How to use http-signature - 10 common examples
To help you get started, we’ve selected a few http-signature examples, based on popular ways it is used in public projects.
Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
GetStream / stream-js / src / lib / batch_operations.js View on Github 
function(fulfill, reject) {
this.send('request', 'post', kwargs, cb);
kwargs.url = this.enrichUrl(kwargs.url);
kwargs.json = true;
kwargs.method = 'POST';
kwargs.headers = { 'X-Api-Key': this.apiKey };
// Make sure withCredentials is not enabled, different browser
// fallbacks handle it differently by default (meteor)
kwargs.withCredentials = false;
var callback = this.wrapPromiseTask(cb, fulfill, reject);
var req = request(kwargs, callback);
httpSignature.sign(req, {
algorithm: 'hmac-sha256',
key: this.apiSecret,
keyId: this.apiKey,
});
}.bind(this)
);// methodsThatRequireExtraHeaders ["POST", "PUT"];
if(["POST","PUT"].indexOf(request.method.toUpperCase()) !== -1 )
{
body = body || "";
request.setHeader("content-length", body.length);
headersToSign = headersToSign.concat([ "content-type", "content-length" ]);
if ( request.getHeader('content-type') != 'application/x-www-form-urlencoded' ){
var shaObj = new jsSHA("SHA-256", "TEXT");
shaObj.update(body);
request.setHeader("x-content-sha256", shaObj.getHash('B64'));
headersToSign = headersToSign.concat([ "x-content-sha256" ]);
}
}
httpSignature.sign( request, { key: auth.privateKey,
keyId: auth.tenancyId + "/" +
auth.userId + "/" +
auth.keyFingerprint,
headers: headersToSign } );
var newAuthHeaderValue = request.getHeader("Authorization").replace("Signature ", "Signature version=\"1\",");
request.setHeader("Authorization", newAuthHeaderValue);
};// methodsThatRequireExtraHeaders ["POST", "PUT"];
if(["POST","PUT"].indexOf(request.method.toUpperCase()) !== -1 )
{
body = body || "";
request.setHeader("content-length", body.length);
headersToSign = headersToSign.concat([ "content-type", "content-length" ]);
if ( request.headers['content-type'] == 'x-www-form-urlencoded' ){
var shaObj = new jsSHA("SHA-256", "TEXT");
shaObj.update(body);
request.setHeader("x-content-sha256", shaObj.getHash('B64'));
headersToSign = headersToSign.concat([ "x-content-sha256" ]);
}
}
httpSignature.sign( request, { key: auth.privateKey,
keyId: auth.tenancyId + "/" +
auth.userId + "/" +
auth.keyFingerprint,
headers: headersToSign } );
var newAuthHeaderValue = request.getHeader("Authorization").replace("Signature ", "Signature version=\"1\",");
request.setHeader("Authorization", newAuthHeaderValue);
};var parentOcidVal = parentOcidArr[parentOcidArr.length-1];
if (respBody.length) {
respBody.forEach(resp => {
resp[parentOcidName] = parentOcidVal
});
} else {
respBody[parentOcidName] = parentOcidVal
}
}
callback(respBody);
});
});
// Create signature
signature.sign(request, {
key: OracleConfig.privateKey,
keyId: [OracleConfig.tenancyId, OracleConfig.userId, OracleConfig.keyFingerprint].join('/'),
headers: ["host", "date", "(request-target)"]
});
var oldAuthHead = request.getHeader("Authorization");
var newAuthHead = oldAuthHead.replace("Signature ", "Signature version=\"1\",");
request.setHeader("Authorization", newAuthHead);
var requestToWrite = (body === undefined ? '': body);
request.write(requestToWrite);
request.end();
}Request.prototype.httpSignature = function (opts) {
var self = this
httpSignature.signRequest({
getHeader: function(header) {
return self.getHeader(header, self.headers)
},
setHeader: function(header, value) {
self.setHeader(header, value)
},
method: self.method,
path: self.path
}, opts)
debug('httpSignature authorization', self.getHeader('authorization'))
return self
}
Request.prototype.hawk = function (opts) {var server = http.createServer(function (req, res) {
var parsed = httpSignature.parseRequest(req)
var publicKeyPEM = publicKeyPEMs[parsed.keyId]
var verified = httpSignature.verifySignature(parsed, publicKeyPEM)
res.writeHead(verified ? 200 : 400)
res.end()
})var server = http.createServer(function (req, res) {
var parsed = httpSignature.parseRequest(req)
var publicKeyPEM = publicKeyPEMs[parsed.keyId]
var verified = httpSignature.verifySignature(parsed, publicKeyPEM)
res.writeHead(verified ? 200 : 400)
res.end()
})signatureIsVerified(req) {
try {
const parsed = httpSignature.parseRequest(req)
if (!httpSignature.verifySignature(parsed, publicKey)) {
console.error('Forbidden - failed verifySignature')
return false
}
} catch (error) {
console.error(error)
return false
}
return true
}
}Request.prototype.httpSignature = function (opts) {
var self = this
httpSignature.signRequest({
getHeader: function(header) {
return self.getHeader(header, self.headers)
},
setHeader: function(header, value) {
self.setHeader(header, value)
},
method: self.method,
path: self.path
}, opts)
debug('httpSignature authorization', self.getHeader('authorization'))
return self
}
Request.prototype.hawk = function (opts) {Request.prototype.httpSignature = function (opts) {
var self = this
httpSignature.signRequest({
getHeader: function(header) {
return self.getHeader(header, self.headers)
},
setHeader: function(header, value) {
self.setHeader(header, value)
},
method: self.method,
path: self.path
}, opts)
debug('httpSignature authorization', self.getHeader('authorization'))
return self
}
Request.prototype.hawk = function (opts) {http-signature
Reference implementation of Joyent's HTTP Signature scheme.
