зеркало из https://github.com/mozilla/hawk.git
Handle absolute request URI in http header. Closes #117
This commit is contained in:
Eran Hammer
Родитель
3411e6915b
Коммит
581e751f44
|
|
@ -54,11 +54,19 @@ exports.calculateMac = function (type, credentials, options) {
|
|||
|
||||
exports.generateNormalizedString = function (type, options) {
|
||||
|
||||
var resource = options.resource || '';
|
||||
if (resource &&
|
||||
resource[0] !== '/') {
|
||||
|
||||
var url = Url.parse(resource, false);
|
||||
resource = url.path; // Includes query
|
||||
}
|
||||
|
||||
var normalized = 'hawk.' + exports.headerVersion + '.' + type + '\n' +
|
||||
options.ts + '\n' +
|
||||
options.nonce + '\n' +
|
||||
(options.method || '').toUpperCase() + '\n' +
|
||||
(options.resource || '') + '\n' +
|
||||
resource + '\n' +
|
||||
options.host.toLowerCase() + '\n' +
|
||||
options.port + '\n' +
|
||||
(options.hash || '') + '\n';
|
||||
|
|
|
|||
|
|
@ -1,7 +1,7 @@
|
|||
{
|
||||
"name": "hawk",
|
||||
"description": "HTTP Hawk Authentication Scheme",
|
||||
"version": "2.2.1",
|
||||
"version": "2.2.2",
|
||||
"author": "Eran Hammer <eran@hueniverse.com> (http://hueniverse.com)",
|
||||
"contributors": [],
|
||||
"repository": "git://github.com/hueniverse/hawk",
|
||||
|
|
|
|||
|
|
@ -97,6 +97,46 @@ describe('Hawk', function () {
|
|||
});
|
||||
});
|
||||
|
||||
it('generates a header then successfully parse it (absolute request uri)', function (done) {
|
||||
|
||||
var req = {
|
||||
method: 'POST',
|
||||
url: 'http://example.com:8080/resource/4?filter=a',
|
||||
headers: {
|
||||
host: 'example.com:8080',
|
||||
'content-type': 'text/plain;x=y'
|
||||
}
|
||||
};
|
||||
|
||||
var payload = 'some not so random text';
|
||||
|
||||
credentialsFunc('123456', function (err, credentials) {
|
||||
|
||||
var reqHeader = Hawk.client.header('http://example.com:8080/resource/4?filter=a', req.method, { credentials: credentials, ext: 'some-app-data', payload: payload, contentType: req.headers['content-type'] });
|
||||
req.headers.authorization = reqHeader.field;
|
||||
|
||||
Hawk.server.authenticate(req, credentialsFunc, {}, function (err, credentials, artifacts) {
|
||||
|
||||
expect(err).to.not.exist;
|
||||
expect(credentials.user).to.equal('steve');
|
||||
expect(artifacts.ext).to.equal('some-app-data');
|
||||
expect(Hawk.server.authenticatePayload(payload, credentials, artifacts, req.headers['content-type'])).to.equal(true);
|
||||
|
||||
var res = {
|
||||
headers: {
|
||||
'content-type': 'text/plain'
|
||||
}
|
||||
};
|
||||
|
||||
res.headers['server-authorization'] = Hawk.server.header(credentials, artifacts, { payload: 'some reply', contentType: 'text/plain', ext: 'response-specific' });
|
||||
expect(res.headers['server-authorization']).to.exist;
|
||||
|
||||
expect(Hawk.client.authenticate(res, credentials, artifacts, { payload: 'some reply' })).to.equal(true);
|
||||
done();
|
||||
});
|
||||
});
|
||||
});
|
||||
|
||||
it('generates a header then successfully parse it (no server header options)', function (done) {
|
||||
|
||||
var req = {
|
||||
|
|
|
|||
Загрузка…
Ссылка в новой задаче