UNPKG

wingbot

Version:

Enterprise Messaging Bot Conversation Engine

github.com/wingbot.ai/wingbot

wingbotai/wingnpbot

122 lines (95 loc) 3.11 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
/* * @author David Menger */ 'use strict'; const { default: fetch } = require('node-fetch'); const jwt = require('jsonwebtoken'); const fs = require('fs'); const path = require('path'); class WingbotApiConnector { constructor (options) { this._token = options.token; this._appToken = options.appToken; this._keysUrl = options.keysUrl; this._cacheFor = options.cacheKeys; this._useBundledGql = options.useBundledGql; this._keys = null; this._keysLoaded = 0; this._schema = null; } _verify (token, key) { return new Promise((resolve, reject) => { jwt.verify(token, key, {}, (err, res) => { if (err) { reject(err); } else { resolve(res); } }); }); } _error (message, code) { const err = new Error(message); return Object.assign(err, { code, status: code }); } async getSchema () { await this._getKeys(); return this._schema; } async verifyToken (token, wingbotToken = this._token) { if (!token) { throw this._error('Unauthorized', 401); } if (this._appToken && token === this._appToken) { const appToken = await Promise.resolve(this._appToken); if (token === appToken) { return { id: null, groups: [{ group: 'appToken' }] }; } } try { const decoded = jwt.decode(token, { complete: true }); if (!decoded) { throw new Error('Unknown key format'); } // @ts-ignore const { header, payload } = decoded; const resolvedToken = await Promise.resolve(wingbotToken); if (resolvedToken !== payload.token) { throw new Error('Token does not match'); } const keys = await this._getKeys(); const key = keys.find((k) => k.kid === header.kid); if (!key) { throw new Error('No key found'); } return this._verify(token, key.public); } catch (e) { throw this._error(`Forbidden: ${e.message}`, 403); } } async _getKeys () { if (this._keys instanceof Promise) { await this._keys; } if (this._keysLoaded < (Date.now() - this._cacheFor)) { try { this._keys = this._loadKeys(); await this._keys; } catch (e) { this._keys = null; throw e; } } return this._keys; } async _loadKeys () { const res = await fetch(this._keysUrl); const data = await res.json(); this._keys = data.keys; this._schema = this._useBundledGql ? fs.readFileSync(path.resolve(__dirname, 'schema.gql'), { encoding: 'utf8' }) : data.schema; this._keysLoaded = Date.now(); } } module.exports = WingbotApiConnector;