specification, and cross-language compatibility details: [github.com/HardenLabs/HardenHMAC](https://github.com/HardenLabs/HardenHMAC)
79
+
80
+ ## License
81
+
82
+ [Apache License 2.0](https://github.com/HardenLabs/HardenHMAC/blob/main/LICENSE)
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@hardenlabs/hmac",
3
- "version": "0.1.0",
3
+ "version": "0.1.2",
4
4
  "description": "Cross-language HMAC-SHA256 request signing with a defined canonical string format.",
5
5
  "type": "module",
6
6
  "main": "./dist/index.js",
@@ -12,8 +12,21 @@
12
12
  }
13
13
  },
14
14
  "license": "Apache-2.0",
15
+ "keywords": [
16
+ "hmac",
17
+ "authentication",
18
+ "signing",
19
+ "security",
20
+ "cross-language",
21
+ "middleware",
22
+ "express",
23
+ "fetch",
24
+ "axios"
25
+ ],
26
+ "homepage": "https://github.com/HardenLabs/HardenHMAC",
15
27
  "files": [
16
- "dist"
28
+ "dist",
29
+ "README.md"
17
30
  ],
18
31
  "scripts": {
19
32
  "build": "tsc",