#65 add ability to pass a custom header name

TritonDataCenter · Aug 25, 2017 · 38c1ae7 · 38c1ae7
1 parent 529441d
commit 38c1ae7
Show file tree

Hide file tree

Showing 4 changed files with 54 additions and 5 deletions.
diff --git a/lib/parser.js b/lib/parser.js
@@ -118,9 +118,12 @@ module.exports = {
     assert.arrayOfString(options.headers, 'options.headers');
     assert.optionalNumber(options.clockSkew, 'options.clockSkew');
 
-    if (!request.headers.authorization)
-      throw new MissingHeaderError('no authorization header present in ' +
-                                   'the request');
+    var authzHeaderName = options.authorizationHeaderName || 'authorization';
+
+    if (!request.headers[authzHeaderName]) {
+      throw new MissingHeaderError('no ' + authzHeaderName + ' header ' +
+                                   'present in the request');
+    }
 
     options.clockSkew = options.clockSkew || 300;
 
@@ -145,7 +148,7 @@ module.exports = {
       }
     };
 
-    var authz = request.headers.authorization;
+    var authz = request.headers[authzHeaderName];
     for (i = 0; i < authz.length; i++) {
       var c = authz.charAt(i);
 

diff --git a/lib/signer.js b/lib/signer.js
@@ -387,7 +387,9 @@ module.exports = {
       assert.notStrictEqual(signature, '', 'empty signature produced');
     }
 
-    request.setHeader('Authorization', sprintf(AUTHZ_FMT,
+    var authzHeaderName = options.authorizationHeaderName || 'Authorization';
+
+    request.setHeader(authzHeaderName, sprintf(AUTHZ_FMT,
                                                options.keyId,
                                                options.algorithm,
                                                options.headers.join(' '),

diff --git a/test/parser.test.js b/test/parser.test.js
@@ -311,6 +311,28 @@ test('valid default headers', function(t) {
 });
 
 
+test('valid custom authorizationHeaderName', function(t) {
+  server.tester = function(req, res) {
+    try {
+      httpSignature.parseRequest(req, { authorizationHeaderName: 'x-auth' });
+    } catch (e) {
+      t.fail(e.stack);
+    }
+
+    res.writeHead(200);
+    res.end();
+  };
+
+  options.headers['x-auth'] =
+    'Signature keyId="foo",algorithm="rsa-sha256",signature="aaabbbbcccc"';
+  options.headers.Date = jsprim.rfc1123(new Date());
+  http.get(options, function(res) {
+    t.equal(res.statusCode, 200);
+    t.end();
+  });
+});
+
+
 test('explicit headers missing', function(t) {
   server.tester = function(req, res) {
     try {

diff --git a/test/signer.test.js b/test/signer.test.js
@@ -82,6 +82,28 @@ test('defaults', function(t) {
   req.end();
 });
 
+test('with custom authorizationHeaderName', function(t) {
+  var req = http.request(httpOptions, function(res) {
+    t.end();
+  });
+  req._stringToSign = null;
+  var opts = Object.create(signOptions);
+  opts.authorizationHeaderName = 'x-auths';
+  t.ok(httpSignature.sign(req, opts));
+  var authz = req.getHeader('x-auths');
+  t.ok(authz);
+
+  t.strictEqual(typeof (req._stringToSign), 'string');
+  t.ok(req._stringToSign.match(/^date: [^\n]*$/));
+
+  var key = sshpk.parsePrivateKey(rsaPrivate);
+  var sig = key.createSign().update(req._stringToSign).sign();
+  t.ok(authz.indexOf(sig.toString()) !== -1);
+
+  console.log('> ' + authz);
+  req.end();
+});
+
 
 test('request line strict unspecified', function(t) {
   var req = http.request(httpOptions, function(res) {