You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
* chore: create basic test scaffolding
* chore: add runtypes
* chore: update eslint rules for spread
* feat: add create-signature
* docs: insert script type information
* refactor: use nicer hex digest encoding for keys
* feat: introduce signed headers
* docs: update create-signature docs
* feat: only allow 64 chars long secret
* feat: add request verification
* docs: document is-verified-request
* chore: expose is-verified-request
* test: check that verification fails with different secrets
* refactor: get rid of signed headers and use alphabetical order
* feat: do not verify old requests
* fix: include timestamp in signed headers
* docs: improve documentation
* docs: improve documentation with categories
* test: add ts-ignore for js code testing
* refactor: contentful signing header -> contentful header
* fix: replace contentful headers with new ones and let validator do the rest
This includes:
* fix typings to always expect signed headers
* streamline test mocks
* feat: export also signed headers from sign method
* docs: add explanatory comment
* feat: handle headers sorted lower than x-contentful
* refactor: is verified -> verify
<li>Defined in <ahref="https://github.com/contentful/node-apps-toolkit/blob/master/src/keys/get-management-token.ts#L140">get-management-token.ts:140</a></li>
92
+
<li>Defined in <ahref="https://github.com/contentful/node-apps-toolkit/blob/master/src/keys/get-management-token.ts#L144">keys/get-management-token.ts:144</a></li>
Pass <code>reuseToken: false</code> in the options for <code>getManagementToken</code> to disable this feature.</p>
95
100
</div>
96
101
<p>NodeJS Contentful Apps need a management token to interact with Contentful's APIs.
97
-
Creating a management token requires a key pair to be regsitered for the app, follow <ahref="http://contentful./developers/docs/references/content-management-api/#/reference/app-keys/app-keys">this link</a> for more information on key pairs.
98
-
Once a key pair is registered the getManagementToken function can be used to generate a valid token.</p>
102
+
Creating a management token requires a key pair to be registered for the app, follow
<li>Defined in <ahref="https://github.com/contentful/node-apps-toolkit/blob/master/src/requests/sign-request.ts#L104">requests/sign-request.ts:104</a></li>
141
+
</ul>
142
+
</aside>
143
+
<divclass="tsd-comment tsd-typography">
144
+
<divclass="lead">
145
+
<p>Given a secret, a canonical request and a timestamp, generates a signature.
146
+
It can be used to verify canonical requests to assess authenticity of the
<li>Defined in <ahref="https://github.com/contentful/node-apps-toolkit/blob/master/src/requests/verify-request.ts#L53">requests/verify-request.ts:53</a></li>
217
+
</ul>
218
+
</aside>
219
+
<divclass="tsd-comment tsd-typography">
220
+
<divclass="lead">
221
+
<p>Given a secret verifies a CanonicalRequest. Throws when signature is older than <code>rawTimeToLive</code> seconds.
222
+
Pass <code>rawTimeToLive = 0</code> to disable TTL checks.</p>
<p>The <code>node-apps-toolkit</code> is a growing collection of helpers and utilities for building <ahref="https://www.contentful.com/developers/docs/extensibility/app-framework/">Contentful Apps</a> with Node.js.</p>
<p>We're excited to expand this toolkit with new features. If you have any suggestions or requests for features you'd like to see please create an issue in this repo!</p>
87
+
<p>We're excited to expand this toolkit with new features. If you have any suggestions or requests for features you'd like to see, please <ahref="https://github.com/contentful/node-apps-toolkit/issues/new">create an issue</a> in this repo.</p>
0 commit comments