From b89d8f8bab8ac689299c3dc415c401f56e02fe38 Mon Sep 17 00:00:00 2001 From: Eran Hammer Date: Wed, 22 May 2013 07:54:36 -0700 Subject: [PATCH] host:port override option --- lib/server.js | 5 ++++- lib/utils.js | 14 ++++++++------ package.json | 2 +- test/server.js | 50 ++++++++++++++++++++++++++++++++++++++++++++------ 4 files changed, 57 insertions(+), 14 deletions(-) diff --git a/lib/server.js b/lib/server.js index c411cce..478c47b 100755 --- a/lib/server.js +++ b/lib/server.js @@ -74,6 +74,9 @@ var internals = {}; encoding used by the client to calculate the hash on request). If the payload is not available at the time of authentication, the authenticatePayload() method can be used by passing it the credentials and attributes.hash returned in the authenticate callback. + + host: optional host name override. Only used when passed a node request object. + port: optional port override. Only used when passed a node request object. } callback: function (err, credentials, artifacts) { } @@ -290,7 +293,7 @@ exports.header = function (credentials, artifacts, options) { /* * Arguments and options are the same as authenticate() with the exception that the only supported options are: - * 'hostHeaderName', 'localtimeOffsetMsec' + * 'hostHeaderName', 'localtimeOffsetMsec', 'host', 'port' */ exports.authenticateBewit = function (req, credentialsFunc, options, callback) { diff --git a/lib/utils.js b/lib/utils.js index 024adba..191179f 100755 --- a/lib/utils.js +++ b/lib/utils.js @@ -78,19 +78,21 @@ exports.parseRequest = function (req, options) { if (!req.headers) { return req; } - + // Obtain host and port information - var host = exports.parseHost(req, options.hostHeaderName); - if (!host) { - return new Error('Invalid Host header'); + if (!options.host || !options.port) { + var host = exports.parseHost(req, options.hostHeaderName); + if (!host) { + return new Error('Invalid Host header'); + } } var request = { method: req.method, url: req.url, - host: host.name, - port: host.port, + host: options.host || host.name, + port: options.port || host.port, authorization: req.headers.authorization, contentType: req.headers['content-type'] || '' }; diff --git a/package.json b/package.json index cc29147..28cf345 100755 --- a/package.json +++ b/package.json @@ -1,7 +1,7 @@ { "name": "hawk", "description": "HTTP Hawk Authentication Scheme", - "version": "0.14.0", + "version": "0.15.0", "author": "Eran Hammer (http://hueniverse.com)", "contributors": [], "repository": "git://github.com/hueniverse/hawk", diff --git a/test/server.js b/test/server.js index 404674f..3e92427 100755 --- a/test/server.js +++ b/test/server.js @@ -44,7 +44,7 @@ describe('Hawk', function () { url: '/resource/4?filter=a', host: 'example.com', port: 8080, - authorization: 'Hawk id="1", ts="1353788437", nonce="k3j4h2", mac="zy79QQ5/EYFmQqutVnYb73gAc/U=", ext="hello"', + authorization: 'Hawk id="1", ts="1353788437", nonce="k3j4h2", mac="zy79QQ5/EYFmQqutVnYb73gAc/U=", ext="hello"' }; Hawk.server.authenticate(req, credentialsFunc, { localtimeOffsetMsec: 1353788437000 - Hawk.utils.now() }, function (err, credentials, artifacts) { @@ -62,7 +62,7 @@ describe('Hawk', function () { url: '/resource/1?b=1&a=2', host: 'example.com', port: 8000, - authorization: 'Hawk id="dh37fgj492je", ts="1353832234", nonce="j4h3g2", mac="m8r1rHbXN6NgO+KIIhjO7sFRyd78RNGVUwehe8Cp2dU=", ext="some-app-data"', + authorization: 'Hawk id="dh37fgj492je", ts="1353832234", nonce="j4h3g2", mac="m8r1rHbXN6NgO+KIIhjO7sFRyd78RNGVUwehe8Cp2dU=", ext="some-app-data"' }; Hawk.server.authenticate(req, credentialsFunc, { localtimeOffsetMsec: 1353832234000 - Hawk.utils.now() }, function (err, credentials, artifacts) { @@ -73,6 +73,44 @@ describe('Hawk', function () { }); }); + it('should parse a valid authentication header (host override)', function (done) { + + var req = { + method: 'GET', + url: '/resource/4?filter=a', + headers: { + host: 'example1.com:8080', + authorization: 'Hawk id="1", ts="1353788437", nonce="k3j4h2", mac="zy79QQ5/EYFmQqutVnYb73gAc/U=", ext="hello"' + } + }; + + Hawk.server.authenticate(req, credentialsFunc, { host: 'example.com', localtimeOffsetMsec: 1353788437000 - Hawk.utils.now() }, function (err, credentials, artifacts) { + + expect(err).to.not.exist; + expect(credentials.user).to.equal('steve'); + done(); + }); + }); + + it('should parse a valid authentication header (host port override)', function (done) { + + var req = { + method: 'GET', + url: '/resource/4?filter=a', + headers: { + host: 'example1.com:80', + authorization: 'Hawk id="1", ts="1353788437", nonce="k3j4h2", mac="zy79QQ5/EYFmQqutVnYb73gAc/U=", ext="hello"' + } + }; + + Hawk.server.authenticate(req, credentialsFunc, { host: 'example.com', port: 8080, localtimeOffsetMsec: 1353788437000 - Hawk.utils.now() }, function (err, credentials, artifacts) { + + expect(err).to.not.exist; + expect(credentials.user).to.equal('steve'); + done(); + }); + }); + it('should parse a valid authentication header (POST with payload)', function (done) { var req = { @@ -80,7 +118,7 @@ describe('Hawk', function () { url: '/resource/4?filter=a', host: 'example.com', port: 8080, - authorization: 'Hawk id="123456", ts="1357926341", nonce="1AwuJD", hash="qAiXIVv+yjDATneWxZP2YCTa9aHRgQdnH9b3Wc+o3dg=", ext="some-app-data", mac="UeYcj5UoTVaAWXNvJfLVia7kU3VabxCqrccXP8sUGC4="', + authorization: 'Hawk id="123456", ts="1357926341", nonce="1AwuJD", hash="qAiXIVv+yjDATneWxZP2YCTa9aHRgQdnH9b3Wc+o3dg=", ext="some-app-data", mac="UeYcj5UoTVaAWXNvJfLVia7kU3VabxCqrccXP8sUGC4="' }; Hawk.server.authenticate(req, credentialsFunc, { localtimeOffsetMsec: 1357926341000 - Hawk.utils.now() }, function (err, credentials, artifacts) { @@ -98,7 +136,7 @@ describe('Hawk', function () { url: '/resource/1?b=1&a=2', host: 'example.com', port: 8000, - authorization: 'Hawk id="dh37fgj492je", ts="1353832234", nonce="j4h3g2", mac="m8r1rHbXN6NgO+KIIhjO7sFRyd78RNGVUwehe8Cp2dU=", ext="some-app-data"', + authorization: 'Hawk id="dh37fgj492je", ts="1353832234", nonce="j4h3g2", mac="m8r1rHbXN6NgO+KIIhjO7sFRyd78RNGVUwehe8Cp2dU=", ext="some-app-data"' }; Hawk.server.authenticate(req, credentialsFunc, { payload: 'body', localtimeOffsetMsec: 1353832234000 - Hawk.utils.now() }, function (err, credentials, artifacts) { @@ -116,7 +154,7 @@ describe('Hawk', function () { url: '/resource/4?filter=a', host: 'example.com', port: 8080, - authorization: 'Hawk id="123456", ts="1362337299", nonce="UzmxSs", ext="some-app-data", mac="wnNUxchvvryMH2RxckTdZ/gY3ijzvccx4keVvELC61w="', + authorization: 'Hawk id="123456", ts="1362337299", nonce="UzmxSs", ext="some-app-data", mac="wnNUxchvvryMH2RxckTdZ/gY3ijzvccx4keVvELC61w="' }; Hawk.server.authenticate(req, credentialsFunc, {}, function (err, credentials, artifacts) { @@ -146,7 +184,7 @@ describe('Hawk', function () { url: '/resource/4?filter=a', host: 'example.com', port: 8080, - authorization: 'Hawk id="123", ts="1353788437", nonce="k3j4h2", mac="bXx7a7p1h9QYQNZ8x7QhvDQym8ACgab4m3lVSFn4DBw=", ext="hello"', + authorization: 'Hawk id="123", ts="1353788437", nonce="k3j4h2", mac="bXx7a7p1h9QYQNZ8x7QhvDQym8ACgab4m3lVSFn4DBw=", ext="hello"' }; var memoryCache = {};