test.js #1 

var test = require('tape')

var algorithms = ['sha1', 'sha224','sha256', 'sha384', 'sha512', 'SHA512', 'md5', 'rmd160']
var formats = [undefined, 'base64', 'hex', 'binary']

var vectors = require('hash-test-vectors/hmac')
var createHmac = require('./browser')
algorithms.forEach(function (alg) {
  vectors.forEach(function (input) {
    var key = new Buffer(input.key, 'hex')
    var inputBuffer = new Buffer(input.data, 'hex')

    formats.forEach(function (format) {
      test('hmac(' + alg + ') w/ ' + input.data.slice(0, 6)  + '... as ' + format, function (t) {
        var hmac = createHmac(alg, key)

        var formattedInput = format ? inputBuffer.toString(format) : inputBuffer
        hmac.update(formattedInput, format)

        var formattedOutput = hmac.digest(format)
        var output = new Buffer(formattedOutput, format)

        var truncated = input.truncate ? output.slice(0, input.truncate) : output
        t.equal(truncated.toString('hex'), input[alg.toLowerCase()])
        t.end()
      })
    })
  })

  vectors.forEach(function (input) {
    test('hmac(' + alg + ') as stream w/ ' + input.data.slice(0, 6) + '...', function (t) {
      var hmac = createHmac(alg, new Buffer(input.key, 'hex'))
      hmac.end(input.data, 'hex')

      var output = hmac.read()
      var truncated = input.truncate ? output.slice(0, input.truncate) : output
      t.equal(truncated.toString('hex'), input[alg.toLowerCase()])
      t.end()
    })
  })
})
# Change User Description Committed
#1 19553 swellard Move and rename clients
//guest/perforce_software/helix-web-services/main/source/clients/2016.1.0/javascript/node_modules/create-hmac/test.js
#1 18810 tjuricek First-pass at JavaScript client SDK.

JavaScript requires Node with Gulp to "browserfy" the library. It's the easiest way I found to use the swagger-js project; bundle up a wrapping method.

There is no JavaScript reference guide. The swagger-js doesn't really document what they do very well, actually.

Overall I'm not particularly impressed by swagger-js, it was hard to even figure out what the right method syntax was. We may want to invest time in doing it better.

This required setting CORS response headers, which are currently defaulted to a fairly insecure setting.