* @param {string} input * @param {Object[]} args * @returns {string}
(input, args)
| 51 | * @returns {string} |
| 52 | */ |
| 53 | run(input, args) { |
| 54 | if (!args[0].string) { |
| 55 | throw new OperationError("Secret key required"); |
| 56 | } |
| 57 | const key = Utils.convertToByteString(args[0].string, args[0].option); |
| 58 | const salt = Utils.convertToByteString(args[1].string || "cookie-session", args[1].option); |
| 59 | const algorithm = args[2] || "sha1"; |
| 60 | |
| 61 | const payloadB64 = toBase64(Utils.strToByteArray(JSON.stringify(input))); |
| 62 | const payload = payloadB64.replace(/\+/g, "-").replace(/\//g, "_").replace(/=/g, ""); |
| 63 | |
| 64 | const derivedKey = CryptoApi.getHmac(key, CryptoApi.getHasher(algorithm)); |
| 65 | derivedKey.update(salt); |
| 66 | |
| 67 | const currentTimeStamp = Math.ceil(Date.now() / 1000); |
| 68 | const buffer = new ArrayBuffer(4); |
| 69 | const view = new DataView(buffer); |
| 70 | view.setInt32(0, currentTimeStamp, false); |
| 71 | const bytes = new Uint8Array(buffer); |
| 72 | let binary = ""; |
| 73 | bytes.forEach(b => binary += String.fromCharCode(b)); |
| 74 | const timeB64 = toBase64(Utils.strToByteArray(binary)); |
| 75 | const time = timeB64.replace(/\+/g, "-").replace(/\//g, "_").replace(/=/g, ""); |
| 76 | |
| 77 | const data = Utils.convertToByteString(payload + "." + time, "utf8"); |
| 78 | const sign = CryptoApi.getHmac(derivedKey.finalize(), CryptoApi.getHasher(algorithm)); |
| 79 | sign.update(data); |
| 80 | |
| 81 | const signB64 = toBase64(sign.finalize()); |
| 82 | const sign64 = signB64.replace(/\+/g, "-").replace(/\//g, "_").replace(/=/g, ""); |
| 83 | |
| 84 | return payload + "." + time + "." + sign64; |
| 85 | } |
| 86 | } |
| 87 | |
| 88 |
nothing calls this directly
no test coverage detected