batuhan-basoglu/Kargi-Sitesi
1
1
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Deployed the page to Github Pages.

Browse source
This commit is contained in:
Batuhan Berk Başoğlu 2024-11-03 21:30:09 -05:00
parent 1d79754e93
commit 2c89899458
Signed by: batuhan-basoglu
SSH key fingerprint: SHA256:kEsnuHX+qbwhxSAXPUQ4ox535wFHu/hIRaa53FzxRpo
62797 changed files with 6551425 additions and 15279 deletions
Download patch file Download diff file Expand all files Collapse all files

26
node_modules/http-signature/lib/index.js generated vendored Normal file
View file

@ -0,0 +1,26 @@
// Copyright 2011 Joyent, Inc. All rights reserved.
var parser = require('./parser');
var signer = require('./signer');
var verify = require('./verify');
var util = require('./util');
///--- API
module.exports = {
parse: parser.parseRequest,
parseRequest: parser.parseRequest,
sign: signer.signRequest,
signRequest: signer.signRequest,
sshKeyToPEM: util.sshKeyToPEM,
sshKeyFingerprint: util.fingerprint,
pemToRsaSSHKey: util.pemToRsaSSHKey,
verify: verify.verifySignature,
verifySignature: verify.verifySignature
};

304
node_modules/http-signature/lib/parser.js generated vendored Normal file
View file

@ -0,0 +1,304 @@
// Copyright 2012 Joyent, Inc. All rights reserved.
var assert = require('assert-plus');
var util = require('util');
///--- Globals
var Algorithms = {
'rsa-sha1': true,
'rsa-sha256': true,
'rsa-sha512': true,
'dsa-sha1': true,
'hmac-sha1': true,
'hmac-sha256': true,
'hmac-sha512': true
};
var State = {
New: 0,
Params: 1
};
var ParamsState = {
Name: 0,
Quote: 1,
Value: 2,
Comma: 3
};
///--- Specific Errors
function HttpSignatureError(message, caller) {
if (Error.captureStackTrace)
Error.captureStackTrace(this, caller || HttpSignatureError);
this.message = message;
this.name = caller.name;
}
util.inherits(HttpSignatureError, Error);
function ExpiredRequestError(message) {
HttpSignatureError.call(this, message, ExpiredRequestError);
}
util.inherits(ExpiredRequestError, HttpSignatureError);
function InvalidHeaderError(message) {
HttpSignatureError.call(this, message, InvalidHeaderError);
}
util.inherits(InvalidHeaderError, HttpSignatureError);
function InvalidParamsError(message) {
HttpSignatureError.call(this, message, InvalidParamsError);
}
util.inherits(InvalidParamsError, HttpSignatureError);
function MissingHeaderError(message) {
HttpSignatureError.call(this, message, MissingHeaderError);
}
util.inherits(MissingHeaderError, HttpSignatureError);
///--- Exported API
module.exports = {
/**
* Parses the 'Authorization' header out of an http.ServerRequest object.
*
* Note that this API will fully validate the Authorization header, and throw
* on any error. It will not however check the signature, or the keyId format
* as those are specific to your environment. You can use the options object
* to pass in extra constraints.
*
* As a response object you can expect this:
*
* {
* "scheme": "Signature",
* "params": {
* "keyId": "foo",
* "algorithm": "rsa-sha256",
* "headers": [
* "date" or "x-date",
* "content-md5"
* ],
* "signature": "base64"
* },
* "signingString": "ready to be passed to crypto.verify()"
* }
*
* @param {Object} request an http.ServerRequest.
* @param {Object} options an optional options object with:
* - clockSkew: allowed clock skew in seconds (default 300).
* - headers: required header names (def: date or x-date)
* - algorithms: algorithms to support (default: all).
* @return {Object} parsed out object (see above).
* @throws {TypeError} on invalid input.
* @throws {InvalidHeaderError} on an invalid Authorization header error.
* @throws {InvalidParamsError} if the params in the scheme are invalid.
* @throws {MissingHeaderError} if the params indicate a header not present,
* either in the request headers from the params,
* or not in the params from a required header
* in options.
* @throws {ExpiredRequestError} if the value of date or x-date exceeds skew.
*/
parseRequest: function parseRequest(request, options) {
assert.object(request, 'request');
assert.object(request.headers, 'request.headers');
if (options === undefined) {
options = {};
}
if (options.headers === undefined) {
options.headers = [request.headers['x-date'] ? 'x-date' : 'date'];
}
assert.object(options, 'options');
assert.arrayOfString(options.headers, 'options.headers');
assert.optionalNumber(options.clockSkew, 'options.clockSkew');
if (!request.headers.authorization)
throw new MissingHeaderError('no authorization header present in ' +
'the request');
options.clockSkew = options.clockSkew || 300;
var i = 0;
var state = State.New;
var substate = ParamsState.Name;
var tmpName = '';
var tmpValue = '';
var parsed = {
scheme: '',
params: {},
signingString: '',
get algorithm() {
return this.params.algorithm.toUpperCase();
},
get keyId() {
return this.params.keyId;
}
};
var authz = request.headers.authorization;
for (i = 0; i < authz.length; i++) {
var c = authz.charAt(i);
switch (Number(state)) {
case State.New:
if (c !== ' ') parsed.scheme += c;
else state = State.Params;
break;
case State.Params:
switch (Number(substate)) {
case ParamsState.Name:
var code = c.charCodeAt(0);
// restricted name of A-Z / a-z
if ((code >= 0x41 && code <= 0x5a) || // A-Z
(code >= 0x61 && code <= 0x7a)) { // a-z
tmpName += c;
} else if (c === '=') {
if (tmpName.length === 0)
throw new InvalidHeaderError('bad param format');
substate = ParamsState.Quote;
} else {
throw new InvalidHeaderError('bad param format');
}
break;
case ParamsState.Quote:
if (c === '"') {
tmpValue = '';
substate = ParamsState.Value;
} else {
throw new InvalidHeaderError('bad param format');
}
break;
case ParamsState.Value:
if (c === '"') {
parsed.params[tmpName] = tmpValue;
substate = ParamsState.Comma;
} else {
tmpValue += c;
}
break;
case ParamsState.Comma:
if (c === ',') {
tmpName = '';
substate = ParamsState.Name;
} else {
throw new InvalidHeaderError('bad param format');
}
break;
default:
throw new Error('Invalid substate');
}
break;
default:
throw new Error('Invalid substate');
}
}
if (!parsed.params.headers || parsed.params.headers === '') {
if (request.headers['x-date']) {
parsed.params.headers = ['x-date'];
} else {
parsed.params.headers = ['date'];
}
} else {
parsed.params.headers = parsed.params.headers.split(' ');
}
// Minimally validate the parsed object
if (!parsed.scheme || parsed.scheme !== 'Signature')
throw new InvalidHeaderError('scheme was not "Signature"');
if (!parsed.params.keyId)
throw new InvalidHeaderError('keyId was not specified');
if (!parsed.params.algorithm)
throw new InvalidHeaderError('algorithm was not specified');
if (!parsed.params.signature)
throw new InvalidHeaderError('signature was not specified');
// Check the algorithm against the official list
parsed.params.algorithm = parsed.params.algorithm.toLowerCase();
if (!Algorithms[parsed.params.algorithm])
throw new InvalidParamsError(parsed.params.algorithm +
' is not supported');
// Build the signingString
for (i = 0; i < parsed.params.headers.length; i++) {
var h = parsed.params.headers[i].toLowerCase();
parsed.params.headers[i] = h;
if (h !== 'request-line') {
var value = request.headers[h];
if (!value)
throw new MissingHeaderError(h + ' was not in the request');
parsed.signingString += h + ': ' + value;
} else {
parsed.signingString +=
request.method + ' ' + request.url + ' HTTP/' + request.httpVersion;
}
if ((i + 1) < parsed.params.headers.length)
parsed.signingString += '\n';
}
// Check against the constraints
var date;
if (request.headers.date || request.headers['x-date']) {
if (request.headers['x-date']) {
date = new Date(request.headers['x-date']);
} else {
date = new Date(request.headers.date);
}
var now = new Date();
var skew = Math.abs(now.getTime() - date.getTime());
if (skew > options.clockSkew * 1000) {
throw new ExpiredRequestError('clock skew of ' +
(skew / 1000) +
's was greater than ' +
options.clockSkew + 's');
}
}
options.headers.forEach(function (hdr) {
// Remember that we already checked any headers in the params
// were in the request, so if this passes we're good.
if (parsed.params.headers.indexOf(hdr) < 0)
throw new MissingHeaderError(hdr + ' was not a signed header');
});
if (options.algorithms) {
if (options.algorithms.indexOf(parsed.params.algorithm) === -1)
throw new InvalidParamsError(parsed.params.algorithm +
' is not a supported algorithm');
}
return parsed;
}
};

178
node_modules/http-signature/lib/signer.js generated vendored Normal file
View file

@ -0,0 +1,178 @@
// Copyright 2012 Joyent, Inc. All rights reserved.
var assert = require('assert-plus');
var crypto = require('crypto');
var http = require('http');
var sprintf = require('util').format;
///--- Globals
var Algorithms = {
'rsa-sha1': true,
'rsa-sha256': true,
'rsa-sha512': true,
'dsa-sha1': true,
'hmac-sha1': true,
'hmac-sha256': true,
'hmac-sha512': true
};
var Authorization =
'Signature keyId="%s",algorithm="%s",headers="%s",signature="%s"';
///--- Specific Errors
function MissingHeaderError(message) {
this.name = 'MissingHeaderError';
this.message = message;
this.stack = (new Error()).stack;
}
MissingHeaderError.prototype = new Error();
function InvalidAlgorithmError(message) {
this.name = 'InvalidAlgorithmError';
this.message = message;
this.stack = (new Error()).stack;
}
InvalidAlgorithmError.prototype = new Error();
///--- Internal Functions
function _pad(val) {
if (parseInt(val, 10) < 10) {
val = '0' + val;
}
return val;
}
function _rfc1123() {
var date = new Date();
var months = ['Jan',
'Feb',
'Mar',
'Apr',
'May',
'Jun',
'Jul',
'Aug',
'Sep',
'Oct',
'Nov',
'Dec'];
var days = ['Sun', 'Mon', 'Tue', 'Wed', 'Thu', 'Fri', 'Sat'];
return days[date.getUTCDay()] + ', ' +
_pad(date.getUTCDate()) + ' ' +
months[date.getUTCMonth()] + ' ' +
date.getUTCFullYear() + ' ' +
_pad(date.getUTCHours()) + ':' +
_pad(date.getUTCMinutes()) + ':' +
_pad(date.getUTCSeconds()) +
' GMT';
}
///--- Exported API
module.exports = {
/**
* Adds an 'Authorization' header to an http.ClientRequest object.
*
* Note that this API will add a Date header if it's not already set. Any
* other headers in the options.headers array MUST be present, or this
* will throw.
*
* You shouldn't need to check the return type; it's just there if you want
* to be pedantic.
*
* @param {Object} request an instance of http.ClientRequest.
* @param {Object} options signing parameters object:
* - {String} keyId required.
* - {String} key required (either a PEM or HMAC key).
* - {Array} headers optional; defaults to ['date'].
* - {String} algorithm optional; defaults to 'rsa-sha256'.
* - {String} httpVersion optional; defaults to '1.1'.
* @return {Boolean} true if Authorization (and optionally Date) were added.
* @throws {TypeError} on bad parameter types (input).
* @throws {InvalidAlgorithmError} if algorithm was bad.
* @throws {MissingHeaderError} if a header to be signed was specified but
* was not present.
*/
signRequest: function signRequest(request, options) {
assert.object(request, 'request');
assert.object(options, 'options');
assert.optionalString(options.algorithm, 'options.algorithm');
assert.string(options.keyId, 'options.keyId');
assert.optionalArrayOfString(options.headers, 'options.headers');
assert.optionalString(options.httpVersion, 'options.httpVersion');
if (!request.getHeader('Date'))
request.setHeader('Date', _rfc1123());
if (!options.headers)
options.headers = ['date'];
if (!options.algorithm)
options.algorithm = 'rsa-sha256';
if (!options.httpVersion)
options.httpVersion = '1.1';
options.algorithm = options.algorithm.toLowerCase();
if (!Algorithms[options.algorithm])
throw new InvalidAlgorithmError(options.algorithm + ' is not supported');
var i;
var stringToSign = '';
for (i = 0; i < options.headers.length; i++) {
if (typeof (options.headers[i]) !== 'string')
throw new TypeError('options.headers must be an array of Strings');
var h = options.headers[i].toLowerCase();
if (h !== 'request-line') {
var value = request.getHeader(h);
if (!value) {
throw new MissingHeaderError(h + ' was not in the request');
}
stringToSign += h + ': ' + value;
} else {
stringToSign +=
request.method + ' ' + request.path + ' HTTP/' + options.httpVersion;
}
if ((i + 1) < options.headers.length)
stringToSign += '\n';
}
var alg = options.algorithm.match(/(hmac|rsa)-(\w+)/);
var signature;
if (alg[1] === 'hmac') {
var hmac = crypto.createHmac(alg[2].toUpperCase(), options.key);
hmac.update(stringToSign);
signature = hmac.digest('base64');
} else {
var signer = crypto.createSign(options.algorithm.toUpperCase());
signer.update(stringToSign);
signature = signer.sign(options.key, 'base64');
}
request.setHeader('Authorization', sprintf(Authorization,
options.keyId,
options.algorithm,
options.headers.join(' '),
signature));
return true;
}
};

42
node_modules/http-signature/lib/verify.js generated vendored Normal file
View file

@ -0,0 +1,42 @@
// Copyright 2011 Joyent, Inc. All rights reserved.
var assert = require('assert-plus');
var crypto = require('crypto');
///--- Exported API
module.exports = {
/**
* Simply wraps up the node crypto operations for you, and returns
* true or false. You are expected to pass in an object that was
* returned from `parse()`.
*
* @param {Object} parsedSignature the object you got from `parse`.
* @param {String} key either an RSA private key PEM or HMAC secret.
* @return {Boolean} true if valid, false otherwise.
* @throws {TypeError} if you pass in bad arguments.
*/
verifySignature: function verifySignature(parsedSignature, key) {
assert.object(parsedSignature, 'parsedSignature');
assert.string(key, 'key');
var alg = parsedSignature.algorithm.match(/(HMAC|RSA|DSA)-(\w+)/);
if (!alg || alg.length !== 3)
throw new TypeError('parsedSignature: unsupported algorithm ' +
parsedSignature.algorithm);
if (alg[1] === 'HMAC') {
var hmac = crypto.createHmac(alg[2].toUpperCase(), key);
hmac.update(parsedSignature.signingString);
return (hmac.digest('base64') === parsedSignature.params.signature);
} else {
var verify = crypto.createVerify(alg[0]);
verify.update(parsedSignature.signingString);
return verify.verify(key, parsedSignature.params.signature, 'base64');
}
}
};