update
This commit is contained in:
@@ -81,35 +81,7 @@ export class BunqCrypto {
|
||||
}
|
||||
|
||||
/**
|
||||
* Create the signing string for bunq API requests
|
||||
*/
|
||||
public createSigningString(
|
||||
method: string,
|
||||
endpoint: string,
|
||||
headers: { [key: string]: string },
|
||||
body: string = ''
|
||||
): string {
|
||||
const sortedHeaderNames = Object.keys(headers)
|
||||
.filter(name => name.startsWith('X-Bunq-') || name === 'Cache-Control' || name === 'User-Agent')
|
||||
.sort();
|
||||
|
||||
let signingString = `${method} ${endpoint}\n`;
|
||||
|
||||
for (const headerName of sortedHeaderNames) {
|
||||
signingString += `${headerName}: ${headers[headerName]}\n`;
|
||||
}
|
||||
|
||||
signingString += '\n';
|
||||
|
||||
if (body) {
|
||||
signingString += body;
|
||||
}
|
||||
|
||||
return signingString;
|
||||
}
|
||||
|
||||
/**
|
||||
* Create request signature headers
|
||||
* Create request signature header (signs only body per bunq docs)
|
||||
*/
|
||||
public createSignatureHeader(
|
||||
method: string,
|
||||
@@ -117,12 +89,12 @@ export class BunqCrypto {
|
||||
headers: { [key: string]: string },
|
||||
body: string = ''
|
||||
): string {
|
||||
const signingString = this.createSigningString(method, endpoint, headers, body);
|
||||
return this.signData(signingString);
|
||||
// According to bunq docs, only sign the request body
|
||||
return this.signData(body);
|
||||
}
|
||||
|
||||
/**
|
||||
* Verify response signature
|
||||
* Verify response signature (signs only body per bunq API behavior)
|
||||
*/
|
||||
public verifyResponseSignature(
|
||||
statusCode: number,
|
||||
@@ -135,20 +107,8 @@ export class BunqCrypto {
|
||||
return false;
|
||||
}
|
||||
|
||||
// Create signing string for response
|
||||
const sortedHeaderNames = Object.keys(headers)
|
||||
.filter(name => name.startsWith('x-bunq-') && name !== 'x-bunq-server-signature')
|
||||
.sort();
|
||||
|
||||
let signingString = `${statusCode}\n`;
|
||||
|
||||
for (const headerName of sortedHeaderNames) {
|
||||
signingString += `${headerName}: ${headers[headerName]}\n`;
|
||||
}
|
||||
|
||||
signingString += '\n' + body;
|
||||
|
||||
return this.verifyData(signingString, responseSignature, serverPublicKey);
|
||||
// According to bunq API behavior, only the response body is signed
|
||||
return this.verifyData(body, responseSignature, serverPublicKey);
|
||||
}
|
||||
|
||||
/**
|
||||
|
||||
Reference in New Issue
Block a user