timkelty/worker-httpsig.ts

## worker-httpsig.ts
import {httpbis} from 'http-message-signatures';

function createMyVerifier() {
	return {
		id: 'test-key',
		algs: ['hmac-sha256'],
		async verify(data, signature, parameters) {
			const keyData = new TextEncoder().encode('123456789');
			const algorithm = { name: 'HMAC', hash: 'SHA-256' };
			const key = await crypto.subtle.importKey('raw', keyData, algorithm, false, ['verify']);
			const encodedData = new TextEncoder().encode(data);
			return await crypto.subtle.verify('HMAC', key, signature, encodedData);
		},
	};
}

(async () => {
	// an example keystore for looking up keys by ID
	const keys = new Map();
	keys.set('test-key', {
		id: 'test-key',
		algs: ['hmac-sha256'],
		// as with signing, you can provide your own verifier here instead of using the built-in helpers
		verify: createMyVerifier(),
	});
	// minimal verification
	const verified = await httpbis.verifyMessage({
		// logic for finding a key based on the signature parameters
		async keyLookup(params) {
			const keyId = params.keyid;
			// lookup and return key - note, we could also lookup using the alg too (`params.alg`)
			// if there is no key, `verifyMessage()` will throw an error
			return keys.get(keyId);
		},
	}, {
		method: 'HEAD',
		url: 'https://spoke-chain-redux-main-396d681a.preview.craftstaging.cloud/',
		headers: {
			'host': 'spoke-chain-redux-main-396d681a.preview.craftstaging.cloud',
			'signature': 'sig=:IrkNB32AXmg1bdgPh9QqzCZRe8hMX+73w/eUN0KWP2c=:',
			'signature-input': 'sig=("host" "@method");alg="hmac-sha256";keyid="test-key"',
		},
	});
})().catch(console.error);
	import {httpbis} from 'http-message-signatures';

	function createMyVerifier() {
	return {
	id: 'test-key',
	algs: ['hmac-sha256'],
	async verify(data, signature, parameters) {
	const keyData = new TextEncoder().encode('123456789');
	const algorithm = { name: 'HMAC', hash: 'SHA-256' };
	const key = await crypto.subtle.importKey('raw', keyData, algorithm, false, ['verify']);
	const encodedData = new TextEncoder().encode(data);
	return await crypto.subtle.verify('HMAC', key, signature, encodedData);
	},
	};
	}

	(async () => {
	// an example keystore for looking up keys by ID
	const keys = new Map();
	keys.set('test-key', {
	id: 'test-key',
	algs: ['hmac-sha256'],
	// as with signing, you can provide your own verifier here instead of using the built-in helpers
	verify: createMyVerifier(),
	});
	// minimal verification
	const verified = await httpbis.verifyMessage({
	// logic for finding a key based on the signature parameters
	async keyLookup(params) {
	const keyId = params.keyid;
	// lookup and return key - note, we could also lookup using the alg too (`params.alg`)
	// if there is no key, `verifyMessage()` will throw an error
	return keys.get(keyId);
	},
	}, {
	method: 'HEAD',
	url: 'https://spoke-chain-redux-main-396d681a.preview.craftstaging.cloud/',
	headers: {
	'host': 'spoke-chain-redux-main-396d681a.preview.craftstaging.cloud',
	'signature': 'sig=:IrkNB32AXmg1bdgPh9QqzCZRe8hMX+73w/eUN0KWP2c=:',
	'signature-input': 'sig=("host" "@method");alg="hmac-sha256";keyid="test-key"',
	},
	});
	})().catch(console.error);