From: Justin Wind Date: Sun, 27 Aug 2023 21:59:10 +0000 (-0700) Subject: remove @squeep/base64url dependency in lieu of native encoder X-Git-Tag: v1.0.1~2 X-Git-Url: https://git.squeep.com/?a=commitdiff_plain;h=efa8e263868de47ff3528561c5f4c8eeefbd5035;p=squeep-resource-authentication-module remove @squeep/base64url dependency in lieu of native encoder --- diff --git a/lib/common.js b/lib/common.js index ee7831f..43af9d8 100644 --- a/lib/common.js +++ b/lib/common.js @@ -1,12 +1,10 @@ 'use strict'; const { common } = require('@squeep/api-dingus'); -const b64u = require('@squeep/base64url'); const { randomBytes } = require('crypto'); const { promisify } = require('util'); const randomBytesAsync = promisify(randomBytes); module.exports = Object.assign(Object.create(common), { randomBytesAsync, - ...b64u, -}); \ No newline at end of file +}); diff --git a/lib/resource-authenticator.js b/lib/resource-authenticator.js index 04ac999..f4558c1 100644 --- a/lib/resource-authenticator.js +++ b/lib/resource-authenticator.js @@ -57,7 +57,7 @@ class ResourceAuthenticator { */ async getSalt() { const saltBytes = await common.randomBytesAsync(this.saltBytes); - return common.base64ToBase64URL(saltBytes.toString('base64')); + return saltBytes.toString('base64url'); } @@ -133,6 +133,7 @@ class ResourceAuthenticator { * @param {String} identifier UUID */ async authenticate(identifier, secret) { + const authenticationType = 'Bearer'; const currentEpoch = ResourceAuthenticator.currentEpoch.toString(); const smallIdentifier = ResourceAuthenticator.ensmallenIdentifier(identifier); const salt = await this.getSalt(); @@ -142,7 +143,8 @@ class ResourceAuthenticator { salt, this.createDigest(secret, smallIdentifier, currentEpoch, salt), ]; - return parts.join(':'); + const token = parts.join(':'); + return [authenticationType, token].join(' '); } @@ -152,8 +154,7 @@ class ResourceAuthenticator { * @returns {String} b64u-encoded UUID */ static ensmallenIdentifier(identifier) { - const uuidBase64 = Buffer.from(uuid.parse(identifier)).toString('base64'); - return common.base64ToBase64URL(uuidBase64); + return Buffer.from(uuid.parse(identifier)).toString('base64url'); } @@ -163,8 +164,7 @@ class ResourceAuthenticator { * @returns {String} UUID */ static embiggenIdentifier(small) { - const uuidBase64 = common.base64URLToBase64(small); - const uuidBuffer = Buffer.from(uuidBase64, 'base64'); + const uuidBuffer = Buffer.from(small, 'base64url'); return uuid.stringify(uuidBuffer); } @@ -178,8 +178,7 @@ class ResourceAuthenticator { createDigest(secret, ...contents) { const hmac = crypto.createHmac(this.digestAlgorithm, secret); contents.forEach((content) => hmac.update(Buffer.from(content))); - const digestBase64 = hmac.digest('base64'); - return common.base64ToBase64URL(digestBase64); + return hmac.digest('base64url'); } diff --git a/package.json b/package.json index 146713e..6593e28 100644 --- a/package.json +++ b/package.json @@ -22,13 +22,12 @@ "authentication" ], "engines": { - "node": ">=14" + "node": "^14 >=14.18 || >=15.7" }, "author": "Justin Wind ", "license": "ISC", "dependencies": { "@squeep/api-dingus": "git+https://git.squeep.com/squeep-api-dingus/#v1.2.8", - "@squeep/base64url": "^1.0.5", "uuid": "^9.0.0" }, "devDependencies": { diff --git a/test/lib/resource-authenticator.js b/test/lib/resource-authenticator.js index 826c484..182f291 100644 --- a/test/lib/resource-authenticator.js +++ b/test/lib/resource-authenticator.js @@ -158,7 +158,7 @@ describe('Resource Authenticator', function () { const secret = 'secrety'; sinon.stub(ResourceAuthenticator, 'currentEpoch').get(() => 1648836029); sinon.stub(ra, 'getSalt').resolves('xxxxx'); - const expected = 'bq7ZSLHkEeyakQAlkF9xSg:1648836029:xxxxx:fdUYC8Gqe0nAyX_-SWvRsPsx0UjY-vV-Ff0A52j6Zfw'; + const expected = 'Bearer bq7ZSLHkEeyakQAlkF9xSg:1648836029:xxxxx:fdUYC8Gqe0nAyX_-SWvRsPsx0UjY-vV-Ff0A52j6Zfw'; const result = await ra.authenticate(identifier, secret); assert.strictEqual(result, expected); }); @@ -225,4 +225,4 @@ describe('Resource Authenticator', function () { }); }); -}); // ResourceAuthenticator \ No newline at end of file +}); // ResourceAuthenticator