@replyke/express
Version:
Replyke: Build interactive apps with social features like comments, votes, feeds, user lists, notifications, and more.
109 lines (108 loc) • 4.11 kB
JavaScript
;
var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
if (k2 === undefined) k2 = k;
var desc = Object.getOwnPropertyDescriptor(m, k);
if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
desc = { enumerable: true, get: function() { return m[k]; } };
}
Object.defineProperty(o, k2, desc);
}) : (function(o, m, k, k2) {
if (k2 === undefined) k2 = k;
o[k2] = m[k];
}));
var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
Object.defineProperty(o, "default", { enumerable: true, value: v });
}) : function(o, v) {
o["default"] = v;
});
var __importStar = (this && this.__importStar) || (function () {
var ownKeys = function(o) {
ownKeys = Object.getOwnPropertyNames || function (o) {
var ar = [];
for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
return ar;
};
return ownKeys(o);
};
return function (mod) {
if (mod && mod.__esModule) return mod;
var result = {};
if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
__setModuleDefault(result, mod);
return result;
};
})();
var __importDefault = (this && this.__importDefault) || function (mod) {
return (mod && mod.__esModule) ? mod : { "default": mod };
};
Object.defineProperty(exports, "__esModule", { value: true });
exports.generateHmacSignature = generateHmacSignature;
exports.validateHmacSignature = validateHmacSignature;
exports.sendWebhookRequest = sendWebhookRequest;
exports.sendWebhookRequestWithHandle = sendWebhookRequestWithHandle;
exports.handleWebhookError = handleWebhookError;
const crypto_1 = __importDefault(require("crypto"));
const axios_1 = __importStar(require("axios"));
/**
* Generate an HMAC signature for a given payload and timestamp.
*/
function generateHmacSignature(payload, timestamp, secret) {
return crypto_1.default
.createHmac("sha256", secret)
.update(`${timestamp}.${JSON.stringify(payload)}`)
.digest("hex");
}
/**
* Validate an HMAC signature.
*/
function validateHmacSignature(payload, signature, secret) {
const expectedSignature = crypto_1.default
.createHmac("sha256", secret)
.update(JSON.stringify(payload))
.digest("hex");
return signature === expectedSignature;
}
/**
* Send a webhook request to the given URL with the specified data and headers.
*/
async function sendWebhookRequest(webhookUrl, payload, secret) {
const timestamp = Date.now();
const signature = generateHmacSignature(payload, timestamp, secret);
return axios_1.default.post(webhookUrl, payload, {
headers: {
"X-Signature": signature,
"X-Timestamp": timestamp.toString(),
},
});
}
/**
* Send a webhook request to the given URL with the specified data and headers.
*/
async function sendWebhookRequestWithHandle(webhookUrl, payload, secret) {
try {
const response = await sendWebhookRequest(webhookUrl, payload, secret);
// Validate the response signature if it exists
const responseSignature = response.headers["x-response-signature"];
if (!responseSignature) {
throw new Error("Missing response signature");
}
if (!validateHmacSignature(response.data, responseSignature, secret)) {
throw new Error("Invalid response signature");
}
return response.data;
}
catch (err) {
handleWebhookError(err, "Webhook request failed");
}
}
/**
* Handle errors during webhook requests.
*/
function handleWebhookError(err, defaultMessage) {
if (err instanceof axios_1.AxiosError) {
console.error(defaultMessage, err.response?.data || err.message);
throw new Error(err.response?.data?.error || defaultMessage);
}
console.error(defaultMessage, err);
throw new Error(defaultMessage);
}