livekit-server-sdk
Version:
Server-side SDK for LiveKit
53 lines • 1.84 kB
JavaScript
import { WebhookEvent as ProtoWebhookEvent } from "@livekit/protocol";
import { TokenVerifier } from "./AccessToken.js";
import { digest } from "./crypto/digest.js";
const authorizeHeader = "Authorize";
class WebhookEvent extends ProtoWebhookEvent {
constructor() {
super(...arguments);
this.event = "";
}
static fromBinary(bytes, options) {
return new WebhookEvent().fromBinary(bytes, options);
}
static fromJson(jsonValue, options) {
return new WebhookEvent().fromJson(jsonValue, options);
}
static fromJsonString(jsonString, options) {
return new WebhookEvent().fromJsonString(jsonString, options);
}
}
class WebhookReceiver {
constructor(apiKey, apiSecret) {
this.verifier = new TokenVerifier(apiKey, apiSecret);
}
/**
* @param body - string of the posted body
* @param authHeader - `Authorization` header from the request
* @param skipAuth - true to skip auth validation
* @param clockTolerance - How much tolerance to allow for checks against the auth header to be skewed from the claims
* @returns The processed webhook event
*/
async receive(body, authHeader, skipAuth = false, clockTolerance) {
if (!skipAuth) {
if (!authHeader) {
throw new Error("authorization header is empty");
}
const claims = await this.verifier.verify(authHeader, clockTolerance);
const hash = await digest(body);
const hashDecoded = btoa(
Array.from(new Uint8Array(hash)).map((v) => String.fromCharCode(v)).join("")
);
if (claims.sha256 !== hashDecoded) {
throw new Error("sha256 checksum of body does not match");
}
}
return WebhookEvent.fromJson(JSON.parse(body), { ignoreUnknownFields: true });
}
}
export {
WebhookEvent,
WebhookReceiver,
authorizeHeader
};
//# sourceMappingURL=WebhookReceiver.js.map