Use v2 signing via truelayer-signing lib (#1)

alexheretic · web-flow · commit e8101dd80ec3 · 2021-11-01T16:42:37.000Z
diff --git a/main.js b/main.js
@@ -1,51 +1,36 @@
-const JWS = require('jws');
-
-const createJws = (certificateId, payload, privateKey) => JWS.sign({
-  header: {
-    alg: 'ES512',
-    kid: certificateId,
-  },
-  payload,
-  privateKey,
-});
-
-const detachContent = jws => {
-  const parts = jws.split('.');
-  return `${parts[0]}..${parts[2]}`;
-};
+const tlSigning = require('truelayer-signing');
 
 const addTlSignatureToRequest = context => {
-  const payload = context.request.getBodyText();
   const jwsIsRequired = context.request.getEnvironmentVariable('REQUIRE_JWS') === true;
-
   if (!jwsIsRequired) {
     console.log('no signing needed because the REQUIRE_JWS environment variable is either missing or !== true');
     return;
   }
 
-  // we only need signing for requests with a body
-  if (!payload) {
-    console.log('no signing needed because there is no payload');
-    return false;
-  }
-
   const certificateId = context.request.getEnvironmentVariable('CERTIFICATE_ID');
-
   if (!certificateId) {
     throw new Error('Missing required `CERTIFICATE_ID` environment variable.');
   }
 
   const privateKey = context.request.getEnvironmentVariable('PRIVATE_KEY');
-
   if (!privateKey) {
     throw new Error('Missing required `PRIVATE_KEY` environment variable.');
   }
 
-  const jws = createJws(certificateId, payload, privateKey);
-  const jwsWithDetachedContent = detachContent(jws);
-  context.request.setHeader('X-Tl-Signature', jwsWithDetachedContent);
+  let idempotencyKey = context.request.getHeader("Idempotency-Key");
+
+  let v2Signature = tlSigning.sign({
+    kid: certificateId,
+    privateKeyPem: privateKey,
+    method: context.request.getMethod(),
+    path: new URL(context.request.getUrl()).pathname,
+    body: context.request.getBodyText(),
+    headers: idempotencyKey ? { "Idempotency-Key": idempotencyKey } : {},
+  });
+  context.request.setHeader('Tl-Signature', v2Signature);
 }
 
+
 module.exports.requestHooks = [
   addTlSignatureToRequest
-];
+];
diff --git a/package-lock.json b/package-lock.json
diff --git a/package.json b/package.json
@@ -16,7 +16,7 @@
     "description": "Adds a JSON Web Signature header to HTTP requests by using the request body as detached payload."
   },
   "dependencies": {
-    "jws": "^4.0.0"
+    "truelayer-signing": "^0.1.0"
   },
   "devDependencies": {}
 }

Original file line number	Diff line number	Diff line change
`@@ -16,7 +16,7 @@`
`16`	`16`	`"description": "Adds a JSON Web Signature header to HTTP requests by using the request body as detached payload."`
`17`	`17`	`},`
`18`	`18`	`"dependencies": {`
`19`		`- "jws": "^4.0.0"`
	`19`	`+ "truelayer-signing": "^0.1.0"`
`20`	`20`	`},`
`21`	`21`	`"devDependencies": {}`
`22`	`22`	`}`