Prevent changes to options. Closes #218

lib/browser.js

@@ -159,7 +159,7 @@ hawk.client = {
             throw new Error('Invalid inputs');
         }
 
-        options.ext = (options.ext === null || options.ext === undefined ? '' : options.ext);       // Zero is valid value
+        const ext = (options.ext === null || options.ext === undefined ? '' : options.ext);       // Zero is valid value
 
         // Application time
 
@@ -194,12 +194,12 @@ hawk.client = {
             resource: uri.resource,                            // Maintain trailing '?' and query params
             host: uri.host,
             port: uri.port,
-            ext: options.ext
+            ext
         });
 
         // Construct bewit: id\exp\mac\ext
 
-        const bewit = credentials.id + '\\' + exp + '\\' + mac + '\\' + options.ext;
+        const bewit = credentials.id + '\\' + exp + '\\' + mac + '\\' + ext;
         return hawk.utils.base64urlEncode(bewit);
     },
 

lib/client.js

@@ -244,7 +244,7 @@ exports.getBewit = function (uri, options) {
         throw new Error('Invalid inputs');
     }
 
-    options.ext = (options.ext === null || options.ext === undefined ? '' : options.ext);       // Zero is valid value
+    const ext = (options.ext === null || options.ext === undefined ? '' : options.ext);       // Zero is valid value
 
     // Application time
 
@@ -281,12 +281,12 @@ exports.getBewit = function (uri, options) {
         resource: uri.pathname + (uri.search || ''),                            // Maintain trailing '?'
         host: uri.hostname,
         port: uri.port || (uri.protocol === 'http:' ? 80 : 443),
-        ext: options.ext
+        ext
     });
 
     // Construct bewit: id\exp\mac\ext
 
-    const bewit = credentials.id + '\\' + exp + '\\' + mac + '\\' + options.ext;
+    const bewit = credentials.id + '\\' + exp + '\\' + mac + '\\' + ext;
     return Hoek.base64urlEncode(bewit);
 };
 

lib/server.js

@@ -249,17 +249,15 @@ exports.authenticatePayloadHash = function (calculatedHash, artifacts) {
     }
 */
 
-exports.header = function (credentials, artifacts, options) {
+exports.header = function (credentials, artifacts, options = {}) {
 
     // Prepare inputs
 
-    options = options || {};
-
     if (!artifacts ||
         typeof artifacts !== 'object' ||
         typeof options !== 'object') {
 
-        return '';
+        throw new Error('Invalid inputs');
     }
 
     artifacts = Hoek.clone(artifacts);
@@ -273,12 +271,11 @@ exports.header = function (credentials, artifacts, options) {
         !credentials.key ||
         !credentials.algorithm) {
 
-        // Invalid credential object
-        return '';
+        throw new Error('Invalid credentials');
     }
 
     if (Crypto.algorithms.indexOf(credentials.algorithm) === -1) {
-        return '';
+        throw new Error('Unknown algorithm');
     }
 
     // Calculate payload hash

package.json

@@ -1,7 +1,7 @@
 {
   "name": "hawk",
   "description": "HTTP Hawk Authentication Scheme",
-  "version": "7.0.0",
+  "version": "7.0.1",
   "author": "Eran Hammer <eran@hammer.io> (http://hueniverse.com)",
   "repository": "git://github.com/hueniverse/hawk",
   "main": "lib/index.js",

test/server.js

@@ -703,8 +703,7 @@ describe('Server', () => {
                 user: 'steve'
             };
 
-            const header = Hawk.server.header(credentials, null, { payload: 'some reply', contentType: 'text/plain', ext: 'response-specific' });
-            expect(header).to.equal('');
+            expect(() => Hawk.server.header(credentials, null, { payload: 'some reply', contentType: 'text/plain', ext: 'response-specific' })).to.throw('Invalid inputs');
         });
 
         it('errors on invalid artifacts', () => {
@@ -716,8 +715,7 @@ describe('Server', () => {
                 user: 'steve'
             };
 
-            const header = Hawk.server.header(credentials, 5, { payload: 'some reply', contentType: 'text/plain', ext: 'response-specific' });
-            expect(header).to.equal('');
+            expect(() => Hawk.server.header(credentials, 5, { payload: 'some reply', contentType: 'text/plain', ext: 'response-specific' })).to.throw('Invalid inputs');
         });
 
         it('errors on missing credentials', () => {
@@ -735,8 +733,7 @@ describe('Server', () => {
                 id: '123456'
             };
 
-            const header = Hawk.server.header(null, artifacts, { payload: 'some reply', contentType: 'text/plain', ext: 'response-specific' });
-            expect(header).to.equal('');
+            expect(() => Hawk.server.header(null, artifacts, { payload: 'some reply', contentType: 'text/plain', ext: 'response-specific' })).to.throw('Invalid credentials');
         });
 
         it('errors on invalid credentials (key)', () => {
@@ -760,8 +757,7 @@ describe('Server', () => {
                 id: '123456'
             };
 
-            const header = Hawk.server.header(credentials, artifacts, { payload: 'some reply', contentType: 'text/plain', ext: 'response-specific' });
-            expect(header).to.equal('');
+            expect(() => Hawk.server.header(credentials, artifacts, { payload: 'some reply', contentType: 'text/plain', ext: 'response-specific' })).to.throw('Invalid credentials');
         });
 
         it('errors on invalid algorithm', () => {
@@ -786,8 +782,7 @@ describe('Server', () => {
                 id: '123456'
             };
 
-            const header = Hawk.server.header(credentials, artifacts, { payload: 'some reply', contentType: 'text/plain', ext: 'response-specific' });
-            expect(header).to.equal('');
+            expect(() => Hawk.server.header(credentials, artifacts, { payload: 'some reply', contentType: 'text/plain', ext: 'response-specific' })).to.throw('Unknown algorithm');
         });
     });