Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
config: {
auth: 'web',
handler: Resource.update
}
});
var options = {
method: "PUT",
url: "http://localhost.com/resource/1",
payload: JSON.stringify({uId:'user2'}),
headers: {}
};
// Add auth
var header = Hawk.client.header(options.url, options.method, { credentials: credentials.normal });
options.headers.Authorization = header.field;
server.inject(options, function(response) {
var result = response.result;
expect(response.statusCode).to.equal(401);
expect(result).to.be.instanceof(Object);
expect(result.message).to.equal("You do not have update access");
done();
});
})
request(reqOpt, function(error, response, body) {
if (error) {
metrics.apkSigningFailed(path);
logError(log, 'apk signer request error ', error);
return cb(new Error('SIGNER_REQUEST_FAILED'));
}
// Make sure that the signer thinks *our* request is valid.
if (response.statusCode !== 200) {
metrics.apkSigningFailed(path);
log.error('signer system error response: ' +
response.statusCode + ' ' + response.body);
return cb(new Error('SIGNER_REFUSED_REQUEST'));
}
var isValid = hawk.client.authenticate(response,
config.hawk,
hdr.artifacts, {
payload: body,
require: true
});
if (isValid) {
metrics.apkSigningFinished(path, new Date() - start);
return cb(null, body);
} else {
metrics.apkSigningFailed(path);
return cb(new Error('INVALID_SIGNER_RESPONSE'));
}
});
});
function hawkHeader(token, method, url, payload, offset) {
const verify = {
credentials: token
};
if (payload) {
verify.contentType = 'application/json';
verify.payload = JSON.stringify(payload);
}
if (offset) {
verify.localtimeOffsetMsec = offset;
}
return hawk.client.header(url, method, verify).header;
}
throw new Error('buildSignedUrl missing required credentials');
}
const { clientId, accessToken } = credentials;
if (!clientId) {
throw new Error('buildSignedUrl missing required credentials clientId');
}
if (!accessToken) {
throw new Error(
'buildSignedUrl missing required credentials accessToken',
);
}
const bewit = hawk.client.bewit(url, {
credentials: {
id: clientId,
key: accessToken,
algorithm: 'sha256',
},
ttlSec: expiration,
ext: this.buildExtraData(credentials),
});
return url.includes('?')
? `${url}&bewit=${bewit}`
: `${url}?bewit=${bewit}`;
}
Request.prototype.hawk = function (opts) {
var self = this
self.setHeader('Authorization', hawk.client.header(self.uri, self.method, opts).field)
}
Request.prototype.oauth = function (_oauth) {
Request.prototype.hawk = function (opts) {
var self = this
self.setHeader('Authorization', hawk.client.header(self.uri, self.method, opts).field)
}
Request.prototype.oauth = function (_oauth) {
request.get(opts, function(err, resp, status) {
var isValid = hawk.client.authenticate(resp, daemonKey, header.artifacts, {
payload: status
});
if (cb && typeof cb === 'function') {
cb(err, {
code: resp.statusCode,
status: status,
isValid: isValid
});
} else {
rl.prompt();
}
});
}
Request.prototype.hawk = function (opts) {
var self = this
self.setHeader('Authorization', hawk.client.header(self.uri, self.method, opts).field)
}
Request.prototype.oauth = function (_oauth) {
Request.prototype.hawk = function (opts) {
this.headers.Authorization = hawk.client.header(this.uri, this.method, opts).field
}
Request.prototype.hawk = function (opts) {
var self = this
self.setHeader('Authorization', hawk.client.header(self.uri, self.method, opts).field)
}
Request.prototype.oauth = function (_oauth) {