mirror of
https://github.com/imgproxy/imgproxy.git
synced 2024-11-29 08:22:11 +02:00
524434b63f
* Drop dependency + use built-in `base64url` [`create-hmac`](https://github.com/browserify/createHmac) is meant for compat between node and browser compat and was last updated in 2018. Computing the HMAC signature on the client (browser) does not make any sense in 99% of the use-cases, as the secrets would be needed on the client side. This means that we can drop browser support and just use the native node module, which is also exported by the `create-hmac` when running on node. `Buffer.toString()` also accepts "base64url" as an encoding, so we can drop the `urlSafeBase64` in favor of that. * Use encoder from hmac instance
21 lines
618 B
JavaScript
21 lines
618 B
JavaScript
import { createHmac } from 'node:crypto';
|
|
|
|
const KEY = '943b421c9eb07c830af81030552c86009268de4e532ba2ee2eab8247c6da0881'
|
|
const SALT = '520f986b998545b4785e0defbc4f3c1203f22de2374a3d53cb7a7fe9fea309c5'
|
|
|
|
const hexDecode = (hex) => Buffer.from(hex, 'hex')
|
|
|
|
const sign = (salt, target, secret) => {
|
|
const hmac = createHmac('sha256', hexDecode(secret))
|
|
hmac.update(hexDecode(salt))
|
|
hmac.update(target)
|
|
|
|
return hmac.digest('base64url')
|
|
}
|
|
|
|
const path = "/rs:fit:300:300/plain/http://img.example.com/pretty/image.jpg"
|
|
|
|
const signature = sign(SALT, path, KEY)
|
|
const result = `/${signature}${path}`
|
|
console.log(result)
|