@meru2802/aux-server 1.0.23 → 1.0.24
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
|
@@ -45,10 +45,13 @@ class AuthMiddleware extends BaseMiddleware_1.BaseMiddleware {
|
|
|
45
45
|
constructor(serviceContainer) {
|
|
46
46
|
super(serviceContainer);
|
|
47
47
|
this.hmacAuth = (req, res, next) => {
|
|
48
|
+
var _a;
|
|
48
49
|
try {
|
|
49
50
|
const signature = req.headers["x-hmac-signature"];
|
|
50
51
|
const timestamp = req.headers["x-hmac-timestamp"];
|
|
51
52
|
const nonce = req.headers["x-hmac-nonce"];
|
|
53
|
+
const hostname = ((_a = req.headers.host) === null || _a === void 0 ? void 0 : _a.trim()) || req.hostname.trim();
|
|
54
|
+
console.log(`Request hostname: ${hostname}`);
|
|
52
55
|
if (!signature || !timestamp || !nonce) {
|
|
53
56
|
const unauthorizedResponse = {
|
|
54
57
|
error: "UnauthorizedException",
|
|
@@ -127,8 +130,6 @@ class AuthMiddleware extends BaseMiddleware_1.BaseMiddleware {
|
|
|
127
130
|
return;
|
|
128
131
|
}
|
|
129
132
|
console.log(`HMAC Body hash: ${bodyHash}`);
|
|
130
|
-
console.log(`HMAC req.hostname: "${req.hostname}"`);
|
|
131
|
-
console.log(`HMAC req.headers.host: "${req.headers.host}"`);
|
|
132
133
|
let message;
|
|
133
134
|
try {
|
|
134
135
|
message = [
|
|
@@ -136,7 +137,7 @@ class AuthMiddleware extends BaseMiddleware_1.BaseMiddleware {
|
|
|
136
137
|
req.originalUrl,
|
|
137
138
|
timestamp,
|
|
138
139
|
nonce,
|
|
139
|
-
`content-type:application/json;host:${
|
|
140
|
+
`content-type:application/json;host:${hostname}`,
|
|
140
141
|
bodyHash,
|
|
141
142
|
].join("\n");
|
|
142
143
|
console.log(`HMAC Message: ${message}`);
|