npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2024 – Pkg Stats / Ryan Hefner

akamai-edgeauth

v0.2.0

Published

Akamai Edge Authorization Token for Property Manager Behavior

Downloads

12,161

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

asciineoasciineo

Keywords

edgeauthakamaitokenauthorizationproperty manager

Readme

Akamai-EdgeAuth: Akamai Edge Authorization Token for Node

npm package Build Status License

npm package

Akamai-EdgeAuth is Akamai Edge Authorization Token in the HTTP Cookie, Query String and Header for a client. You can configure it in the Property Manager at https://control.akamai.com. It's the behaviors which is Auth Token 2.0 Verification and Segmented Media Protection.

Akamai-EdgeAuth supports for Node.js 4.0+

Installation

To install Akamai Edge Authorization Token with npm:

$ npm install akamai-edgeauth --save

Example

const EdgeAuth = require('akamai-edgeauth')
const http = require('http') // Module for the test


var EA_HOSTNAME = 'edgeauth.akamaized.net'
var EA_ENCRYPTION_KEY = 'YourEncryptionKey' 
var DURATION = 500 // seconds


// Function just for the simple test
function makeRequest(options, callback) {
    var request = http.request(options, (res) => {
        callback(res)
    })
    request.on('error', (err) => {
        callback(err)
    })
    request.end()
}
  • EA_ENCRYPTION_KEY must be hexadecimal digit string with even-length.
  • Don't expose EA_ENCRYPTION_KEY on the public repository.

URL parameter option

// [EXAMPLE 1] Cookie
var ea = new EdgeAuth({
    key: EA_ENCRYPTION_KEY,
    windowSeconds: DURATION,
    escapeEarly: true
})
var token = ea.generateURLToken("/akamai/edgeauth")
var options = {
    hostname: EA_HOSTNAME,
    path: '/akamai/edgeauth',
    'Cookie': `${ea.options.tokenName}=${token}`
}
makeRequest(options, function(res) {
    console.log(res.statusCode) // If pass, it won't response 403 code.
})

// [EXAMPLE 2] Query string
token = ea.generateURLToken("/akamai/edgeauth")
options = {
    hostname: EA_HOSTNAME,
    path: `/akamai/edgeauth?${ea.options.tokenName}=${token}`
}
makeRequest(options, function(res) {
    console.log(res.statusCode)
})

  • 'Escape token input' option in the Property Manager corresponds to 'escapeEarly' in the code.
    Escape token input (on) == escapeEarly (true)
    Escape token input (off) == escapeEarly (false)

  • In [Example 2] for Query String, it's only okay for 'Ignore query string' option (on).

  • If you want to 'Ignore query string' option (off) using query string as your token, Please contact your Akamai representative.

ACL(Access Control List) parameter option

// [EXAMPLE 1] Header using *
var ea = new EdgeAuth({
    key: EA_ENCRYPTION_KEY,
    windowSeconds: DURATION,
    escapeEarly: false
})
var token = ea.generateURLToken("/akamai/edgeauth/*")
var options = {
    hostname: EA_HOSTNAME,
    path: "/akamai/edgeauth/something",
    headers: {[ea.options.tokenName]: token}
}
makeRequest(options, function(res) {
    console.log(res.statusCode)
})


// [EXAMPLE 2] Cookie using ACL delimiter
var ea = new EdgeAuth({
    key: EA_ENCRYPTION_KEY,
    windowSeconds: DURATION,
    escapeEarly: false
})
var acl = ["/akamai/edgeauth/??", "/akamai/edgeauth/list/*"]
var token = ea.generateURLToken(acl)
var options = {
    hostname: EA_HOSTNAME,
    path: "/akamai/edgeauth/22",
    Cookie: `${ea.options.tokenName}: ${token}`
}
makeRequest(options, function(res) {
    console.log(res.statusCode)
})
  • ACL can use the wildcard(*, ?) in the path.
  • Don't use '!' in your path because it's ACL Delimiter
  • Use 'escapeEarly=false' as default setting but it doesn't matter turning on/off 'Escape token input' option in the Property Manager

Usage

EdgeAuth Class

class EdgeAuth {
    constructor(options) {}
}

| Parameter | Description | |-----------|-------------| | options.tokenType | Select a preset. (Not Supported Yet) | | options.tokenName | Parameter name for the new token. [ Default: __token__ ] | | options.key | Secret required to generate the token. It must be hexadecimal digit string with even-length. | | options.algorithm | Algorithm to use to generate the token. ('sha1', 'sha256', or 'md5') [ Default: 'sha256' ] | | options.salt | Additional data validated by the token but NOT included in the token body. (It will be deprecated) | | options.startTime | What is the start time? (Use string 'now' for the current time) | | options.endTime | When does this token expire? endTime overrides windowSeconds | | options.windowSeconds | How long is this token valid for? | | options.fieldDelimiter | Character used to delimit token body fields. [ Default: ~ ] | | options.aclDelimiter | Character used to delimit acl. [ Default: ! ] | | options.escapeEarly | Causes strings to be url encoded before being used. | | options.verbose | Print all parameters. |

EdgeAuth's Method

generateURLToken(url) {}
generateACLToken(acl) {}

// both return the authorization token string.

| Parameter | Description | |-----------|-------------| | url | Single URL path (String) | | acl | Access Control List can use the wildcard(*, ?). It can be String (single path) or Array (multi paths) |

Others

If you use the Segmented Media Protection behavior in AMD(Adaptive Media Delivery) Product, tokenName(options.tokenName) should be 'hdnts'.

Command

You can use the command with cms-edgeauth.js in your terminal with commander to generate the token.

$ npm install commander --save
$ node cms-edgeauth.js --key YourEncryptionKey --window 5000 --url /hello/world --escape_early

Use -h or --help option for the detail.