nubank.ts
Version:
Nubank api module for node.js
232 lines • 12.3 kB
JavaScript
"use strict";
var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
if (k2 === undefined) k2 = k;
var desc = Object.getOwnPropertyDescriptor(m, k);
if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
desc = { enumerable: true, get: function() { return m[k]; } };
}
Object.defineProperty(o, k2, desc);
}) : (function(o, m, k, k2) {
if (k2 === undefined) k2 = k;
o[k2] = m[k];
}));
var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
Object.defineProperty(o, "default", { enumerable: true, value: v });
}) : function(o, v) {
o["default"] = v;
});
var __importStar = (this && this.__importStar) || function (mod) {
if (mod && mod.__esModule) return mod;
var result = {};
if (mod != null) for (var k in mod) if (k !== "default" && Object.prototype.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k);
__setModuleDefault(result, mod);
return result;
};
var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
return new (P || (P = Promise))(function (resolve, reject) {
function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
step((generator = generator.apply(thisArg, _arguments || [])).next());
});
};
var __generator = (this && this.__generator) || function (thisArg, body) {
var _ = { label: 0, sent: function() { if (t[0] & 1) throw t[1]; return t[1]; }, trys: [], ops: [] }, f, y, t, g;
return g = { next: verb(0), "throw": verb(1), "return": verb(2) }, typeof Symbol === "function" && (g[Symbol.iterator] = function() { return this; }), g;
function verb(n) { return function (v) { return step([n, v]); }; }
function step(op) {
if (f) throw new TypeError("Generator is already executing.");
while (_) try {
if (f = 1, y && (t = op[0] & 2 ? y["return"] : op[0] ? y["throw"] || ((t = y["return"]) && t.call(y), 0) : y.next) && !(t = t.call(y, op[1])).done) return t;
if (y = 0, t) op = [op[0] & 2, t.value];
switch (op[0]) {
case 0: case 1: t = op; break;
case 4: _.label++; return { value: op[1], done: false };
case 5: _.label++; y = op[1]; op = [0]; continue;
case 7: op = _.ops.pop(); _.trys.pop(); continue;
default:
if (!(t = _.trys, t = t.length > 0 && t[t.length - 1]) && (op[0] === 6 || op[0] === 2)) { _ = 0; continue; }
if (op[0] === 3 && (!t || (op[1] > t[0] && op[1] < t[3]))) { _.label = op[1]; break; }
if (op[0] === 6 && _.label < t[1]) { _.label = t[1]; t = op; break; }
if (t && _.label < t[2]) { _.label = t[2]; _.ops.push(op); break; }
if (t[2]) _.ops.pop();
_.trys.pop(); continue;
}
op = body.call(thisArg, _);
} catch (e) { op = [6, e]; y = 0; } finally { f = t = 0; }
if (op[0] & 5) throw op[1]; return { value: op[0] ? op[1] : void 0, done: true };
}
};
var __importDefault = (this && this.__importDefault) || function (mod) {
return (mod && mod.__esModule) ? mod : { "default": mod };
};
exports.__esModule = true;
var axios_1 = __importDefault(require("axios"));
var fs_1 = __importDefault(require("fs"));
var node_forge_1 = __importStar(require("node-forge"));
var utils_1 = require("./utils");
var CertificateGenerator = /** @class */ (function () {
function CertificateGenerator(discovery, login, password, device_id, encrypted_code) {
this.client = axios_1["default"].create({
baseURL: 'https://prod-s0-webapp-proxy.nubank.com.br/api/',
headers: {
'Content-Type': 'application/json',
'X-Correlation-Id': 'and-7-0-0',
'User-Agent': 'nubank.ts'
}
});
this.login = login;
this.password = password;
this.device_id = device_id;
this.encrypted_code = encrypted_code;
this.key1 = this.generateKey();
this.key2 = this.generateKey();
this.discovery = discovery;
this.url = this.discovery.getAppUrl('gen_certificate');
}
CertificateGenerator.fromState = function (discovery, password) {
var state = fs_1["default"].readFileSync('.loginstate', 'utf8');
var parsed = JSON.parse(CertificateGenerator.decryptString(state, Buffer.from(password + password).toString('base64')));
if (new Date(parsed.expiresAt).getTime() > new Date().getTime()) {
var cergen = new CertificateGenerator(discovery, parsed.login, password, parsed.device_id, parsed.encrypted_code);
cergen.key1 = cergen.loadSerializedKey(parsed.pubKey1, parsed.privKey1);
cergen.key2 = cergen.loadSerializedKey(parsed.pubKey2, parsed.privKey2);
cergen.partialEmail = parsed.partialEmail;
cergen.codeSentAt = new Date(parsed.codeSentAt);
cergen.expiresAt = new Date(parsed.expiresAt);
cergen.password = password;
console.log('Loaded login state from file.');
return cergen;
}
console.log('Login state expired. Requesting new code.');
return new CertificateGenerator(discovery, parsed.cpf, password, parsed.device_id);
};
CertificateGenerator.prototype.saveState = function () {
var state = JSON.stringify({
login: this.login,
device_id: this.device_id,
partialEmail: this.partialEmail,
encrypted_code: this.encrypted_code,
pubKey1: this.serializePublicKey(this.key1),
pubKey2: this.serializePublicKey(this.key2),
privKey1: this.serializePrivateKey(this.key1),
privKey2: this.serializePrivateKey(this.key2),
codeSentAt: this.codeSentAt,
expiresAt: this.expiresAt
});
var pw = Buffer.from(this.password + this.password).toString('base64');
fs_1["default"].writeFileSync('.loginstate', CertificateGenerator.encryptString(state, pw));
};
CertificateGenerator.encryptString = function (str, key) {
var cipher = node_forge_1["default"].cipher.createCipher('AES-CBC', key);
cipher.start({ iv: '00000000000000000000000000000000' });
cipher.update(node_forge_1["default"].util.createBuffer(str));
cipher.finish();
return cipher.output.toHex();
};
CertificateGenerator.decryptString = function (encrypted, key) {
var cipher = node_forge_1["default"].cipher.createDecipher('AES-CBC', key);
cipher.start({ iv: '00000000000000000000000000000000' });
var str = node_forge_1["default"].util.hexToBytes(encrypted);
cipher.update(node_forge_1["default"].util.createBuffer(str, 'raw'));
cipher.finish();
return cipher.output.toString();
};
CertificateGenerator.prototype.requestCode = function () {
return __awaiter(this, void 0, void 0, function () {
var error_1, response, parsed;
return __generator(this, function (_a) {
switch (_a.label) {
case 0:
if (!!this.encrypted_code) return [3 /*break*/, 4];
_a.label = 1;
case 1:
_a.trys.push([1, 3, , 4]);
console.log('Requesting code...');
return [4 /*yield*/, this.client.post(this.url, this.getPayload())];
case 2:
_a.sent();
return [3 /*break*/, 4];
case 3:
error_1 = _a.sent();
response = error_1.request.res;
if (response.statusCode != 401 || !response.headers['www-authenticate']) {
throw new Error('Authentication code request failed.');
}
parsed = (0, utils_1.parseWwwAuthHeader)(response.headers['www-authenticate']);
this.codeSentAt = new Date();
this.expiresAt = new Date(parsed.expiresAt);
this.encrypted_code = parsed.deviceAuthorizationEncryptedCode;
this.partialEmail = parsed.sentTo;
this.saveState();
return [3 /*break*/, 4];
case 4: return [2 /*return*/, { email: this.partialEmail, expiresAt: this.expiresAt, codeSentAt: this.codeSentAt }];
}
});
});
};
CertificateGenerator.prototype.exchangeCerts = function (code) {
return __awaiter(this, void 0, void 0, function () {
var payload, response, data, cert1, cert2;
return __generator(this, function (_a) {
switch (_a.label) {
case 0:
if (!this.encrypted_code) {
throw new Error('No encrypted code found. Did you call `request_code` before exchanging certs ?');
}
payload = this.getPayload();
payload['code'] = code;
payload['encrypted-code'] = this.encrypted_code;
return [4 /*yield*/, this.client.post(this.url, payload)];
case 1:
response = _a.sent();
if (response.status != 200) {
throw new Error('The code was invalid. Please try again.');
}
data = response.data;
cert1 = this.parseCert(data['certificate']);
cert2 = this.parseCert(data['certificate_crypto']);
return [2 /*return*/, {
cert1: this.genCert(this.key1, cert1),
cert2: this.genCert(this.key2, cert2)
}];
}
});
});
};
CertificateGenerator.prototype.getPayload = function () {
return {
login: this.login,
password: this.password,
public_key: this.serializePublicKey(this.key1),
public_key_crypto: this.serializePublicKey(this.key2),
model: "Nubank.TS (".concat(this.device_id, ")"),
device_id: this.device_id
};
};
CertificateGenerator.prototype.parseCert = function (content) {
return node_forge_1["default"].pki.certificateFromPem(content);
};
CertificateGenerator.prototype.genCert = function (key, cert) {
return node_forge_1["default"].pkcs12.toPkcs12Asn1(key.privateKey, cert, '', { algorithm: '3des' });
};
CertificateGenerator.prototype.generateKey = function () {
return node_forge_1["default"].pki.rsa.generateKeyPair({ bits: 2048, e: 0x10001 });
};
CertificateGenerator.prototype.serializePublicKey = function (key) {
var pkey = node_forge_1.pki.publicKeyToPem(key.publicKey).split('\r\n').join('\n');
return pkey;
};
CertificateGenerator.prototype.serializePrivateKey = function (key) {
return node_forge_1.pki.privateKeyToPem(key.privateKey).split('\r\n').join('\n');
};
CertificateGenerator.prototype.loadSerializedKey = function (pubKey, privKey) {
var publicKey = node_forge_1.pki.publicKeyFromPem(pubKey.split('\n').join('\r\n'));
var privateKey = node_forge_1.pki.privateKeyFromPem(privKey.split('\n').join('\r\n'));
return { publicKey: publicKey, privateKey: privateKey };
};
return CertificateGenerator;
}());
exports["default"] = CertificateGenerator;
//# sourceMappingURL=certificateGenerator.js.map