@socialtip/asset-proxy-url-parser 0.5.0 → 0.7.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/crypto.js.map +1 -1
- package/dist/error.d.ts +4 -1
- package/dist/error.js +4 -1
- package/dist/error.js.map +1 -1
- package/dist/index.d.ts +5 -5
- package/dist/index.js +4 -4
- package/dist/index.js.map +1 -1
- package/dist/info-parse.js.map +1 -1
- package/dist/parse.d.ts +2 -1
- package/dist/parse.js +14 -3
- package/dist/parse.js.map +1 -1
- package/dist/signature.js.map +1 -1
- package/package.json +6 -3
- package/CHANGELOG.md +0 -39
- package/src/crypto.ts +0 -53
- package/src/error.ts +0 -23
- package/src/index.ts +0 -36
- package/src/info-parse.ts +0 -275
- package/src/parse.ts +0 -1426
- package/src/signature.ts +0 -59
- package/tsconfig.build.json +0 -8
- package/tsconfig.json +0 -17
package/src/signature.ts
DELETED
|
@@ -1,59 +0,0 @@
|
|
|
1
|
-
import { createHmac, timingSafeEqual } from "node:crypto";
|
|
2
|
-
import { HTTPError } from "./error.js";
|
|
3
|
-
|
|
4
|
-
export interface SignatureOptions {
|
|
5
|
-
signingKey?: Buffer;
|
|
6
|
-
signingSalt?: Buffer;
|
|
7
|
-
}
|
|
8
|
-
|
|
9
|
-
/**
|
|
10
|
-
* Verifies the HMAC-SHA256 signature of a request path.
|
|
11
|
-
*
|
|
12
|
-
* The signature is the first path segment. When signingKey / signingSalt are
|
|
13
|
-
* not provided the segment is structurally required but any value is accepted.
|
|
14
|
-
* When keys are provided the signature is validated as a URL-safe Base64
|
|
15
|
-
* encoded HMAC-SHA256 digest of: salt + rest_of_path.
|
|
16
|
-
*/
|
|
17
|
-
export function verifySignature(
|
|
18
|
-
path: string,
|
|
19
|
-
options?: SignatureOptions,
|
|
20
|
-
): string {
|
|
21
|
-
const withoutLeadingSlash = path.slice(1);
|
|
22
|
-
const slashIdx = withoutLeadingSlash.indexOf("/");
|
|
23
|
-
if (slashIdx === -1) {
|
|
24
|
-
throw new HTTPError("Invalid URL: missing path segments", {
|
|
25
|
-
code: "BAD_REQUEST",
|
|
26
|
-
});
|
|
27
|
-
}
|
|
28
|
-
|
|
29
|
-
const signature = withoutLeadingSlash.slice(0, slashIdx);
|
|
30
|
-
const restOfPath = withoutLeadingSlash.slice(slashIdx); // includes leading /
|
|
31
|
-
|
|
32
|
-
if (!options?.signingKey || !options?.signingSalt) {
|
|
33
|
-
return restOfPath;
|
|
34
|
-
}
|
|
35
|
-
|
|
36
|
-
const expected = sign(restOfPath, options.signingKey, options.signingSalt);
|
|
37
|
-
|
|
38
|
-
const sigBuf = Buffer.from(signature, "base64url");
|
|
39
|
-
const expectedBuf = Buffer.from(expected, "base64url");
|
|
40
|
-
|
|
41
|
-
if (
|
|
42
|
-
sigBuf.length !== expectedBuf.length ||
|
|
43
|
-
!timingSafeEqual(sigBuf, expectedBuf)
|
|
44
|
-
) {
|
|
45
|
-
throw new HTTPError("Invalid signature", {
|
|
46
|
-
code: "FORBIDDEN",
|
|
47
|
-
});
|
|
48
|
-
}
|
|
49
|
-
|
|
50
|
-
return restOfPath;
|
|
51
|
-
}
|
|
52
|
-
|
|
53
|
-
/** Generates a URL-safe Base64 HMAC-SHA256 signature for the given path. */
|
|
54
|
-
export function sign(path: string, key: Buffer, salt: Buffer): string {
|
|
55
|
-
const hmac = createHmac("sha256", key);
|
|
56
|
-
hmac.update(salt);
|
|
57
|
-
hmac.update(path);
|
|
58
|
-
return hmac.digest("base64url");
|
|
59
|
-
}
|
package/tsconfig.build.json
DELETED
package/tsconfig.json
DELETED
|
@@ -1,17 +0,0 @@
|
|
|
1
|
-
{
|
|
2
|
-
"compilerOptions": {
|
|
3
|
-
"target": "ES2022",
|
|
4
|
-
"module": "Node16",
|
|
5
|
-
"moduleResolution": "Node16",
|
|
6
|
-
"outDir": "dist",
|
|
7
|
-
"strict": true,
|
|
8
|
-
"esModuleInterop": true,
|
|
9
|
-
"skipLibCheck": true,
|
|
10
|
-
"forceConsistentCasingInFileNames": true,
|
|
11
|
-
"declaration": true,
|
|
12
|
-
"paths": {
|
|
13
|
-
"@/*": ["./src/*"]
|
|
14
|
-
}
|
|
15
|
-
},
|
|
16
|
-
"include": ["src"]
|
|
17
|
-
}
|