{"id":21955202,"url":"https://github.com/voltone/plug_body_digest","last_synced_at":"2025-04-23T12:14:11.355Z","repository":{"id":47605760,"uuid":"231193426","full_name":"voltone/plug_body_digest","owner":"voltone","description":"Server side implementation of RFC3230 Instance Digests as a Plug","archived":false,"fork":false,"pushed_at":"2022-09-09T11:11:24.000Z","size":35,"stargazers_count":6,"open_issues_count":2,"forks_count":1,"subscribers_count":1,"default_branch":"master","last_synced_at":"2025-04-23T12:13:53.603Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"Elixir","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"bsd-3-clause","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/voltone.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2020-01-01T08:44:18.000Z","updated_at":"2023-08-24T20:11:29.000Z","dependencies_parsed_at":"2022-09-26T18:21:35.861Z","dependency_job_id":null,"html_url":"https://github.com/voltone/plug_body_digest","commit_stats":null,"previous_names":[],"tags_count":4,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/voltone%2Fplug_body_digest","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/voltone%2Fplug_body_digest/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/voltone%2Fplug_body_digest/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/voltone%2Fplug_body_digest/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/voltone","download_url":"https://codeload.github.com/voltone/plug_body_digest/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":250430595,"owners_count":21429324,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-11-29T07:29:49.353Z","updated_at":"2025-04-23T12:14:11.334Z","avatar_url":"https://github.com/voltone.png","language":"Elixir","funding_links":[],"categories":[],"sub_categories":[],"readme":"# PlugBodyDigest\n\n[![Github.com](https://github.com/voltone/plug_body_digest/workflows/CI/badge.svg)](https://github.com/voltone/plug_body_digest/actions)\n[![Hex.pm](https://img.shields.io/hexpm/v/plug_body_digest.svg)](https://hex.pm/packages/plug_body_digest)\n[![Hexdocs.pm](https://img.shields.io/badge/hex-docs-lightgreen.svg)](https://hexdocs.pm/plug_body_digest/)\n[![Hex.pm](https://img.shields.io/hexpm/dt/plug_body_digest.svg)](https://hex.pm/packages/plug_body_digest)\n[![Hex.pm](https://img.shields.io/hexpm/l/plug_body_digest.svg)](https://hex.pm/packages/plug_body_digest)\n[![Github.com](https://img.shields.io/github/last-commit/voltone/plug_body_digest.svg)](https://github.com/voltone/plug_body_digest/commits/master)\n\nPlug to verify the request body against the digest value sent in the HTTP\n'Digest' header, as defined in [RFC3230, section 4.3.2](https://tools.ietf.org/html/rfc3230#section-4.3.2).\nTypically used in combination with an HTTP request signature covering the\n'Digest' header value, to protect the integrity of the complete request.\n\nBy default halts the request in case of failure, for example if no Digest\nheader was sent or the request body did not match the specified digest value.\nFailure and success handling can be customized using the configuration options\ndocumented in the `PlugBodyDigest` module.\n\n***Please note***: this package supports parsers that respect the\n`:body_reader` option of `Plug.Parsers`, including `Plug.Parsers.URLENCODED`\nand `Plug.Parsers.JSON`. ***Not*** supported are `Plug.Parsers.MULTIPART` and\ncontent types that are ignored by `Plug.Parsers` through the `:pass` option.\n\nDevelopment and public release of this package were made possible by\n[Bluecode](https://bluecode.com/).\n\n## Example\n\nUpdate the `Plug.Parsers` configuration, e.g. in application's Phoenix\nEndpoint, to use the `PlugBodyDigest.digest_body_reader/2,3` function for\nreading the request body:\n\n```elixir\nplug Plug.Parsers,\n  parsers: [:urlencoded, :json],\n  body_reader: {PlugBodyDigest, :digest_body_reader, []},\n  json_decoder: Jason\n```\n\nAdd `PlugBodyDigest`, somewhere after `Plug.Parsers`, for example in a\nPhoenix Router pipeline:\n\n```elixir\npipeline :api do\n  plug :accepts, [\"json\"]\n  plug PlugBodyDigest\nend\n```\n\nOr in a Phoenix Controller:\n\n```elixir\ndefmodule MyAppWeb.APIController do\n  use MyAppWeb, :controller\n\n  # Failure handling options or PlugBodyDigest\n  @mandatory []\n  @optional [on_failure: {PlugBodyDigest, :optional, []}]\n\n  # Digest header is required for POST and PUT, optional otherwise\n  plug PlugBodyDigest, @mandatory when action in [:create, :update]\n  plug PlugBodyDigest, @optional when action in [:index, :show, :delete]\n\n  # ...\nend\n```\n\n## Testing\n\nWhen testing with `Plug.Test` or `Phoenix.ConnTest`, the request body is not\nalways read through `Plug.Parsers`, in which case the custom `body_reader` is\nnot invoked. In particular this happens when setting `params_or_body` to a\nmap.\n\nDigest header verification is skipped when this happens, so in test cases that\nverify the correct handling of the Digest header, both for positive and\nnegative test scenarions, always pass in the body as a binary!\n\n## Installation\n\nAdd `plug_body_digest` to your list of dependencies in `mix.exs`:\n\n```elixir\ndef deps do\n  [\n    {:plug_body_digest, \"~\u003e 0.5.0\"}\n  ]\nend\n```\n\nDocumentation can be found at [https://hexdocs.pm/plug_body_digest](https://hexdocs.pm/plug_body_digest).\n\n## License\n\nCopyright (c) 2019, Bram Verburg\nAll rights reserved.\n\nRedistribution and use in source and binary forms, with or without\nmodification, are permitted provided that the following conditions are met:\n\n* Redistributions of source code must retain the above copyright notice, this\n  list of conditions and the following disclaimer.\n\n* Redistributions in binary form must reproduce the above copyright notice,\n  this list of conditions and the following disclaimer in the documentation\n  and/or other materials provided with the distribution.\n\n* Neither the name of the copyright holder nor the names of its contributors\n  may be used to endorse or promote products derived from this software\n  without specific prior written permission.\n\nTHIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS \"AS IS\"\nAND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE\nIMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE\nDISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE\nFOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL\nDAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR\nSERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER\nCAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,\nOR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE\nOF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fvoltone%2Fplug_body_digest","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fvoltone%2Fplug_body_digest","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fvoltone%2Fplug_body_digest/lists"}