@upstash/qstash 0.0.5 → 0.0.8

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (5) hide show
  1. package/esm/consumer.js +2 -2
  2. package/esm/entrypoints/nextjs.js +2 -1
  3. package/package.json +1 -1
  4. package/script/consumer.js +2 -2
  5. package/script/entrypoints/nextjs.js +2 -1
package/esm/consumer.js CHANGED
@@ -63,7 +63,7 @@ export class Consumer {
63
63
  throw new SignatureError(`invalid issuer: ${p.iss}`);
64
64
  }
65
65
  if (p.sub !== req.url) {
66
- throw new SignatureError(`invalid subject: ${p.sub}`);
66
+ throw new SignatureError(`invalid subject: ${p.sub}, want: ${req.url}`);
67
67
  }
68
68
  const now = Math.floor(Date.now() / 1000);
69
69
  if (now > p.exp) {
@@ -75,7 +75,7 @@ export class Consumer {
75
75
  }
76
76
  const bodyHash = await dntShim.crypto.subtle.digest("SHA-256", new TextEncoder().encode(req.body));
77
77
  if (p.body != base64.encode(bodyHash)) {
78
- throw new SignatureError("body hash does not match");
78
+ throw new SignatureError(`body hash does not match, want: ${p.body}, got: ${base64.encode(bodyHash)}`);
79
79
  }
80
80
  return true;
81
81
  }
package/esm/entrypoints/nextjs.js CHANGED
@@ -24,7 +24,8 @@ export function verifySignature(handler, config) {
24
24
  throw new Error("`Upstash-Signature` header is not a string");
25
25
  }
26
26
  const body = (await buffer(req)).toString();
27
- const url = new URL(req.url, `http://${req.headers.host}`).href;
27
+ const url = new URL(req.url, `https://${req.headers.host}`).href;
28
+ console.log({ reqUrl: req.url, url });
28
29
  const isValid = await consumer.verify({ signature, body, url });
29
30
  if (!isValid) {
30
31
  res.status(400);
package/package.json CHANGED
@@ -3,7 +3,7 @@
3
3
  "main": "./script/entrypoints/nextjs.js",
4
4
  "types": "./types/entrypoints/nextjs.d.ts",
5
5
  "name": "@upstash/qstash",
6
- "version": "v0.0.5",
6
+ "version": "v0.0.8",
7
7
  "description": "Official Deno/Typescript client for qStash",
8
8
  "repository": {
9
9
  "type": "git",
package/script/consumer.js CHANGED
@@ -90,7 +90,7 @@ class Consumer {
90
90
  throw new SignatureError(`invalid issuer: ${p.iss}`);
91
91
  }
92
92
  if (p.sub !== req.url) {
93
- throw new SignatureError(`invalid subject: ${p.sub}`);
93
+ throw new SignatureError(`invalid subject: ${p.sub}, want: ${req.url}`);
94
94
  }
95
95
  const now = Math.floor(Date.now() / 1000);
96
96
  if (now > p.exp) {
@@ -102,7 +102,7 @@ class Consumer {
102
102
  }
103
103
  const bodyHash = await dntShim.crypto.subtle.digest("SHA-256", new TextEncoder().encode(req.body));
104
104
  if (p.body != base64.encode(bodyHash)) {
105
- throw new SignatureError("body hash does not match");
105
+ throw new SignatureError(`body hash does not match, want: ${p.body}, got: ${base64.encode(bodyHash)}`);
106
106
  }
107
107
  return true;
108
108
  }
package/script/entrypoints/nextjs.js CHANGED
@@ -27,7 +27,8 @@ function verifySignature(handler, config) {
27
27
  throw new Error("`Upstash-Signature` header is not a string");
28
28
  }
29
29
  const body = (await (0, micro_1.buffer)(req)).toString();
30
- const url = new URL(req.url, `http://${req.headers.host}`).href;
30
+ const url = new URL(req.url, `https://${req.headers.host}`).href;
31
+ console.log({ reqUrl: req.url, url });
31
32
  const isValid = await consumer.verify({ signature, body, url });
32
33
  if (!isValid) {
33
34
  res.status(400);