hbsig 0.1.3 → 0.1.5

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (5) hide show
  1. package/cjs/httpsig.js +191 -84
  2. package/cjs/structured.js +285 -60
  3. package/esm/httpsig.js +145 -24
  4. package/esm/structured.js +276 -48
  5. package/package.json +1 -1
package/cjs/httpsig.js CHANGED
@@ -5,10 +5,11 @@ Object.defineProperty(exports, "__esModule", {
5
5
  });
6
6
  exports.httpsig_from = httpsig_from;
7
7
  exports.httpsig_to = httpsig_to;
8
+ exports.structured_from = structured_from;
9
+ exports.structured_to = structured_to;
8
10
  var _crypto = _interopRequireDefault(require("crypto"));
9
11
  var _flat = require("./flat.js");
10
12
  function _interopRequireDefault(e) { return e && e.__esModule ? e : { "default": e }; }
11
- function _toArray(r) { return _arrayWithHoles(r) || _iterableToArray(r) || _unsupportedIterableToArray(r) || _nonIterableRest(); }
12
13
  function _toConsumableArray(r) { return _arrayWithoutHoles(r) || _iterableToArray(r) || _unsupportedIterableToArray(r) || _nonIterableSpread(); }
13
14
  function _nonIterableSpread() { throw new TypeError("Invalid attempt to spread non-iterable instance.\nIn order to be iterable, non-array objects must have a [Symbol.iterator]() method."); }
14
15
  function _iterableToArray(r) { if ("undefined" != typeof Symbol && null != r[Symbol.iterator] || null != r["@@iterator"]) return Array.from(r); }
@@ -342,7 +343,22 @@ function encodeBodyPart(partName, bodyPart, inlineKey) {
342
343
  return "";
343
344
  }
344
345
 
345
- // Parse multipart body
346
+ // Helper to detect if a string contains binary data
347
+ function isBinaryData(str) {
348
+ // Check first 100 chars for binary indicators
349
+ for (var i = 0; i < Math.min(str.length, 100); i++) {
350
+ var code = str.charCodeAt(i);
351
+ // Non-printable chars (except CR/LF/TAB)
352
+ if (code < 32 && code !== 9 && code !== 10 && code !== 13) return true;
353
+ // High byte range that's not valid text
354
+ if (code > 126 && code < 160) return true;
355
+ // Null byte is definitely binary
356
+ if (code === 0) return true;
357
+ }
358
+ return false;
359
+ }
360
+
361
+ // Parse multipart body - handles binary data in headers
346
362
  function parseMultipart(contentType, body) {
347
363
  var boundaryMatch = contentType.match(/boundary="?([^";\s]+)"?/);
348
364
  if (!boundaryMatch) return {};
@@ -350,8 +366,8 @@ function parseMultipart(contentType, body) {
350
366
  var boundaryDelim = "--".concat(boundary);
351
367
  var endBoundary = "--".concat(boundary, "--");
352
368
 
353
- // Remove the final boundary terminator if present
354
- var bodyContent = body;
369
+ // Use binary encoding to preserve all bytes as character codes 0-255
370
+ var bodyContent = typeof body === "string" ? body : body.toString("binary");
355
371
  if (bodyContent.endsWith(endBoundary)) {
356
372
  bodyContent = bodyContent.substring(0, bodyContent.lastIndexOf(endBoundary));
357
373
  }
@@ -365,59 +381,137 @@ function parseMultipart(contentType, body) {
365
381
  try {
366
382
  for (_iterator3.s(); !(_step3 = _iterator3.n()).done;) {
367
383
  var part = _step3.value;
368
- var _part$split = part.split(DOUBLE_CRLF),
369
- _part$split2 = _toArray(_part$split),
370
- headerBlock = _part$split2[0],
371
- bodyParts = _part$split2.slice(1);
372
- var partBody = bodyParts.join(DOUBLE_CRLF);
373
-
374
- // Remove trailing CRLF
375
- partBody = partBody.replace(/\r?\n?$/, "");
384
+ // First split to find the headers/body boundary (double CRLF)
385
+ var headerBodySplit = part.indexOf(DOUBLE_CRLF);
386
+ var headerBlock = void 0,
387
+ partBody = void 0;
388
+ if (headerBodySplit !== -1) {
389
+ headerBlock = part.substring(0, headerBodySplit);
390
+ partBody = part.substring(headerBodySplit + DOUBLE_CRLF.length);
391
+ // Remove trailing CRLF from body
392
+ partBody = partBody.replace(/\r?\n?$/, "");
393
+ } else {
394
+ headerBlock = part;
395
+ partBody = "";
396
+ }
376
397
  var headers = {};
377
- var headerLines = headerBlock.split(/\r?\n/);
378
- var _iterator4 = _createForOfIteratorHelper(headerLines),
379
- _step4;
380
- try {
381
- for (_iterator4.s(); !(_step4 = _iterator4.n()).done;) {
382
- var line = _step4.value;
383
- var colonIndex = line.indexOf(": ");
384
- if (colonIndex > 0) {
385
- var name = line.substring(0, colonIndex).toLowerCase();
386
- var value = line.substring(colonIndex + 2);
387
- headers[name] = value;
398
+
399
+ // Parse headers more carefully to handle binary data
400
+ var currentPos = 0;
401
+ while (currentPos < headerBlock.length) {
402
+ // Find next line ending (but be careful with binary data)
403
+ var lineEnd = headerBlock.indexOf("\r\n", currentPos);
404
+ if (lineEnd === -1) lineEnd = headerBlock.indexOf("\n", currentPos);
405
+ if (lineEnd === -1) lineEnd = headerBlock.length;
406
+ var line = headerBlock.substring(currentPos, lineEnd);
407
+ var colonIndex = line.indexOf(": ");
408
+ if (colonIndex > 0) {
409
+ var name = line.substring(0, colonIndex).toLowerCase();
410
+ var value = line.substring(colonIndex + 2);
411
+
412
+ // Special handling for known binary fields or detected binary data
413
+ if (name === "owner" || name === "signature") {
414
+ // These fields contain binary data that may have embedded newlines
415
+ // We need to read until we find the next header or end of headers
416
+ var valueStart = currentPos + colonIndex + 2;
417
+
418
+ // Look ahead to find where this field really ends
419
+ // The next header will start with a valid header name followed by ": "
420
+ var searchPos = valueStart;
421
+ var valueEnd = headerBlock.length;
422
+
423
+ // Look for the next valid header pattern
424
+ while (searchPos < headerBlock.length) {
425
+ var nextNewline = headerBlock.indexOf("\n", searchPos);
426
+ if (nextNewline === -1) break;
427
+
428
+ // Check if what follows looks like a header
429
+ var nextLineStart = nextNewline + 1;
430
+ var nextColon = headerBlock.indexOf(":", nextLineStart);
431
+
432
+ // Valid header should have colon relatively close to line start
433
+ if (nextColon > nextLineStart && nextColon < nextLineStart + 50) {
434
+ // Check if the text before colon looks like a header name (ASCII text)
435
+ var possibleHeaderName = headerBlock.substring(nextLineStart, nextColon);
436
+ var looksLikeHeader = /^[a-zA-Z0-9-]+$/.test(possibleHeaderName);
437
+ if (looksLikeHeader) {
438
+ // Found the next header, value ends at the newline before it
439
+ valueEnd = nextNewline;
440
+ break;
441
+ }
442
+ }
443
+ searchPos = nextNewline + 1;
444
+ }
445
+
446
+ // Extract the full value, trimming any trailing whitespace
447
+ value = headerBlock.substring(valueStart, valueEnd);
448
+
449
+ // Remove trailing CR if present (since we found the LF)
450
+ if (value.endsWith("\r")) {
451
+ value = value.substring(0, value.length - 1);
452
+ }
453
+
454
+ // Convert to Buffer to preserve binary
455
+ headers[name] = Buffer.from(value, "binary");
456
+ currentPos = valueEnd + 1;
457
+ } else {
458
+ // Regular text field
459
+ if (isBinaryData(value)) {
460
+ headers[name] = Buffer.from(value, "binary");
461
+ } else {
462
+ headers[name] = value;
463
+ }
464
+ currentPos = lineEnd + (headerBlock[lineEnd] === "\r" ? 2 : 1);
388
465
  }
466
+ } else {
467
+ // No colon found, skip this line
468
+ currentPos = lineEnd + (headerBlock[lineEnd] === "\r" ? 2 : 1);
389
469
  }
390
- } catch (err) {
391
- _iterator4.e(err);
392
- } finally {
393
- _iterator4.f();
394
470
  }
395
471
  var disposition = headers["content-disposition"];
396
472
  if (!disposition) continue;
397
473
  var partName = void 0;
398
474
  if (disposition === "inline") {
475
+ // This is the inline part
399
476
  partName = "body";
400
477
  bodyKeysList.push("body");
478
+
479
+ // Extract all headers from inline part as top-level fields
480
+ var restHeaders = _objectSpread({}, headers);
481
+ delete restHeaders["content-disposition"];
482
+
483
+ // Add each header from the inline part to the top level of result
484
+ for (var _i8 = 0, _Object$entries8 = Object.entries(restHeaders); _i8 < _Object$entries8.length; _i8++) {
485
+ var _Object$entries8$_i = _slicedToArray(_Object$entries8[_i8], 2),
486
+ key = _Object$entries8$_i[0],
487
+ _value2 = _Object$entries8$_i[1];
488
+ result[key] = _value2;
489
+ }
490
+
491
+ // If there's body content in the inline part, add it as 'body'
492
+ if (partBody) {
493
+ result[partName] = partBody;
494
+ }
401
495
  } else {
496
+ // Handle named form-data parts
402
497
  var nameMatch = disposition.match(/name="([^"]+)"/);
403
498
  partName = nameMatch ? nameMatch[1] : null;
404
499
  if (partName) {
405
- // Add the top-level key for this part
406
500
  var topLevelKey = partName.split("/")[0];
407
501
  bodyKeysList.push(topLevelKey);
408
502
  }
409
- }
410
- if (!partName) continue;
411
- var restHeaders = _objectSpread({}, headers);
412
- delete restHeaders["content-disposition"];
413
- if (Object.keys(restHeaders).length === 0) {
414
- result[partName] = partBody;
415
- } else if (!partBody) {
416
- result[partName] = restHeaders;
417
- } else {
418
- result[partName] = _objectSpread(_objectSpread({}, restHeaders), {}, {
419
- body: partBody
420
- });
503
+ if (!partName) continue;
504
+ var _restHeaders = _objectSpread({}, headers);
505
+ delete _restHeaders["content-disposition"];
506
+ if (Object.keys(_restHeaders).length === 0) {
507
+ result[partName] = partBody;
508
+ } else if (!partBody) {
509
+ result[partName] = _restHeaders;
510
+ } else {
511
+ result[partName] = _objectSpread(_objectSpread({}, _restHeaders), {}, {
512
+ body: partBody
513
+ });
514
+ }
421
515
  }
422
516
  }
423
517
  } catch (err) {
@@ -426,7 +520,6 @@ function parseMultipart(contentType, body) {
426
520
  _iterator3.f();
427
521
  }
428
522
  if (bodyKeysList.length > 0) {
429
- // Format as structured field list, preserving order and duplicates
430
523
  result["body-keys"] = bodyKeysList.map(function (k) {
431
524
  return "\"".concat(k, "\"");
432
525
  }).join(", ");
@@ -492,10 +585,10 @@ function httpsig_from(http) {
492
585
 
493
586
  // Convert flat structure to nested using flat.js
494
587
  var flat = {};
495
- for (var _i8 = 0, _Object$entries8 = Object.entries(withBodyKeys); _i8 < _Object$entries8.length; _i8++) {
496
- var _Object$entries8$_i = _slicedToArray(_Object$entries8[_i8], 2),
497
- key = _Object$entries8$_i[0],
498
- value = _Object$entries8$_i[1];
588
+ for (var _i9 = 0, _Object$entries9 = Object.entries(withBodyKeys); _i9 < _Object$entries9.length; _i9++) {
589
+ var _Object$entries9$_i = _slicedToArray(_Object$entries9[_i9], 2),
590
+ key = _Object$entries9$_i[0],
591
+ value = _Object$entries9$_i[1];
499
592
  if (key.includes("/")) {
500
593
  flat[key] = value;
501
594
  }
@@ -503,14 +596,14 @@ function httpsig_from(http) {
503
596
  if (Object.keys(flat).length > 0) {
504
597
  // Use flat_from to convert flat structure to nested
505
598
  var nested = (0, _flat.flat_from)(flat);
506
- for (var _i9 = 0, _Object$entries9 = Object.entries(nested); _i9 < _Object$entries9.length; _i9++) {
507
- var _Object$entries9$_i = _slicedToArray(_Object$entries9[_i9], 2),
508
- _key2 = _Object$entries9$_i[0],
509
- _value2 = _Object$entries9$_i[1];
510
- withBodyKeys[_key2] = _value2;
599
+ for (var _i0 = 0, _Object$entries0 = Object.entries(nested); _i0 < _Object$entries0.length; _i0++) {
600
+ var _Object$entries0$_i = _slicedToArray(_Object$entries0[_i0], 2),
601
+ _key2 = _Object$entries0$_i[0],
602
+ _value3 = _Object$entries0$_i[1];
603
+ withBodyKeys[_key2] = _value3;
511
604
  }
512
- for (var _i0 = 0, _Object$keys = Object.keys(flat); _i0 < _Object$keys.length; _i0++) {
513
- var _key3 = _Object$keys[_i0];
605
+ for (var _i1 = 0, _Object$keys = Object.keys(flat); _i1 < _Object$keys.length; _i1++) {
606
+ var _key3 = _Object$keys[_i1];
514
607
  delete withBodyKeys[_key3];
515
608
  }
516
609
  }
@@ -529,8 +622,8 @@ function httpsig_from(http) {
529
622
  delete result["content-digest"];
530
623
 
531
624
  // Extract hashpaths if any
532
- for (var _i1 = 0, _Object$keys2 = Object.keys(result); _i1 < _Object$keys2.length; _i1++) {
533
- var _key4 = _Object$keys2[_i1];
625
+ for (var _i10 = 0, _Object$keys2 = Object.keys(result); _i10 < _Object$keys2.length; _i10++) {
626
+ var _key4 = _Object$keys2[_i10];
534
627
  if (_key4.startsWith("hashpath")) {
535
628
  delete result[_key4];
536
629
  }
@@ -570,10 +663,10 @@ function httpsig_to(tabm) {
570
663
  // For flat structures, just return with normalized keys
571
664
  // This matches Erlang which returns the map unchanged
572
665
  var result = _objectSpread({}, inlineFieldHdrs);
573
- for (var _i10 = 0, _Object$entries0 = Object.entries(stripped); _i10 < _Object$entries0.length; _i10++) {
574
- var _Object$entries0$_i = _slicedToArray(_Object$entries0[_i10], 2),
575
- key = _Object$entries0$_i[0],
576
- value = _Object$entries0$_i[1];
666
+ for (var _i11 = 0, _Object$entries1 = Object.entries(stripped); _i11 < _Object$entries1.length; _i11++) {
667
+ var _Object$entries1$_i = _slicedToArray(_Object$entries1[_i11], 2),
668
+ key = _Object$entries1$_i[0],
669
+ value = _Object$entries1$_i[1];
577
670
  // Convert Buffers to strings if they're UTF-8 text
578
671
  if (Buffer.isBuffer(value)) {
579
672
  try {
@@ -623,31 +716,31 @@ function httpsig_to(tabm) {
623
716
  var headers = _objectSpread({}, inlineFieldHdrs);
624
717
 
625
718
  // Process each field - ao-types at top level should go to headers
626
- for (var _i11 = 0, _Object$entries1 = Object.entries(stripped); _i11 < _Object$entries1.length; _i11++) {
627
- var _Object$entries1$_i = _slicedToArray(_Object$entries1[_i11], 2),
628
- _key5 = _Object$entries1$_i[0],
629
- _value3 = _Object$entries1$_i[1];
719
+ for (var _i12 = 0, _Object$entries10 = Object.entries(stripped); _i12 < _Object$entries10.length; _i12++) {
720
+ var _Object$entries10$_i = _slicedToArray(_Object$entries10[_i12], 2),
721
+ _key5 = _Object$entries10$_i[0],
722
+ _value4 = _Object$entries10$_i[1];
630
723
  if (_key5 === "ao-types") {
631
724
  // Top-level ao-types goes to headers only
632
725
  // Convert Buffer to string if needed
633
- if (Buffer.isBuffer(_value3)) {
634
- headers[_key5] = _value3.toString("utf8");
726
+ if (Buffer.isBuffer(_value4)) {
727
+ headers[_key5] = _value4.toString("utf8");
635
728
  } else {
636
- headers[_key5] = _value3;
729
+ headers[_key5] = _value4;
637
730
  }
638
731
  } else if (_key5 === "body" || _key5 === inlineKeyVal) {
639
- bodyMap[_key5 === inlineKeyVal ? inlineKeyVal : "body"] = _value3;
640
- } else if (_typeof(_value3) === "object" && _value3 !== null && !Array.isArray(_value3) && !Buffer.isBuffer(_value3)) {
641
- bodyMap[_key5] = _value3;
642
- } else if (typeof _value3 === "string" && _value3.length <= MAX_HEADER_LENGTH && _key5 !== "ao-types") {
643
- headers[normalizeKey(_key5)] = _value3;
644
- } else if (Buffer.isBuffer(_value3) && _value3.length <= MAX_HEADER_LENGTH && _key5 !== "ao-types") {
732
+ bodyMap[_key5 === inlineKeyVal ? inlineKeyVal : "body"] = _value4;
733
+ } else if (_typeof(_value4) === "object" && _value4 !== null && !Array.isArray(_value4) && !Buffer.isBuffer(_value4)) {
734
+ bodyMap[_key5] = _value4;
735
+ } else if (typeof _value4 === "string" && _value4.length <= MAX_HEADER_LENGTH && _key5 !== "ao-types") {
736
+ headers[normalizeKey(_key5)] = _value4;
737
+ } else if (Buffer.isBuffer(_value4) && _value4.length <= MAX_HEADER_LENGTH && _key5 !== "ao-types") {
645
738
  // Convert Buffers to strings for headers
646
- var _str = _value3.toString("utf8");
739
+ var _str = _value4.toString("utf8");
647
740
  headers[normalizeKey(_key5)] = _str;
648
741
  } else if (_key5 !== "ao-types") {
649
742
  // Only add to bodyMap if it's not ao-types
650
- bodyMap[_key5] = _value3;
743
+ bodyMap[_key5] = _value4;
651
744
  }
652
745
  }
653
746
 
@@ -671,22 +764,22 @@ function httpsig_to(tabm) {
671
764
  b = _ref8[0];
672
765
  return a.localeCompare(b);
673
766
  });
674
- var _iterator5 = _createForOfIteratorHelper(sortedEntries),
675
- _step5;
767
+ var _iterator4 = _createForOfIteratorHelper(sortedEntries),
768
+ _step4;
676
769
  try {
677
- for (_iterator5.s(); !(_step5 = _iterator5.n()).done;) {
678
- var _step5$value = _slicedToArray(_step5.value, 2),
679
- _key6 = _step5$value[0],
680
- _value4 = _step5$value[1];
681
- if (_typeof(_value4) === "object" && _value4 !== null && Object.keys(_value4).length === 1 && "body" in _value4) {
682
- var encoded = encodeBodyPart("".concat(_key6, "/body"), _value4, "body");
770
+ for (_iterator4.s(); !(_step4 = _iterator4.n()).done;) {
771
+ var _step4$value = _slicedToArray(_step4.value, 2),
772
+ _key6 = _step4$value[0],
773
+ _value5 = _step4$value[1];
774
+ if (_typeof(_value5) === "object" && _value5 !== null && Object.keys(_value5).length === 1 && "body" in _value5) {
775
+ var encoded = encodeBodyPart("".concat(_key6, "/body"), _value5, "body");
683
776
  parts.push({
684
777
  name: "".concat(_key6, "/body"),
685
778
  body: encoded
686
779
  });
687
780
  bodyKeysList.push(_key6);
688
781
  } else {
689
- var _encoded = encodeBodyPart(_key6, _value4, inlineKeyVal);
782
+ var _encoded = encodeBodyPart(_key6, _value5, inlineKeyVal);
690
783
  parts.push({
691
784
  name: _key6,
692
785
  body: _encoded
@@ -695,9 +788,9 @@ function httpsig_to(tabm) {
695
788
  }
696
789
  }
697
790
  } catch (err) {
698
- _iterator5.e(err);
791
+ _iterator4.e(err);
699
792
  } finally {
700
- _iterator5.f();
793
+ _iterator4.f();
701
794
  }
702
795
  var boundary = boundaryFromParts(parts);
703
796
  var bodyParts = parts.map(function (p) {
@@ -713,4 +806,18 @@ function httpsig_to(tabm) {
713
806
  });
714
807
  return addContentDigest(_result2);
715
808
  }
809
+ }
810
+
811
+ /**
812
+ * Convert structured message to flat format
813
+ */
814
+ function structured_to(msg) {
815
+ return msg;
816
+ }
817
+
818
+ /**
819
+ * Convert flat format to structured message
820
+ */
821
+ function structured_from(msg) {
822
+ return msg;
716
823
  }