UNPKG

connect-sdk-nodejs

Version:

SDK to communicate with the Worldline Global Collect platform using the Worldline Connect Server API

github.com/Worldline-Global-Collect/connect-sdk-nodejs

Worldline-Global-Collect/connect-sdk-nodejs

54 lines 2.52 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
"use strict"; var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) { function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); } return new (P || (P = Promise))(function (resolve, reject) { function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } } function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } } function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); } step((generator = generator.apply(thisArg, _arguments || [])).next()); }); }; Object.defineProperty(exports, "__esModule", { value: true }); exports.newSignatureValidator = void 0; const crypto = require("crypto"); const compare = require("secure-compare"); function getHeaderValue(requestHeaders, headerName) { const lowerCaseHeaderName = headerName.toLowerCase(); for (const name in requestHeaders) { if (name != null && lowerCaseHeaderName === name.toLowerCase()) { const value = requestHeaders[name]; if (typeof value === "string") { return value; } if (typeof value === "undefined") { throw new Error(`could not find header '${headerName}'`); } throw new Error(`found multiple values for header '${headerName}'`); } } throw new Error(`could not find header '${headerName}'`); } function validate(body, requestHeaders, secretKeyStore) { return __awaiter(this, void 0, void 0, function* () { const signature = getHeaderValue(requestHeaders, "X-GCS-Signature"); const keyId = getHeaderValue(requestHeaders, "X-GCS-KeyId"); const secretKey = yield secretKeyStore.getSecretKey(keyId); const expectedSignature = crypto .createHmac("sha256", secretKey) .update(body) .digest("base64"); if (!compare(signature, expectedSignature)) { throw new Error(`failed to validate signature '${signature}'`); } }); } function newSignatureValidator(store) { if (!store || typeof store.getSecretKey !== "function") { throw new Error("no valid secret key store given"); } return { validate: (body, requestHeaders) => validate(body, requestHeaders, store) }; } exports.newSignatureValidator = newSignatureValidator; //# sourceMappingURL=validation.js.map