116 lines
34 KiB
JSON
116 lines
34 KiB
JSON
|
{
|
||
|
"_args": [
|
||
|
[
|
||
|
{
|
||
|
"raw": "hawk@~6.0.2",
|
||
|
"scope": null,
|
||
|
"escapedName": "hawk",
|
||
|
"name": "hawk",
|
||
|
"rawSpec": "~6.0.2",
|
||
|
"spec": ">=6.0.2 <6.1.0",
|
||
|
"type": "range"
|
||
|
},
|
||
|
"/home/jdaugherty/work/GT2/GT2-Android/node_modules/request"
|
||
|
]
|
||
|
],
|
||
|
"_from": "hawk@>=6.0.2 <6.1.0",
|
||
|
"_id": "hawk@6.0.2",
|
||
|
"_inCache": true,
|
||
|
"_location": "/hawk",
|
||
|
"_nodeVersion": "8.1.4",
|
||
|
"_npmOperationalInternal": {
|
||
|
"host": "s3://npm-registry-packages",
|
||
|
"tmp": "tmp/hawk-6.0.2.tgz_1500338423954_0.2481594004202634"
|
||
|
},
|
||
|
"_npmUser": {
|
||
|
"name": "hueniverse",
|
||
|
"email": "eran@hammer.io"
|
||
|
},
|
||
|
"_npmVersion": "5.3.0",
|
||
|
"_phantomChildren": {},
|
||
|
"_requested": {
|
||
|
"raw": "hawk@~6.0.2",
|
||
|
"scope": null,
|
||
|
"escapedName": "hawk",
|
||
|
"name": "hawk",
|
||
|
"rawSpec": "~6.0.2",
|
||
|
"spec": ">=6.0.2 <6.1.0",
|
||
|
"type": "range"
|
||
|
},
|
||
|
"_requiredBy": [
|
||
|
"/request"
|
||
|
],
|
||
|
"_resolved": "https://registry.npmjs.org/hawk/-/hawk-6.0.2.tgz",
|
||
|
"_shasum": "af4d914eb065f9b5ce4d9d11c1cb2126eecc3038",
|
||
|
"_shrinkwrap": null,
|
||
|
"_spec": "hawk@~6.0.2",
|
||
|
"_where": "/home/jdaugherty/work/GT2/GT2-Android/node_modules/request",
|
||
|
"author": {
|
||
|
"name": "Eran Hammer",
|
||
|
"email": "eran@hammer.io",
|
||
|
"url": "http://hueniverse.com"
|
||
|
},
|
||
|
"babel": {
|
||
|
"presets": [
|
||
|
"es2015"
|
||
|
]
|
||
|
},
|
||
|
"browser": "dist/browser.js",
|
||
|
"bugs": {
|
||
|
"url": "https://github.com/hueniverse/hawk/issues"
|
||
|
},
|
||
|
"dependencies": {
|
||
|
"boom": "4.x.x",
|
||
|
"cryptiles": "3.x.x",
|
||
|
"hoek": "4.x.x",
|
||
|
"sntp": "2.x.x"
|
||
|
},
|
||
|
"description": "HTTP Hawk Authentication Scheme",
|
||
|
"devDependencies": {
|
||
|
"babel-cli": "^6.1.2",
|
||
|
"babel-preset-es2015": "^6.1.2",
|
||
|
"code": "4.x.x",
|
||
|
"lab": "14.x.x"
|
||
|
},
|
||
|
"directories": {},
|
||
|
"dist": {
|
||
|
"integrity": "sha512-miowhl2+U7Qle4vdLqDdPt9m09K6yZhkLDTWGoUiUzrQCn+mHHSmfJgAyGaLRZbPmTqfFFjRV1QWCW0VWUJBbQ==",
|
||
|
"shasum": "af4d914eb065f9b5ce4d9d11c1cb2126eecc3038",
|
||
|
"tarball": "https://registry.npmjs.org/hawk/-/hawk-6.0.2.tgz"
|
||
|
},
|
||
|
"engines": {
|
||
|
"node": ">=4.5.0"
|
||
|
},
|
||
|
"gitHead": "d251edf711826e961ee6267d29a7fa50ff8cf9d0",
|
||
|
"homepage": "https://github.com/hueniverse/hawk#readme",
|
||
|
"keywords": [
|
||
|
"http",
|
||
|
"authentication",
|
||
|
"scheme",
|
||
|
"hawk"
|
||
|
],
|
||
|
"license": "BSD-3-Clause",
|
||
|
"main": "lib/index.js",
|
||
|
"maintainers": [
|
||
|
{
|
||
|
"name": "hueniverse",
|
||
|
"email": "eran@hueniverse.com"
|
||
|
}
|
||
|
],
|
||
|
"name": "hawk",
|
||
|
"optionalDependencies": {},
|
||
|
"readme": "![hawk Logo](https://raw.github.com/hueniverse/hawk/master/images/hawk.png)\n\n<img align=\"right\" src=\"https://raw.github.com/hueniverse/hawk/master/images/logo.png\" /> **Hawk** is an HTTP authentication scheme using a message authentication code (MAC) algorithm to provide partial\nHTTP request cryptographic verification. For more complex use cases such as access delegation, see [Oz](https://github.com/hueniverse/oz).\n\nCurrent version: **6.x**\n\nNote: 6.x, 5.x, 4.x, 3.x, and 2.x are the same exact protocol as 1.1. The version increments reflect changes in the node API.\n\n[![Build Status](https://travis-ci.org/hueniverse/hawk.svg?branch=master)](https://travis-ci.org/hueniverse/hawk)\n\n# Table of Content\n\n- [**Introduction**](#introduction)\n - [Replay Protection](#replay-protection)\n - [Usage Example](#usage-example)\n - [Protocol Example](#protocol-example)\n - [Payload Validation](#payload-validation)\n - [Response Payload Validation](#response-payload-validation)\n - [Browser Support and Considerations](#browser-support-and-considerations)\n- [**Single URI Authorization**](#single-uri-authorization)\n - [Usage Example](#bewit-usage-example)\n- [**Security Considerations**](#security-considerations)\n - [MAC Keys Transmission](#mac-keys-transmission)\n - [Confidentiality of Requests](#confidentiality-of-requests)\n - [Spoofing by Counterfeit Servers](#spoofing-by-counterfeit-servers)\n - [Plaintext Storage of Credentials](#plaintext-storage-of-credentials)\n - [Entropy of Keys](#entropy-of-keys)\n - [Coverage Limitations](#coverage-limitations)\n - [Future Time Manipulation](#future-time-manipulation)\n - [Client Clock Poisoning](#client-clock-poisoning)\n - [Bewit Limitations](#bewit-limitations)\n - [Host Header Forgery](#host-header-forgery)\n- [**Frequently Asked Questions**](#frequently-asked-questions)\n- [**Implementations**](#implementations)\n- [**Acknowledgements**](#acknowledgements)\n\n# Introduction\n\n**Hawk** is an HTTP authentication scheme providing mechanisms for making authenticated HTTP requests with\npartial cryptographic verification of the request and response, covering the HTTP method, request URI, host,\nand optionally the request payload.\n\nSimilar to the HTTP [Digest access authentication schemes](http://www.ietf.org/rfc/rfc2617.txt), **Hawk** uses a set of\nclient credentials which include an identifier (e.g. username) and key (e.g. password). Likewise, just as with the Digest scheme,\nthe key is never included in authenticated requests. Instead, it is used to calculate a request MAC value which is\nincluded in its place.\n\nHowever, **Hawk** has several differences from Digest. In particular, while both use a nonce to limit the possibility of\nreplay attacks, in **Hawk** the client generates the nonce and uses it in combination with a timestamp, leading to less\n\"chattiness\" (interaction with the server).\n\nAlso unlike Digest, this scheme is not intended to protect the key itself (the password in Digest) because\nthe client and server must both have access to the key material in the clear.\n\nThe primary design goals of this scheme are to:\n* simplify and improve HTTP authentication for services that are unwilling or unable to deploy TLS for all resources,\n* secure credentials against leakage (e.g., when the client uses some form of dynamic configuration to determine where\n to send an authenticated request), and\n* avoid the exposure of credentials sent to a malicious server over an unauthenticated secure channel due to client\n failure to validate the server's identity as part of its TLS handshake.\n\nIn addition, **Hawk** supports a method for granting third-parties temporary access to individual resources using\na query parameter called _bewit_ (in falconry, a leather strap used to attach a tracking device to the leg of a hawk).\n\nThe **Hawk** scheme requires the establishment of a shared symmetric key between the client and the server,\nwhich is beyond the scope of this module. Typically, the shared credentials are established via
|
||
|
"readmeFilename": "README.md",
|
||
|
"repository": {
|
||
|
"type": "git",
|
||
|
"url": "git://github.com/hueniverse/hawk.git"
|
||
|
},
|
||
|
"scripts": {
|
||
|
"build-client": "mkdir -p dist; babel lib/browser.js --out-file dist/browser.js",
|
||
|
"prepublish": "npm run-script build-client",
|
||
|
"test": "lab -a code -t 100 -L",
|
||
|
"test-cov-html": "lab -a code -r html -o coverage.html"
|
||
|
},
|
||
|
"version": "6.0.2"
|
||
|
}
|