diff --git a/examples/verification-workers/src/index.ts b/examples/verification-workers/src/index.ts index 048b489..a314339 100644 --- a/examples/verification-workers/src/index.ts +++ b/examples/verification-workers/src/index.ts @@ -114,7 +114,7 @@ export default { }, // On a schedule, send a web-bot-auth signed request to a target endpoint async scheduled(ctx, env, ectx) { - const headers = { "Signature-Agent": env.SIGNATURE_AGENT }; + const headers = { "Signature-Agent": JSON.stringify(env.SIGNATURE_AGENT) }; const request = new Request(env.TARGET_URL, { headers }); const created = new Date(ctx.scheduledTime); const expires = new Date(created.getTime() + 300_000); diff --git a/packages/web-bot-auth/scripts/test-vectors.ts b/packages/web-bot-auth/scripts/test-vectors.ts index fbf1ab9..b342189 100644 --- a/packages/web-bot-auth/scripts/test-vectors.ts +++ b/packages/web-bot-auth/scripts/test-vectors.ts @@ -43,7 +43,7 @@ async function generateTestVectors(jwk: JsonWebKey): Promise { const nonceWithAgent = generateNonce(); const labelWithAgent = "sig2"; request = new Request(ORIGIN_URL, { - headers: { "Signature-Agent": SIGNATURE_AGENT_DOMAIN }, + headers: { "Signature-Agent": JSON.stringify(SIGNATURE_AGENT_DOMAIN) }, }); const signedHeadersWithAgent = await signatureHeaders(request, signer, { created, @@ -72,7 +72,7 @@ async function generateTestVectors(jwk: JsonWebKey): Promise { label: labelWithAgent, signature: signedHeadersWithAgent["Signature"], signature_input: signedHeadersWithAgent["Signature-Input"], - signature_agent: SIGNATURE_AGENT_DOMAIN, + signature_agent: request.headers.get("Signature-Agent"), }, ]; } diff --git a/packages/web-bot-auth/test/test_data/web_bot_auth_architecture_v1.json b/packages/web-bot-auth/test/test_data/web_bot_auth_architecture_v1.json index 89852af..80b77a9 100644 --- a/packages/web-bot-auth/test/test_data/web_bot_auth_architecture_v1.json +++ b/packages/web-bot-auth/test/test_data/web_bot_auth_architecture_v1.json @@ -16,10 +16,10 @@ "target_url": "https://example.com/path/to/resource", "created_ms": 1735689600000, "expires_ms": 1735693200000, - "nonce": "VWVqoo2bMPlekOx7xwJ2XjFsB6otZZjadh1Yy/USTQDArX3vhLS2tVkZM7uynqPbHmRfAUZ5jnEX9wZ7NODiBw==", + "nonce": "kUgU5/WD/XQW+kDflQzZRy1o5B6pst6LMPdk7/TuZD/+1XOmW6w6ZtEEUKy9QMdJPoe4FPYHNIVGFvIltPvDlg==", "label": "sig1", - "signature": "sig1=:j7b33aGZs9JjA7OSLeM4PazwTJU8xG0N6NP4S1EsZiGi2YrvB0KOHCZbriq76NLXDfge8liqVLRdr5H0QQwgFfKoq/rNjImQMIE2ZhxDPJc4GMrqApsqoLg4i7A1yu9a5+ODrGzxH0OhniloJ7i3sl8wkD1TgtsR0fEg7M0zdUPVmcVB2AkTMWrqhDKg9puKjRiT9Z6pdr/3LJFcjbOqnyymimjK0YFVpr8RH3gv4NNtCdQEmBWhdgrZRr9xb0WlMHLGu+CT5vmCck4m8v7V9CuNR9ezp875QOLslOcUpiuhIKf/eW/BL1QlPDc9KoMYKdt/D0mGKb8fWafXbf4BDQ==:", - "signature_input": "sig1=(\"@authority\");created=1735689600;keyid=\"oD0HwocPBSfpNy5W3bpJeyFGY_IQ_YpqxSjQ3Yd-CLA\";alg=\"rsa-pss-sha512\";expires=1735693200;nonce=\"VWVqoo2bMPlekOx7xwJ2XjFsB6otZZjadh1Yy/USTQDArX3vhLS2tVkZM7uynqPbHmRfAUZ5jnEX9wZ7NODiBw==\";tag=\"web-bot-auth\"" + "signature": "sig1=:j/jyMKI1rzsdPgEUNUCywHqAhrOv+9YBlP7IYwL2zGaUNIbgSz6oIxNwlmX67zzk2MGSY16DMxgxzRIRpjK/cQvBziki75jTgRDJnuTXi+MqJq6aaLmKMkG6jP+bNPjZHm+y3pu2UzQTN+HeFu3VytJWNbpR/L1zgd9L6ajGBTcsbsKeFZRVsgiDuXmxiIV0EJ3KlNEo2HndXQBGif8bP2kzvr+ow5UnAZp50YoU2t6WwnoUR4TJo5QeR1m/PFrTBP0m35V9uFMofbdRYD52cZ4Vk7UpJCGsVqKdRKhHpr+BCcpRPfLjh6KfsKjWw7TtUNN150WfI9sl62YzAQrxsg==:", + "signature_input": "sig1=(\"@authority\");created=1735689600;keyid=\"oD0HwocPBSfpNy5W3bpJeyFGY_IQ_YpqxSjQ3Yd-CLA\";alg=\"rsa-pss-sha512\";expires=1735693200;nonce=\"kUgU5/WD/XQW+kDflQzZRy1o5B6pst6LMPdk7/TuZD/+1XOmW6w6ZtEEUKy9QMdJPoe4FPYHNIVGFvIltPvDlg==\";tag=\"web-bot-auth\"" }, { "key": { @@ -38,11 +38,11 @@ "target_url": "https://example.com/path/to/resource", "created_ms": 1735689600000, "expires_ms": 1735693200000, - "nonce": "p7UJcLF6Ym0Uon2QQNEezcK+WX63HsIWttaCkZ/824kOKCvmKZrqRLQgTmJmWYnTs67LpSRRxRjE//j9z1MdVg==", + "nonce": "zQqG4Jz7el1osEPrTQ4apGeQsgiRVJqKVFqoZGZKpwJl072new5V89KWz/HOk9xaZXhFoUn7SVFKRQfH4FtouQ==", "label": "sig2", - "signature": "sig2=:Fe+JhZi3Xh4wWeOvNQjTWC/D8piUAUqg2e2gtjaM4gN2pj4utROGgJ57DFq9nr7x83KlxzjXvjL8YAPsYI9ugpBMDu2xTvprYQLeL9Y83ucMGXdv7YxzmbgTRoUPjSpaU18AHiiaRjnd3DPLh5j3O4wE1q81dyDXJkktnf+IUG04chur+ylzohfmb9t+xY0BBOnwgC1dKRa7B3knwCUCTqrGVQOCvN13NYFdCCiRLEshG4BA/7O6PQOBmgiHyY43NEMf9hYwUW/tLgmc+6wukpU7kHJjPUFGVjj0P6o3Cgo78BP3M/eDEIvTdGKaHDnuoZ+CS+hBmQnYP5MPHeaLwA==:", - "signature_input": "sig2=(\"@authority\" \"signature-agent\");created=1735689600;keyid=\"oD0HwocPBSfpNy5W3bpJeyFGY_IQ_YpqxSjQ3Yd-CLA\";alg=\"rsa-pss-sha512\";expires=1735693200;nonce=\"p7UJcLF6Ym0Uon2QQNEezcK+WX63HsIWttaCkZ/824kOKCvmKZrqRLQgTmJmWYnTs67LpSRRxRjE//j9z1MdVg==\";tag=\"web-bot-auth\"", - "signature_agent": "signature-agent.test" + "signature": "sig2=:lZgN6S86Cq2695kl65sbrX49Wo31d9wgwjQ5hkEnDx0qmN8Lv1gC+RPNDEajaTWp3JFnvm6fsDjmRHaoe+rJiS0h/XPkohkCQQzjtse18K6ZY9gDjYyr4EvV4sC1FekTDvmVOxrR94RwbAWSzN0dqWkGihUVhSANjsZz9+BTa9LS31d29A86bwuZoLt5rWDVr6AjmRUm5zRdbfAFjApESlN0nBqoE7OcFzTIwU1HSJIooGpK/dXXbLEkImmjovrUUjPhtlOdumHte9tGuxw3bQhAj5UHEZhFyKIROR3DIl/xG5NCXXrf0YlGBhZiX6X1r3DmKZFptC5eMQov533RUQ==:", + "signature_input": "sig2=(\"@authority\" \"signature-agent\");created=1735689600;keyid=\"oD0HwocPBSfpNy5W3bpJeyFGY_IQ_YpqxSjQ3Yd-CLA\";alg=\"rsa-pss-sha512\";expires=1735693200;nonce=\"zQqG4Jz7el1osEPrTQ4apGeQsgiRVJqKVFqoZGZKpwJl072new5V89KWz/HOk9xaZXhFoUn7SVFKRQfH4FtouQ==\";tag=\"web-bot-auth\"", + "signature_agent": "\"signature-agent.test\"" }, { "key": { @@ -55,10 +55,10 @@ "target_url": "https://example.com/path/to/resource", "created_ms": 1735689600000, "expires_ms": 1735693200000, - "nonce": "gubxywVx7hzbYKatLgzuKDllDAIXAkz41PydU7aOY7vT+Mb3GJNxW0qD4zJ+IOQ1NVtg+BNbTCRUMt1Ojr5BgA==", + "nonce": "8h/a5vrCvY7xG5yLCI9RIAHyamcuP03yUX/Btdh8AiUuJwr9Kh+97TF9s9Pa1hp1fwiHcAxiO4lvEBVwtREItw==", "label": "sig1", - "signature": "sig1=:uz2SAv+VIemw+Oo890bhYh6Xf5qZdLUgv6/PbiQfCFXcX/vt1A8Pf7OcgL2yUDUYXFtffNpkEr5W6dldqFrkDg==:", - "signature_input": "sig1=(\"@authority\");created=1735689600;keyid=\"poqkLGiymh_W0uP6PZFw-dvez3QJT5SolqXBCW38r0U\";alg=\"ed25519\";expires=1735693200;nonce=\"gubxywVx7hzbYKatLgzuKDllDAIXAkz41PydU7aOY7vT+Mb3GJNxW0qD4zJ+IOQ1NVtg+BNbTCRUMt1Ojr5BgA==\";tag=\"web-bot-auth\"" + "signature": "sig1=:SirIfpOW8LJLz93n9y1FGdUvF0nE0MAQYPh/IRnKo+4fGBHtGlkmj5geLCe+M1YMTPahckF42gjTq05/s77NAA==:", + "signature_input": "sig1=(\"@authority\");created=1735689600;keyid=\"poqkLGiymh_W0uP6PZFw-dvez3QJT5SolqXBCW38r0U\";alg=\"ed25519\";expires=1735693200;nonce=\"8h/a5vrCvY7xG5yLCI9RIAHyamcuP03yUX/Btdh8AiUuJwr9Kh+97TF9s9Pa1hp1fwiHcAxiO4lvEBVwtREItw==\";tag=\"web-bot-auth\"" }, { "key": { @@ -71,10 +71,10 @@ "target_url": "https://example.com/path/to/resource", "created_ms": 1735689600000, "expires_ms": 1735693200000, - "nonce": "ZO3/XMEZjrvSnLtAP9M7jK0WGQf3J+pbmQRUpKDhF9/jsNCWqUh2sq+TH4WTX3/GpNoSZUa8eNWMKqxWp2/c2g==", + "nonce": "NRQCVgw8RXX4syek+k8DCq041zKwsWYOjKt76gnZZFMsYO4b5FcUo46uzl9jf+TiSrNadBXpUT1htY37crtIyg==", "label": "sig2", - "signature": "sig2=:bcWij+p0SZDQ0hF7Bk8scjEVRMJZlk1EzEHEHUzT58VbPWRrdIRYJgYerlC4fZ01v/hlsbnLvLDrrA5fBeb1CA==:", - "signature_input": "sig2=(\"@authority\" \"signature-agent\");created=1735689600;keyid=\"poqkLGiymh_W0uP6PZFw-dvez3QJT5SolqXBCW38r0U\";alg=\"ed25519\";expires=1735693200;nonce=\"ZO3/XMEZjrvSnLtAP9M7jK0WGQf3J+pbmQRUpKDhF9/jsNCWqUh2sq+TH4WTX3/GpNoSZUa8eNWMKqxWp2/c2g==\";tag=\"web-bot-auth\"", - "signature_agent": "signature-agent.test" + "signature": "sig2=:K0Icq30AYj8fOMyjc2nbQxhL2NV14YmSxGaoo0GuSdG6gsiJfHhSMgE86fPMDtL3DwQaIF8eB33dB3oedPzyBw==:", + "signature_input": "sig2=(\"@authority\" \"signature-agent\");created=1735689600;keyid=\"poqkLGiymh_W0uP6PZFw-dvez3QJT5SolqXBCW38r0U\";alg=\"ed25519\";expires=1735693200;nonce=\"NRQCVgw8RXX4syek+k8DCq041zKwsWYOjKt76gnZZFMsYO4b5FcUo46uzl9jf+TiSrNadBXpUT1htY37crtIyg==\";tag=\"web-bot-auth\"", + "signature_agent": "\"signature-agent.test\"" } ]