On 20/10/2014 11:26 PM, Manoj Kumar S wrote:
>
> Here is my implementation by adding payload at the server end and
> changing the contentType to application/json and method to post.
> But ‘options’ (third parameter) is empty, so the validation is not
> happening.
>
> Currently we don’t send either payload or hash to the server as the
> third parameter is empty.
> Could you please let me know what should be added to test for payload
> hash verification ?
>
> /Hawk.server.authenticate(req, credentialsFunc, { }, function (err,
> credentials, artifacts) {
As far as I can tell, you just need to put the submitted payload (i.e.
the body of the incoming request) in the options hash like this:
var options = { payload: <payload from incoming request> }
Hawk.server.authenticate(req, credentialsFunc, options, function(...){
... code as before ...
})
If you haven't already, you may also like to check the implementation of
calculatePayloadHash to be sure your implementation matches it in all
the details:
https://github.com/hueniverse/hawk/blob/master/lib/crypto.js#L89
Hope this helps,
Ryan
_______________________________________________
Dev-fxacct mailing list
[email protected]
https://mail.mozilla.org/listinfo/dev-fxacct
