npm - vestauth - Versions diffs - 0.5.3 → 0.6.0 - Mend

vestauth 0.5.3 → 0.6.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (24) hide show

package/CHANGELOG.md +6 -0
package/package.json +1 -1
package/src/cli/actions/agent/headers.js +1 -1
package/src/cli/actions/agent/init.js +15 -9
package/src/cli/actions/primitives/headers.js +17 -12
package/src/cli/actions/primitives/keypair.js +2 -4
package/src/cli/actions/primitives/verify.js +26 -15
package/src/cli/actions/provider/verify.js +23 -13
package/src/cli/commands/agent.js +8 -6
package/src/cli/commands/primitives.js +12 -9
package/src/cli/commands/provider.js +4 -3
package/src/lib/api/postRegister.js +1 -1
package/src/lib/helpers/agentHeaders.js +4 -4
package/src/lib/helpers/catchAndLog.js +16 -0
package/src/lib/helpers/errors.js +34 -1
package/src/lib/helpers/headers.js +17 -15
package/src/lib/helpers/identity.js +3 -3
package/src/lib/helpers/parseSignatureAgentHeader.js +18 -0
package/src/lib/helpers/providerVerify.js +29 -3
package/src/lib/helpers/publicKeyObject.js +7 -0
package/src/lib/helpers/signatureParams.js +1 -1
package/src/lib/helpers/verify.js +10 -8
package/src/lib/helpers/verifyWebBotAuth.js +1 -1
package/src/lib/helpers/edPublicKeyObject.js +0 -7

package/CHANGELOG.md CHANGED Viewed

@@ -4,6 +4,12 @@ All notable changes to this project will be documented in this file. See [standa
 [Unreleased](https://github.com/vestauth/vestauth/compare/v0.5.3...main)
+## [0.6.0](https://github.com/vestauth/vestauth/compare/v0.5.3...v0.6.0) (2026-02-03)
+### Added
+* Add `provider verify` command ([#8](https://github.com/vestauth/vestauth/pull/8))
 ## [0.5.3](https://github.com/vestauth/vestauth/compare/v0.5.2...v0.5.3) (2026-02-03)
 ### Changed

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "vestauth",
-  "version": "0.5.3",
+  "version": "0.6.0",
   "description": "auth for agents–from the creator of dotenvx",
   "keywords": [
     "vestauth"

package/src/cli/actions/agent/headers.js CHANGED Viewed

@@ -9,7 +9,7 @@ async function headers (httpMethod, uri) {
   const options = this.opts()
   logger.debug(`options: ${JSON.stringify(options)}`)
-  const output = await agent.headers(httpMethod, uri, options.tag, options.nonce, options.privateKey)
+  const output = await agent.headers(httpMethod, uri, options.id, options.privateKey, options.tag, options.nonce)
   let space = 0
   if (options.prettyPrint) {

package/src/cli/actions/agent/init.js CHANGED Viewed

@@ -1,20 +1,26 @@
 const { logger } = require('./../../../shared/logger')
+const catchAndLog = require('./../../../lib/helpers/catchAndLog')
 const agent = require('./../../../lib/agent')
 async function init () {
-  const options = this.opts()
-  logger.debug(`options: ${JSON.stringify(options)}`)
+  try {
+    const options = this.opts()
+    logger.debug(`options: ${JSON.stringify(options)}`)
-  const output = await agent.init()
+    const output = await agent.init()
-  if (output.isNew) {
-    logger.success(`✔ agent created (${output.path}/AGENT_ID=${output.AGENT_ID})`)
-  } else {
-    logger.info(`• agent exists (${output.path}/AGENT_ID=${output.AGENT_ID})`)
-  }
+    if (output.isNew) {
+      logger.success(`✔ agent created (${output.path}/AGENT_ID=${output.AGENT_ID})`)
+    } else {
+      logger.info(`• agent exists (${output.path}/AGENT_ID=${output.AGENT_ID})`)
+    }
-  logger.help('⮕ next run: [vestauth agent curl https://api.vestauth.com/whoami]')
+    logger.help('⮕ next run: [vestauth agent curl https://api.vestauth.com/whoami]')
+  } catch (error) {
+    catchAndLog(error)
+    process.exit(1)
+  }
 }
 module.exports = init

package/src/cli/actions/primitives/headers.js CHANGED Viewed

@@ -1,23 +1,28 @@
 const { logger } = require('./../../../shared/logger')
+const catchAndLog = require('./../../../lib/helpers/catchAndLog')
 const primitives = require('./../../../lib/primitives')
-async function headers (httpMethod, uri, privateKey) {
-  logger.debug(`httpMethod: ${httpMethod}`)
-  logger.debug(`uri: ${uri}`)
-  logger.debug(`privateKey: ${privateKey}`)
+async function headers (httpMethod, uri) {
+  try {
+    logger.debug(`httpMethod: ${httpMethod}`)
+    logger.debug(`uri: ${uri}`)
-  const options = this.opts()
-  logger.debug(`options: ${JSON.stringify(options)}`)
+    const options = this.opts()
+    logger.debug(`options: ${JSON.stringify(options)}`)
-  const output = await primitives.headers(httpMethod, uri, privateKey, options.tag, options.nonce)
+    const output = await primitives.headers(httpMethod, uri, options.id, options.privateKey, options.tag, options.nonce)
-  let space = 0
-  if (options.prettyPrint) {
-    space = 2
-  }
+    let space = 0
+    if (options.prettyPrint) {
+      space = 2
+    }
-  console.log(JSON.stringify(output, null, space))
+    console.log(JSON.stringify(output, null, space))
+  } catch (error) {
+    catchAndLog(error)
+    process.exit(1)
+  }
 }
 module.exports = headers

package/src/cli/actions/primitives/keypair.js CHANGED Viewed

@@ -2,13 +2,11 @@ const { logger } = require('./../../../shared/logger')
 const primitives = require('./../../../lib/primitives')
-function keypair (existingPrivateKey) {
-  logger.debug(`existingPrivateKey: ${existingPrivateKey}`)
+function keypair () {
   const options = this.opts()
   logger.debug(`options: ${JSON.stringify(options)}`)
-  const kp = primitives.keypair(existingPrivateKey, options.prefix)
+  const kp = primitives.keypair(options.privateKey, options.prefix)
   const output = {
     public_key: kp.publicKey,

package/src/cli/actions/primitives/verify.js CHANGED Viewed

@@ -1,26 +1,37 @@
 const { logger } = require('./../../../shared/logger')
+const catchAndLog = require('./../../../lib/helpers/catchAndLog')
 const primitives = require('./../../../lib/primitives')
-async function verify (httpMethod, uri, signature, signatureInput, publicKey) {
-  logger.debug(`httpMethod: ${httpMethod}`)
-  logger.debug(`uri: ${uri}`)
-  logger.debug(`signature: ${signature}`)
-  logger.debug(`signatureInput: ${signatureInput}`)
-  logger.debug(`publicKey: ${publicKey}`)
+async function verify (httpMethod, uri) {
+  try {
+    logger.debug(`httpMethod: ${httpMethod}`)
+    logger.debug(`uri: ${uri}`)
-  const options = this.opts()
-  logger.debug(`options: ${JSON.stringify(options)}`)
+    const options = this.opts()
+    logger.debug(`options: ${JSON.stringify(options)}`)
-  const output = await primitives.verify(httpMethod, uri, signature, signatureInput, JSON.parse(publicKey))
-  // const output = await primitive.verifyWebBotAuth(httpMethod, uri, signature, signatureInput, JSON.parse(publicKey))
+    const headers = {
+      Signature: options.signature,
+      'Signature-Input': options.signatureInput,
+      'Signature-Agent': options.signatureAgent
+    }
-  let space = 0
-  if (options.prettyPrint) {
-    space = 2
-  }
+    const publicJwk = JSON.parse(options.publicKey || {})
+    const output = await primitives.verify(httpMethod, uri, headers, publicJwk)
+    // const output = await primitive.verifyWebBotAuth(httpMethod, uri, signature, signatureInput, JSON.parse(publicKey))
-  console.log(JSON.stringify(output, null, space))
+    let space = 0
+    if (options.prettyPrint) {
+      space = 2
+    }
+    console.log(JSON.stringify(output, null, space))
+  } catch (error) {
+    catchAndLog(error)
+    process.exit(1)
+  }
 }
 module.exports = verify

package/src/cli/actions/provider/verify.js CHANGED Viewed

@@ -1,24 +1,34 @@
 const { logger } = require('./../../../shared/logger')
+const catchAndLog = require('./../../../lib/helpers/catchAndLog')
 const provider = require('./../../../lib/provider')
-async function verify (httpMethod, uri, signatureHeader, signatureInputHeader) {
-  logger.debug(`httpMethod: ${httpMethod}`)
-  logger.debug(`uri: ${uri}`)
-  logger.debug(`signatureHeader: ${signatureHeader}`)
-  logger.debug(`signatureInputHeader: ${signatureInputHeader}`)
+async function verify (httpMethod, uri) {
+  try {
+    logger.debug(`httpMethod: ${httpMethod}`)
+    logger.debug(`uri: ${uri}`)
-  const options = this.opts()
-  logger.debug(`options: ${JSON.stringify(options)}`)
+    const options = this.opts()
+    logger.debug(`options: ${JSON.stringify(options)}`)
-  const output = await provider.verify(httpMethod, uri, signatureHeader, signatureInputHeader)
+    const headers = {
+      Signature: options.signature,
+      'Signature-Input': options.signatureInput,
+      'Signature-Agent': options.signatureAgent
+    }
-  let space = 0
-  if (options.prettyPrint) {
-    space = 2
-  }
+    const output = await provider.verify(httpMethod, uri, headers)
+    let space = 0
+    if (options.prettyPrint) {
+      space = 2
+    }
-  console.log(JSON.stringify(output, null, space))
+    console.log(JSON.stringify(output, null, space))
+  } catch (error) {
+    catchAndLog(error)
+    process.exit(1)
+  }
 }
 module.exports = verify

package/src/cli/commands/agent.js CHANGED Viewed

@@ -1,4 +1,5 @@
 const { Command } = require('commander')
+const env = require('./../../lib/helpers/env')
 const agent = new Command('agent')
@@ -11,7 +12,7 @@ agent
 const initAction = require('./../actions/agent/init')
 agent.command('init')
   .description('create agent')
-  .option('-pp, --pretty-print', 'pretty print output')
+  .option('--pp, --pretty-print', 'pretty print output')
   .action(initAction)
 // vestauth agent curl
@@ -19,9 +20,9 @@ const curlAction = require('./../actions/agent/curl')
 agent.command('curl')
   .description('run curl as agent')
   .allowUnknownOption()
-  .option('--tag <tag>', 'web-bot-auth (default) | web-bot-auth', 'vestauth')
+  .option('--tag <tag>', 'web-bot-auth (default) | web-bot-auth', 'web-bot-auth')
   .option('--nonce <nonce>', 'null (default)')
-  .option('-pp, --pretty-print', 'pretty print output')
+  .option('--pp, --pretty-print', 'pretty print output')
   .action(curlAction)
 // vestauth agent headers
@@ -30,10 +31,11 @@ agent.command('headers')
   .description('generate headers as agent')
   .argument('<httpMethod>', 'GET (default)')
   .argument('<uri>', '')
-  .option('--tag <tag>', 'web-bot-auth (default) | web-bot-auth', 'vestauth')
+  .option('--id <id>', 'id (string)', env('AGENT_ID'))
+  .option('--privateKey <privateKey>', 'AGENT_PUBLIC_KEY (default)', env('AGENT_PRIVATE_KEY'))
+  .option('--tag <tag>', 'web-bot-auth (default) | web-bot-auth', 'web-bot-auth')
   .option('--nonce <nonce>', 'null (default)')
-  .option('--privateKey <privateKey>', 'AGENT_PUBLIC_KEY (default)')
-  .option('-pp, --pretty-print', 'pretty print output')
+  .option('--pp, --pretty-print', 'pretty print output')
   .action(headersAction)
 module.exports = agent

package/src/cli/commands/primitives.js CHANGED Viewed

@@ -1,4 +1,5 @@
 const { Command } = require('commander')
+const env = require('./../../lib/helpers/env')
 const primitives = new Command('primitives')
@@ -10,9 +11,9 @@ primitives
 const keypairAction = require('./../actions/primitives/keypair')
 primitives.command('keypair')
   .description('generate public/private keypair')
-  .argument('[privateKey]', 'pre-existing private key')
+  .option('--private-key <privateKey>', 'pre-existing private key')
   .option('--prefix <type>', 'agent (default) | provider | none', 'agent')
-  .option('-pp, --pretty-print', 'pretty print output')
+  .option('--pp, --pretty-print', 'pretty print output')
   .action(keypairAction)
 // vestauth primitives headers
@@ -21,10 +22,11 @@ primitives.command('headers')
   .description('generate signed headers')
   .argument('<httpMethod>', 'GET (default)')
   .argument('<uri>', '')
-  .argument('<privateKey>', 'private key (json string)')
-  .option('--tag <tag>', 'web-bot-auth (default) | web-bot-auth', 'vestauth')
+  .option('--id <id>', 'id (string)', env('AGENT_ID'))
+  .option('--private-key <privateKey>', 'private key (json string)', env('AGENT_PRIVATE_KEY'))
+  .option('--tag <tag>', 'web-bot-auth (default) | web-bot-auth', 'web-bot-auth')
   .option('--nonce <nonce>', 'null (default)')
-  .option('-pp, --pretty-print', 'pretty print output')
+  .option('--pp, --pretty-print', 'pretty print output')
   .action(headersAction)
 // vestauth primitives verify
@@ -33,10 +35,11 @@ primitives.command('verify')
   .description('verify signed headers')
   .argument('<httpMethod>', 'GET (default)')
   .argument('<uri>', '')
-  .argument('<signature>', '')
-  .argument('<signatureInput>', '')
-  .argument('<publicKey>', 'public key (json string)')
-  .option('-pp, --pretty-print', 'pretty print output')
+  .requiredOption('--signature <signature>', '')
+  .requiredOption('--signature-input <signatureInput>', '')
+  .option('--signature-agent <signatureAgent>', '')
+  .option('--public-key <publicKey>', 'public key (json string)', env('AGENT_PUBLIC_KEY'))
+  .option('--pp, --pretty-print', 'pretty print output')
   .action(verifyAction)
 module.exports = primitives

package/src/cli/commands/provider.js CHANGED Viewed

@@ -12,9 +12,10 @@ provider.command('verify')
   .description('verify agent')
   .argument('<httpMethod>', 'GET (default)')
   .argument('<uri>', '')
-  .argument('<signature>', '')
-  .argument('<signatureInput>', '')
-  .option('-pp, --pretty-print', 'pretty print output')
+  .requiredOption('--signature <signature>', '')
+  .requiredOption('--signature-input <signatureInput>', '')
+  .requiredOption('--signature-agent <signatureAgent>', '')
+  .option('--pp, --pretty-print', 'pretty print output')
   .action(verifyAction)
 module.exports = provider

package/src/lib/api/postRegister.js CHANGED Viewed

@@ -13,7 +13,7 @@ class PostRegister {
     const publicJwk = this.publicJwk
     const httpMethod = 'POST'
-    const headers = await agentHeaders(httpMethod, url)
+    const headers = await agentHeaders(httpMethod, url, 'agent-123')
     headers['Content-Type'] = 'application/json'
     const resp = await http(url, {

package/src/lib/helpers/agentHeaders.js CHANGED Viewed

@@ -1,16 +1,16 @@
 const headers = require('./headers')
 const identity = require('./identity')
-async function agentHeaders (httpMethod, uri, tag = 'vestauth', nonce = null, privateKey = null, uid = null) {
+async function agentHeaders (httpMethod, uri, id = null, privateKey = null, tag = 'web-bot-auth', nonce = null) {
   if (!privateKey) {
     privateKey = identity().privateKey
   }
-  if (!uid) {
-    uid = identity().uid
+  if (!id) {
+    id = identity().id
   }
-  return await headers(httpMethod, uri, privateKey, uid, tag, nonce)
+  return await headers(httpMethod, uri, id, privateKey, tag, nonce)
 }
 module.exports = agentHeaders

package/src/lib/helpers/catchAndLog.js ADDED Viewed

@@ -0,0 +1,16 @@
+const { logger } = require('./../../shared/logger')
+function catchAndLog (error) {
+  logger.error(error.message)
+  if (error.help) {
+    logger.help(error.help)
+  }
+  if (error.debug) {
+    logger.debug(error.debug)
+  }
+  if (error.code) {
+    logger.debug(`ERROR_CODE: ${error.code}`)
+  }
+}
+module.exports = catchAndLog

package/src/lib/helpers/errors.js CHANGED Viewed

@@ -3,6 +3,39 @@ class Errors {
     this.message = options.message
   }
+  missingId () {
+    const code = 'MISSING_ID'
+    const message = `[${code}] missing --id (AGENT_ID)`
+    const help = `[${code}] https://github.com/vestauth/vestauth/issues/6`
+    const e = new Error(message)
+    e.code = code
+    e.help = help
+    return e
+  }
+  missingPrivateKey () {
+    const code = 'MISSING_PRIVATE_KEY'
+    const message = `[${code}] missing --private-key (AGENT_PRIVATE_KEY)`
+    const help = `[${code}] https://github.com/vestauth/vestauth/issues/5`
+    const e = new Error(message)
+    e.code = code
+    e.help = help
+    return e
+  }
+  invalidPrivateKey () {
+    const code = 'INVALID_PRIVATE_KEY'
+    const message = `[${code}] invalid --private-key (AGENT_PRIVATE_KEY)`
+    const help = `[${code}] https://github.com/vestauth/vestauth/issues/7`
+    const e = new Error(message)
+    e.code = code
+    e.help = help
+    return e
+  }
   econnrefused () {
     const code = 'ECONNREFUSED'
     const message = `[${code}] connection refused`
@@ -17,7 +50,7 @@ class Errors {
   dangerousDependencyHoist () {
     const code = 'DANGEROUS_DEPENDENCY_HOIST'
     const message = `[${code}] your environment has hoisted an incompatible version of a vestauth dependency: ${this.message}`
-    const help = `[${code}] https://github.com/vestauth/vestauth`
+    const help = `[${code}] https://github.com/vestauth/vestauth/issues/4`
     const e = new Error(message)
     e.code = code

package/src/lib/helpers/headers.js CHANGED Viewed

@@ -1,38 +1,40 @@
+const Errors = require('./errors')
 const thumbprint = require('./thumbprint')
 const signatureParams = require('./signatureParams')
 const webBotAuthSignature = require('./webBotAuthSignature')
-async function headers (httpMethod, uri, privateKeyString, uid, tag = 'vestauth', nonce = null) {
-  if (!privateKeyString) throw new Error('missing privateKey')
-  if (!uid) throw new Error('missing uid')
+async function headers (httpMethod, uri, id, privateKey, tag = 'web-bot-auth', nonce = null) {
+  if (!id) throw new Errors().missingId()
+  if (!privateKey) throw new Errors().missingPrivateKey()
-  let privateKey
+  let privateJwk
   try {
-    privateKey = JSON.parse(privateKeyString)
-  } catch (err) {
-    throw new Error('invalid privateKey')
+    privateJwk = JSON.parse(privateKey)
+  } catch {
+    throw new Errors().invalidPrivateKey()
+  }
+  if (!privateJwk || typeof privateJwk !== 'object') {
+    throw new Errors().invalidPrivateKey()
   }
-  if (!privateKey || typeof privateKey !== 'object') throw new Error('invalid privateKey')
-  const kid = thumbprint(privateKey)
-  privateKey.kid = kid
+  const kid = thumbprint(privateJwk)
+  privateJwk.kid = kid
   // // theirs
   // const request = new Request(uri)
   // const now = new Date()
   // return await signatureHeaders(
   //   request,
-  //   await signerFromJWK(JSON.parse(privateKeyString)),
+  //   await signerFromJWK(JSON.parse(privateKey)),
   //   {
   //     created: now,
   //     expires: new Date(now.getTime() + 300_000), // now + 5 min
   //   }
   // )
-  // ours
-  const signatureInput = signatureParams(privateKey.kid, tag, nonce)
-  const signature = webBotAuthSignature(httpMethod, uri, signatureInput, privateKey)
-  const signatureAgent = `https://${uid}.agents.vestauth.com` // https://agent-2028e360a7f4ec28bc3cb7e6.agents.vestauth.com/.well-known/http-message-signatures-directory
+  const signatureInput = signatureParams(privateJwk.kid, tag, nonce)
+  const signature = webBotAuthSignature(httpMethod, uri, signatureInput, privateJwk)
+  const signatureAgent = `https://${id}.agents.vestauth.com` // https://agent-1234.agents.vestauth.com/.well-known/http-message-signatures-directory
   return {
     Signature: `sig1=:${signature}:`,

package/src/lib/helpers/identity.js CHANGED Viewed

@@ -3,12 +3,12 @@ const env = require('./env')
 function identity (raiseError = true) {
   const publicKey = env('AGENT_PUBLIC_KEY')
   const privateKey = env('AGENT_PRIVATE_KEY')
-  const uid = env('AGENT_ID')
+  const id = env('AGENT_ID')
-  if (raiseError && uid && !(publicKey || !privateKey)) throw new Error('missing AGENT_PUBLIC_KEY,  AGENT_PRIVATE_KEY, or AGENT_ID. Run [vestauth agent init]')
+  if (raiseError && id && !(publicKey || !privateKey)) throw new Error('missing AGENT_PUBLIC_KEY,  AGENT_PRIVATE_KEY, or AGENT_ID. Run [vestauth agent init]')
   return {
-    uid,
+    id,
     publicKey,
     privateKey
   }

package/src/lib/helpers/parseSignatureAgentHeader.js ADDED Viewed

@@ -0,0 +1,18 @@
+const { parseDictionary } = require('structured-headers')
+// example: sig1=https://agent-9aa52a556ca85ee195866c0b.agents.vestauth.com
+function parseSignatureAgentHeader (signatureAgentHeader) {
+  const dictionary = parseDictionary(signatureAgentHeader)
+  const entry = dictionary.entries().next()
+  if (entry.done) throw new Error('Invalid Signature-Agent header: empty dictionary')
+  const [key, innerlist] = entry.value
+  const value = innerlist[0].value
+  if (!value) throw new Error('Invalid Signature-Agent header: expected a URL string')
+  return {
+    key,
+    value
+  }
+}
+module.exports = parseSignatureAgentHeader

package/src/lib/helpers/providerVerify.js CHANGED Viewed

@@ -1,7 +1,33 @@
-const PostVerify = require('../api/postVerify')
+const { http } = require('./http')
+const buildApiError = require('./buildApiError')
+const parseSignatureAgentHeader = require('./parseSignatureAgentHeader')
+const verify = require('./verify')
-async function providerVerify (httpMethod, uri, signature, signatureInput) {
-  const output = await new PostVerify(null, httpMethod, uri, signature, signatureInput).run()
+async function providerVerify (httpMethod = 'GET', uri = 'https://api.vestauth.com/whoami', headers = {}) {
+  const signatureAgent = headers['Signature-Agent']
+  const { value } = parseSignatureAgentHeader(signatureAgent) // sig1=https://agent-9aa52a556ca85ee195866c0b.agents.vestauth.com
+  const url = `${value}/.well-known/http-message-signatures-directory`
+  const resp = await http(url, { method: 'GET', headers: { 'Content-Type': 'application/json' } })
+  if (resp.statusCode >= 400) {
+    const json = await resp.body.json()
+    throw buildApiError(resp.statusCode, json)
+  }
+  const json = await resp.body.json()
+  // example json
+  // {
+  //   keys: [
+  //     {
+  //       x: 'IaqY8f2Qp8EpS1qP7AssY0QE4I8PJDwHInLwDfB9WaU',
+  //       crv: 'Ed25519',
+  //       kid: 'i1B0cEjNvnSBm_TSVS87nqDj7IRfC_Q2eU-SywVxtNI',
+  //       kty: 'OKP'
+  //     }
+  //   ]
+  // }
+  const publicJwk = json.keys[0]
+  const output = await verify(httpMethod, uri, headers, publicJwk)
   return output
 }

package/src/lib/helpers/publicKeyObject.js ADDED Viewed

@@ -0,0 +1,7 @@
+const crypto = require('crypto')
+function publicKeyObject (publicJwk) {
+  return crypto.createPublicKey({ key: publicJwk, format: 'jwk' })
+}
+module.exports = publicKeyObject

package/src/lib/helpers/signatureParams.js CHANGED Viewed

@@ -2,7 +2,7 @@ const crypto = require('crypto')
 const epoch = require('./epoch')
-function signatureParams (kid, tag = 'vestauth', nonce = null) {
+function signatureParams (kid, tag = 'web-bot-auth', nonce = null) {
   const { created, expires } = epoch()
   if (!nonce) nonce = crypto.randomBytes(64).toString('base64url')

package/src/lib/helpers/verify.js CHANGED Viewed

@@ -3,10 +3,13 @@ const crypto = require('crypto')
 const parseSignatureInputHeader = require('./parseSignatureInputHeader')
 const stripDictionaryKey = require('./stripDictionaryKey')
 const authorityMessage = require('./authorityMessage')
-const edPublicKeyObject = require('./edPublicKeyObject')
+const publicKeyObject = require('./publicKeyObject')
-function verify (httpMethod, uri, signatureHeader, signatureInputHeader, publicKey) {
-  const { values } = parseSignatureInputHeader(signatureInputHeader)
+function verify (httpMethod, uri, headers = {}, publicJwk) {
+  const signature = headers.Signature
+  const signatureInput = headers['Signature-Input']
+  const { values } = parseSignatureInputHeader(signatureInput)
   const { expires } = values
   // return early false, since expired
@@ -16,16 +19,15 @@ function verify (httpMethod, uri, signatureHeader, signatureInputHeader, publicK
     }
   }
-  const signatureParams = stripDictionaryKey(signatureInputHeader)
-  const signature = stripDictionaryKey(signatureHeader)
+  const signatureParams = stripDictionaryKey(signatureInput)
+  const sig = stripDictionaryKey(signature)
   const message = authorityMessage(uri, signatureParams)
-  const publicKeyObject = edPublicKeyObject(publicKey)
   const success = crypto.verify(
     null,
     Buffer.from(message, 'utf8'),
-    publicKeyObject,
-    Buffer.from(signature, 'base64')
+    publicKeyObject(publicJwk),
+    Buffer.from(sig, 'base64')
   )
   return {

package/src/lib/helpers/verifyWebBotAuth.js CHANGED Viewed

@@ -1,7 +1,7 @@
 const { verify } = require('web-bot-auth')
 const { verifierFromJWK } = require('web-bot-auth/crypto')
-async function verifyWebBotAuth (httpMetod, uri, signatureHeader, signatureInputHeader, publicKey) {
+async function verifyWebBotAuth (httpMethod, uri, signatureHeader, signatureInputHeader, publicKey) {
   let success = false
   const verifier = await verifierFromJWK(publicKey)

package/src/lib/helpers/edPublicKeyObject.js DELETED Viewed

@@ -1,7 +0,0 @@
-const crypto = require('crypto')
-function edPublicKeyObject (keyJson) {
-  return crypto.createPublicKey({ key: keyJson, format: 'jwk' })
-}
-module.exports = edPublicKeyObject