How to use the @hapi/cryptiles.randomString function in @hapi/cryptiles

To help you get started, we’ve selected a few @hapi/cryptiles examples, based on popular ways it is used in public projects.

Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.

github hapijs / bell / lib / oauth.js View on Github external
}

        // Error if not https but cookie is secure

        if (protocol !== 'https' &&
            settings.isSecure) {

            return h.unauthenticated(Boom.internal('Invalid setting  - isSecure must be set to false for non-https server'), { credentials });
        }

        // Sign-in Initialization

        if (!request.query.code) {
            credentials.query = request.query;

            const nonce = Cryptiles.randomString(internals.nonceLength);
            const query = internals.resolveProviderParams(request, settings.providerParams);

            if (settings.allowRuntimeProviderParams) {
                Hoek.merge(query, request.query);
            }

            query.client_id = settings.clientId;
            query.response_type = 'code';
            query.redirect_uri = internals.location(request, protocol, settings.location);
            query.state = nonce;

            if (settings.runtimeStateCallback) {
                const runtimeState = settings.runtimeStateCallback(request);
                if (runtimeState) {
                    query.state += runtimeState;
                }
github hapijs / hawk / lib / client.js View on Github external
!credentials.id ||
        !credentials.key ||
        !credentials.algorithm) {

        throw new Boom('Invalid credentials');
    }

    if (Crypto.algorithms.indexOf(credentials.algorithm) === -1) {
        throw new Boom('Unknown algorithm');
    }

    // Calculate signature

    const artifacts = {
        ts: timestamp,
        nonce: options.nonce || Cryptiles.randomString(6),
        host,
        port,
        hash: Crypto.calculatePayloadHash(message, credentials.algorithm)
    };

    // Construct authorization

    const result = {
        id: credentials.id,
        ts: artifacts.ts,
        nonce: artifacts.nonce,
        hash: artifacts.hash,
        mac: Crypto.calculateMac('message', credentials, artifacts)
    };

    return result;
github hapijs / hawk / lib / client.js View on Github external
if (Crypto.algorithms.indexOf(credentials.algorithm) === -1) {
        throw new Boom('Unknown algorithm');
    }

    // Parse URI

    if (typeof uri === 'string') {
        uri = Url.parse(uri);
    }

    // Calculate signature

    const artifacts = {
        ts: timestamp,
        nonce: options.nonce || Cryptiles.randomString(6),
        method,
        resource: uri.pathname + (uri.search || ''),                            // Maintain trailing '?'
        host: uri.hostname,
        port: uri.port || (uri.protocol === 'http:' ? 80 : 443),
        hash: options.hash,
        ext: options.ext,
        app: options.app,
        dlg: options.dlg
    };

    // Calculate payload hash

    if (!artifacts.hash &&
        (options.payload || options.payload === '')) {

        artifacts.hash = Crypto.calculatePayloadHash(options.payload, credentials.algorithm, options.contentType);
github hapijs / bell / lib / oauth.js View on Github external
internals.Client.prototype._request = async function (method, uri, params, oauth, options) {

    method = method.toLowerCase();

    // Prepare generic OAuth parameters

    oauth.oauth_nonce = Cryptiles.randomString(internals.nonceLength);
    oauth.oauth_timestamp = Math.floor(Date.now() / 1000).toString();
    oauth.oauth_consumer_key = this.settings.clientId;
    oauth.oauth_signature_method = this.settings.signatureMethod;
    oauth.oauth_signature = this.signature(method, uri, params, oauth, options.secret);

    // Calculate OAuth header

    const requestOptions = {
        headers: {
            Authorization: internals.Client.header(oauth)
        }
    };

    if (params) {
        const paramsString = internals.queryString(params);
        if (method === 'get') {
github hapijs / crumb / lib / index.js View on Github external
const generate = function (request, h) {

            if (!request.plugins.crumb) {
                const crumb = Cryptiles.randomString(settings.size);
                h.state(settings.key, crumb, settings.cookieOptions);
                request.plugins.crumb = crumb;
            }

            return request.plugins.crumb;
        };
github hapijs / nes / lib / index.js View on Github external
internals.auth = function (server, settings) {

    const config = settings.auth;
    if (!config) {
        return;
    }

    if (config.type !== 'direct' &&
        !config.password) {

        config.password = Cryptiles.randomString(32);
    }

    if (config.type === 'cookie') {
        const cookieOptions = {
            isSecure: config.isSecure,
            isHttpOnly: config.isHttpOnly,
            isSameSite: config.isSameSite,
            path: config.path,
            domain: config.domain,
            ttl: config.ttl,
            encoding: 'iron',
            password: config.password,
            iron: config.iron
        };

        server.state(config.cookie, cookieOptions);
github hapijs / nes / lib / socket.js View on Github external
const res = await this.server.inject(shot);

    const response = {
        type: 'request',
        id: request.id,
        statusCode: res.statusCode,
        payload: res.result,
        headers: this._filterHeaders(res.headers)
    };

    const options = {};
    if (typeof res.result === 'string' &&
        res.headers['content-type'] &&
        res.headers['content-type'].match(/^application\/json/)) {

        const token = Cryptiles.randomString(32);
        options.replace = { [token]: res.result };
        response.payload = token;
    }

    return { response, options };
};

@hapi/cryptiles

General purpose crypto utilities

BSD-3-Clause
Latest version published 1 year ago

Package Health Score

78 / 100
Full package analysis