@scalekit-sdk/node 2.1.4 → 2.1.5
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/lib/scalekit.d.ts +20 -0
- package/lib/scalekit.js +33 -6
- package/lib/scalekit.js.map +1 -1
- package/package.json +1 -1
- package/src/core.ts +1 -1
- package/src/scalekit.ts +36 -6
package/lib/scalekit.d.ts
CHANGED
|
@@ -106,6 +106,26 @@ export default class ScalekitClient {
|
|
|
106
106
|
* @return {boolean} Returns true if the payload is valid.
|
|
107
107
|
*/
|
|
108
108
|
verifyWebhookPayload(secret: string, headers: Record<string, string>, payload: string): boolean;
|
|
109
|
+
/**
|
|
110
|
+
* Verify interceptor payload
|
|
111
|
+
*
|
|
112
|
+
* @param {string} secret The secret
|
|
113
|
+
* @param {Record<string, string>} headers The headers
|
|
114
|
+
* @param {string} payload The payload
|
|
115
|
+
* @return {boolean} Returns true if the payload is valid.
|
|
116
|
+
*/
|
|
117
|
+
verifyInterceptorPayload(secret: string, headers: Record<string, string>, payload: string): boolean;
|
|
118
|
+
/**
|
|
119
|
+
* Common payload signature verification logic
|
|
120
|
+
*
|
|
121
|
+
* @param {string} secret The secret
|
|
122
|
+
* @param {string} id The webhook/interceptor id
|
|
123
|
+
* @param {string} timestamp The timestamp
|
|
124
|
+
* @param {string} signature The signature
|
|
125
|
+
* @param {string} payload The payload
|
|
126
|
+
* @return {boolean} Returns true if the payload signature is valid.
|
|
127
|
+
*/
|
|
128
|
+
private verifyPayloadSignature;
|
|
109
129
|
/**
|
|
110
130
|
* Validates a token and returns its payload if valid.
|
|
111
131
|
* Supports issuer, audience, and scope validation.
|
package/lib/scalekit.js
CHANGED
|
@@ -201,7 +201,34 @@ class ScalekitClient {
|
|
|
201
201
|
const webhookId = headers['webhook-id'];
|
|
202
202
|
const webhookTimestamp = headers['webhook-timestamp'];
|
|
203
203
|
const webhookSignature = headers['webhook-signature'];
|
|
204
|
-
|
|
204
|
+
return this.verifyPayloadSignature(secret, webhookId, webhookTimestamp, webhookSignature, payload);
|
|
205
|
+
}
|
|
206
|
+
/**
|
|
207
|
+
* Verify interceptor payload
|
|
208
|
+
*
|
|
209
|
+
* @param {string} secret The secret
|
|
210
|
+
* @param {Record<string, string>} headers The headers
|
|
211
|
+
* @param {string} payload The payload
|
|
212
|
+
* @return {boolean} Returns true if the payload is valid.
|
|
213
|
+
*/
|
|
214
|
+
verifyInterceptorPayload(secret, headers, payload) {
|
|
215
|
+
const interceptorId = headers['interceptor-id'];
|
|
216
|
+
const interceptorTimestamp = headers['interceptor-timestamp'];
|
|
217
|
+
const interceptorSignature = headers['interceptor-signature'];
|
|
218
|
+
return this.verifyPayloadSignature(secret, interceptorId, interceptorTimestamp, interceptorSignature, payload);
|
|
219
|
+
}
|
|
220
|
+
/**
|
|
221
|
+
* Common payload signature verification logic
|
|
222
|
+
*
|
|
223
|
+
* @param {string} secret The secret
|
|
224
|
+
* @param {string} id The webhook/interceptor id
|
|
225
|
+
* @param {string} timestamp The timestamp
|
|
226
|
+
* @param {string} signature The signature
|
|
227
|
+
* @param {string} payload The payload
|
|
228
|
+
* @return {boolean} Returns true if the payload signature is valid.
|
|
229
|
+
*/
|
|
230
|
+
verifyPayloadSignature(secret, id, timestamp, signature, payload) {
|
|
231
|
+
if (!id || !timestamp || !signature) {
|
|
205
232
|
throw new base_exception_1.WebhookVerificationError("Missing required headers");
|
|
206
233
|
}
|
|
207
234
|
const secretParts = secret.split("_");
|
|
@@ -209,17 +236,17 @@ class ScalekitClient {
|
|
|
209
236
|
throw new base_exception_1.WebhookVerificationError("Invalid secret");
|
|
210
237
|
}
|
|
211
238
|
try {
|
|
212
|
-
const
|
|
213
|
-
const data = `${
|
|
239
|
+
const timestampDate = this.verifyTimestamp(timestamp);
|
|
240
|
+
const data = `${id}.${Math.floor(timestampDate.getTime() / 1000)}.${payload}`;
|
|
214
241
|
const secretBytes = Buffer.from(secretParts[1], 'base64');
|
|
215
242
|
const computedSignature = this.computeSignature(secretBytes, data);
|
|
216
|
-
const receivedSignatures =
|
|
243
|
+
const receivedSignatures = signature.split(" ");
|
|
217
244
|
for (const versionedSignature of receivedSignatures) {
|
|
218
|
-
const [version,
|
|
245
|
+
const [version, receivedSignature] = versionedSignature.split(",");
|
|
219
246
|
if (version !== WEBHOOK_SIGNATURE_VERSION) {
|
|
220
247
|
continue;
|
|
221
248
|
}
|
|
222
|
-
if (crypto_1.default.timingSafeEqual(Buffer.from(
|
|
249
|
+
if (crypto_1.default.timingSafeEqual(Buffer.from(receivedSignature, 'base64'), Buffer.from(computedSignature, 'base64'))) {
|
|
223
250
|
return true;
|
|
224
251
|
}
|
|
225
252
|
}
|
package/lib/scalekit.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"scalekit.js","sourceRoot":"","sources":["../src/scalekit.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,oDAA4B;AAC5B,2CAA6B;AAC7B,4CAA6B;AAC7B,wDAAoC;AACpC,8DAA4C;AAC5C,2CAAyD;AACzD,kDAAgC;AAChC,4DAA0C;AAC1C,sDAAoC;AACpC,kEAAgD;AAChD,kEAAgD;AAChD,kDAAgC;AAChC,wDAAsC;AACtC,kDAAgC;AAChC,8DAA4C;AAE5C,+CAAqL;AACrL,4DAA0G;AAE1G,MAAM,iBAAiB,GAAG,iBAAiB,CAAC;AAC5C,MAAM,cAAc,GAAG,aAAa,CAAC;AACrC,MAAM,4BAA4B,GAAG,CAAC,GAAG,EAAE,CAAC,CAAC,YAAY;AACzD,MAAM,yBAAyB,GAAG,IAAI,CAAC;AAEvC;;;;;;;;EAQE;AACF,MAAqB,cAAc;IAYjC,YACE,MAAc,EACd,QAAgB,EAChB,YAAoB;QAEpB,IAAI,CAAC,UAAU,GAAG,IAAI,cAAU,CAC9B,MAAM,EACN,QAAQ,EACR,YAAY,CACb,CAAC;QACF,IAAI,CAAC,WAAW,GAAG,IAAI,iBAAW,CAChC,IAAI,CAAC,UAAU,CAChB,CAAC;QAEF,IAAI,CAAC,YAAY,GAAG,IAAI,sBAAkB,CACxC,IAAI,CAAC,WAAW,EAChB,IAAI,CAAC,UAAU,CAChB,CAAC;QACF,IAAI,CAAC,UAAU,GAAG,IAAI,oBAAgB,CACpC,IAAI,CAAC,WAAW,EAChB,IAAI,CAAC,UAAU,CAChB,CAAC;QACF,IAAI,CAAC,MAAM,GAAG,IAAI,gBAAY,CAC5B,IAAI,CAAC,WAAW,EAChB,IAAI,CAAC,UAAU,CAChB,CAAC;QACF,IAAI,CAAC,SAAS,GAAG,IAAI,mBAAe,CAClC,IAAI,CAAC,WAAW,EAChB,IAAI,CAAC,UAAU,CAChB,CAAC;QACF,IAAI,CAAC,YAAY,GAAG,IAAI,sBAAkB,CACxC,IAAI,CAAC,WAAW,EAChB,IAAI,CAAC,UAAU,CAChB,CAAC;QACF,IAAI,CAAC,IAAI,GAAG,IAAI,cAAU,CACxB,IAAI,CAAC,WAAW,EAChB,IAAI,CAAC,UAAU,CAChB,CAAC;QACF,IAAI,CAAC,OAAO,GAAG,IAAI,iBAAa,CAC9B,IAAI,CAAC,WAAW,EAChB,IAAI,CAAC,UAAU,CAChB,CAAC;QACF,IAAI,CAAC,IAAI,GAAG,IAAI,cAAU,CACxB,IAAI,CAAC,WAAW,EAChB,IAAI,CAAC,UAAU,CAChB,CAAC;QACF,IAAI,CAAC,UAAU,GAAG,IAAI,oBAAgB,CACpC,IAAI,CAAC,WAAW,EAChB,IAAI,CAAC,UAAU,CAChB,CAAC;IACJ,CAAC;IAED;;;;;;;;;;;;;;;;;;;;;;;OAuBG;IACH,mBAAmB,CACjB,WAAmB,EACnB,OAAiC;;QAEjC,MAAM,cAAc,GAA4B;YAC9C,MAAM,EAAE,CAAC,QAAQ,EAAE,SAAS,EAAE,OAAO,CAAC;SACvC,CAAA;QACD,OAAO,mCACF,cAAc,GACd,OAAO,CACX,CAAA;QACD,MAAM,EAAE,GAAG,YAAW,CAAC,SAAS,6JAC9B,aAAa,EAAE,MAAM,EACrB,SAAS,EAAE,IAAI,CAAC,UAAU,CAAC,QAAQ,EACnC,YAAY,EAAE,WAAW,EACzB,KAAK,EAAE,MAAA,OAAO,CAAC,MAAM,0CAAE,IAAI,CAAC,GAAG,CAAC,IAC7B,CAAC,OAAO,CAAC,KAAK,IAAI,EAAE,KAAK,EAAE,OAAO,CAAC,KAAK,EAAE,CAAC,GAC3C,CAAC,OAAO,CAAC,KAAK,IAAI,EAAE,KAAK,EAAE,OAAO,CAAC,KAAK,EAAE,CAAC,GAC3C,CAAC,OAAO,CAAC,SAAS,IAAI,EAAE,UAAU,EAAE,OAAO,CAAC,SAAS,EAAE,CAAC,GACxD,CAAC,OAAO,CAAC,UAAU,IAAI,EAAE,WAAW,EAAE,OAAO,CAAC,UAAU,EAAE,CAAC,GAC3D,CAAC,OAAO,CAAC,UAAU,IAAI,EAAE,MAAM,EAAE,OAAO,CAAC,UAAU,EAAE,CAAC,GACtD,CAAC,OAAO,CAAC,YAAY,IAAI,EAAE,aAAa,EAAE,OAAO,CAAC,YAAY,EAAE,CAAC,GACjE,CAAC,OAAO,CAAC,cAAc,IAAI,EAAE,eAAe,EAAE,OAAO,CAAC,cAAc,EAAE,CAAC,GACvE,CAAC,OAAO,CAAC,aAAa,IAAI,EAAE,cAAc,EAAE,OAAO,CAAC,aAAa,EAAE,CAAC,GACpE,CAAC,OAAO,CAAC,mBAAmB,IAAI,EAAE,qBAAqB,EAAE,OAAO,CAAC,mBAAmB,EAAE,CAAC,GACvF,CAAC,OAAO,CAAC,QAAQ,IAAI,EAAE,QAAQ,EAAE,OAAO,CAAC,QAAQ,EAAE,CAAC,GACpD,CAAC,OAAO,CAAC,MAAM,IAAI,EAAE,MAAM,EAAE,OAAO,CAAC,MAAM,EAAE,CAAC,EACjD,CAAA;QAEF,OAAO,GAAG,IAAI,CAAC,UAAU,CAAC,MAAM,IAAI,iBAAiB,IAAI,EAAE,EAAE,CAAA;IAC/D,CAAC;IAED;;;;;;;OAOG;IACG,oBAAoB,CACxB,IAAY,EACZ,WAAmB,EACnB,OAA+B;;YAE/B,MAAM,GAAG,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,YAAY,CAAC,YAAW,CAAC,SAAS,iBAClE,IAAI,EAAE,IAAI,EACV,YAAY,EAAE,WAAW,EACzB,UAAU,EAAE,oBAAS,CAAC,iBAAiB,EACvC,SAAS,EAAE,IAAI,CAAC,UAAU,CAAC,QAAQ,EACnC,aAAa,EAAE,IAAI,CAAC,UAAU,CAAC,YAAY,IACxC,CAAC,CAAA,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,YAAY,KAAI,EAAE,aAAa,EAAE,OAAO,CAAC,YAAY,EAAE,CAAC,EACrE,CAAC,CAAA;YACH,MAAM,EAAE,QAAQ,EAAE,YAAY,EAAE,UAAU,EAAG,aAAa,EAAE,GAAG,GAAG,CAAC,IAAI,CAAC;YACxE,MAAM,MAAM,GAAG,IAAI,CAAC,SAAS,CAAe,QAAQ,CAAC,CAAC;YACtD,MAAM,IAAI,GAAS,EAAE,CAAC;YACtB,KAAK,MAAM,CAAC,CAAC,EAAE,CAAC,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,EAAE,CAAC;gBAC5C,IAAI,4BAAqB,CAAC,CAAC,CAAC,EAAE,CAAC;oBAC7B,IAAI,CAAC,4BAAqB,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;gBACrC,CAAC;YACH,CAAC;YAED,OAAO;gBACL,IAAI;gBACJ,OAAO,EAAE,QAAQ;gBACjB,WAAW,EAAE,YAAY;gBACzB,SAAS,EAAE,UAAU;gBACrB,YAAY,EAAE,aAAa;aAC5B,CAAA;QACH,CAAC;KAAA;IAED;;;;;;MAME;IACI,0BAA0B,CAAC,sBAA8B,EAAE,OAAgC;;YAC/F,OAAO,IAAI,CAAC,aAAa,CAA0B,sBAAsB,EAAE,OAAO,CAAC,CAAC;QACtF,CAAC;KAAA;IAED;;;;;;OAMG;IACG,mBAAmB,CAAC,KAAa,EAAE,OAAgC;;YACvE,IAAI,CAAC;gBACH,MAAM,IAAI,CAAC,aAAa,CAAC,KAAK,EAAE,OAAO,CAAC,CAAC;gBACzC,OAAO,IAAI,CAAC;YACd,CAAC;YAAC,OAAO,CAAC,EAAE,CAAC;gBACX,OAAO,KAAK,CAAC;YACf,CAAC;QACH,CAAC;KAAA;IAID;;;;;;;;;;;;;;OAcG;IACH,YAAY,CAAC,OAA0B;QACrC,MAAM,EAAE,GAAG,YAAW,CAAC,SAAS,+CAC3B,CAAC,CAAA,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,WAAW,KAAI,EAAE,aAAa,EAAE,OAAO,CAAC,WAAW,EAAE,CAAC,GAChE,CAAC,CAAA,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,qBAAqB,KAAI,EAAE,wBAAwB,EAAE,OAAO,CAAC,qBAAqB,EAAE,CAAC,GAC/F,CAAC,CAAA,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,KAAK,KAAI,EAAE,KAAK,EAAE,OAAO,CAAC,KAAK,EAAE,CAAC,EAC/C,CAAC;QAEH,OAAO,GAAG,IAAI,CAAC,UAAU,CAAC,MAAM,IAAI,cAAc,GAAG,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC;IAC5E,CAAC;IAED;;;;;;;OAOG;IACH,oBAAoB,CAAC,MAAc,EAAE,OAA+B,EAAE,OAAe;QACnF,MAAM,SAAS,GAAG,OAAO,CAAC,YAAY,CAAC,CAAC;QACxC,MAAM,gBAAgB,GAAG,OAAO,CAAC,mBAAmB,CAAC,CAAC;QACtD,MAAM,gBAAgB,GAAG,OAAO,CAAC,mBAAmB,CAAC,CAAC;QAEtD,IAAI,CAAC,SAAS,
|
|
1
|
+
{"version":3,"file":"scalekit.js","sourceRoot":"","sources":["../src/scalekit.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,oDAA4B;AAC5B,2CAA6B;AAC7B,4CAA6B;AAC7B,wDAAoC;AACpC,8DAA4C;AAC5C,2CAAyD;AACzD,kDAAgC;AAChC,4DAA0C;AAC1C,sDAAoC;AACpC,kEAAgD;AAChD,kEAAgD;AAChD,kDAAgC;AAChC,wDAAsC;AACtC,kDAAgC;AAChC,8DAA4C;AAE5C,+CAAqL;AACrL,4DAA0G;AAE1G,MAAM,iBAAiB,GAAG,iBAAiB,CAAC;AAC5C,MAAM,cAAc,GAAG,aAAa,CAAC;AACrC,MAAM,4BAA4B,GAAG,CAAC,GAAG,EAAE,CAAC,CAAC,YAAY;AACzD,MAAM,yBAAyB,GAAG,IAAI,CAAC;AAEvC;;;;;;;;EAQE;AACF,MAAqB,cAAc;IAYjC,YACE,MAAc,EACd,QAAgB,EAChB,YAAoB;QAEpB,IAAI,CAAC,UAAU,GAAG,IAAI,cAAU,CAC9B,MAAM,EACN,QAAQ,EACR,YAAY,CACb,CAAC;QACF,IAAI,CAAC,WAAW,GAAG,IAAI,iBAAW,CAChC,IAAI,CAAC,UAAU,CAChB,CAAC;QAEF,IAAI,CAAC,YAAY,GAAG,IAAI,sBAAkB,CACxC,IAAI,CAAC,WAAW,EAChB,IAAI,CAAC,UAAU,CAChB,CAAC;QACF,IAAI,CAAC,UAAU,GAAG,IAAI,oBAAgB,CACpC,IAAI,CAAC,WAAW,EAChB,IAAI,CAAC,UAAU,CAChB,CAAC;QACF,IAAI,CAAC,MAAM,GAAG,IAAI,gBAAY,CAC5B,IAAI,CAAC,WAAW,EAChB,IAAI,CAAC,UAAU,CAChB,CAAC;QACF,IAAI,CAAC,SAAS,GAAG,IAAI,mBAAe,CAClC,IAAI,CAAC,WAAW,EAChB,IAAI,CAAC,UAAU,CAChB,CAAC;QACF,IAAI,CAAC,YAAY,GAAG,IAAI,sBAAkB,CACxC,IAAI,CAAC,WAAW,EAChB,IAAI,CAAC,UAAU,CAChB,CAAC;QACF,IAAI,CAAC,IAAI,GAAG,IAAI,cAAU,CACxB,IAAI,CAAC,WAAW,EAChB,IAAI,CAAC,UAAU,CAChB,CAAC;QACF,IAAI,CAAC,OAAO,GAAG,IAAI,iBAAa,CAC9B,IAAI,CAAC,WAAW,EAChB,IAAI,CAAC,UAAU,CAChB,CAAC;QACF,IAAI,CAAC,IAAI,GAAG,IAAI,cAAU,CACxB,IAAI,CAAC,WAAW,EAChB,IAAI,CAAC,UAAU,CAChB,CAAC;QACF,IAAI,CAAC,UAAU,GAAG,IAAI,oBAAgB,CACpC,IAAI,CAAC,WAAW,EAChB,IAAI,CAAC,UAAU,CAChB,CAAC;IACJ,CAAC;IAED;;;;;;;;;;;;;;;;;;;;;;;OAuBG;IACH,mBAAmB,CACjB,WAAmB,EACnB,OAAiC;;QAEjC,MAAM,cAAc,GAA4B;YAC9C,MAAM,EAAE,CAAC,QAAQ,EAAE,SAAS,EAAE,OAAO,CAAC;SACvC,CAAA;QACD,OAAO,mCACF,cAAc,GACd,OAAO,CACX,CAAA;QACD,MAAM,EAAE,GAAG,YAAW,CAAC,SAAS,6JAC9B,aAAa,EAAE,MAAM,EACrB,SAAS,EAAE,IAAI,CAAC,UAAU,CAAC,QAAQ,EACnC,YAAY,EAAE,WAAW,EACzB,KAAK,EAAE,MAAA,OAAO,CAAC,MAAM,0CAAE,IAAI,CAAC,GAAG,CAAC,IAC7B,CAAC,OAAO,CAAC,KAAK,IAAI,EAAE,KAAK,EAAE,OAAO,CAAC,KAAK,EAAE,CAAC,GAC3C,CAAC,OAAO,CAAC,KAAK,IAAI,EAAE,KAAK,EAAE,OAAO,CAAC,KAAK,EAAE,CAAC,GAC3C,CAAC,OAAO,CAAC,SAAS,IAAI,EAAE,UAAU,EAAE,OAAO,CAAC,SAAS,EAAE,CAAC,GACxD,CAAC,OAAO,CAAC,UAAU,IAAI,EAAE,WAAW,EAAE,OAAO,CAAC,UAAU,EAAE,CAAC,GAC3D,CAAC,OAAO,CAAC,UAAU,IAAI,EAAE,MAAM,EAAE,OAAO,CAAC,UAAU,EAAE,CAAC,GACtD,CAAC,OAAO,CAAC,YAAY,IAAI,EAAE,aAAa,EAAE,OAAO,CAAC,YAAY,EAAE,CAAC,GACjE,CAAC,OAAO,CAAC,cAAc,IAAI,EAAE,eAAe,EAAE,OAAO,CAAC,cAAc,EAAE,CAAC,GACvE,CAAC,OAAO,CAAC,aAAa,IAAI,EAAE,cAAc,EAAE,OAAO,CAAC,aAAa,EAAE,CAAC,GACpE,CAAC,OAAO,CAAC,mBAAmB,IAAI,EAAE,qBAAqB,EAAE,OAAO,CAAC,mBAAmB,EAAE,CAAC,GACvF,CAAC,OAAO,CAAC,QAAQ,IAAI,EAAE,QAAQ,EAAE,OAAO,CAAC,QAAQ,EAAE,CAAC,GACpD,CAAC,OAAO,CAAC,MAAM,IAAI,EAAE,MAAM,EAAE,OAAO,CAAC,MAAM,EAAE,CAAC,EACjD,CAAA;QAEF,OAAO,GAAG,IAAI,CAAC,UAAU,CAAC,MAAM,IAAI,iBAAiB,IAAI,EAAE,EAAE,CAAA;IAC/D,CAAC;IAED;;;;;;;OAOG;IACG,oBAAoB,CACxB,IAAY,EACZ,WAAmB,EACnB,OAA+B;;YAE/B,MAAM,GAAG,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,YAAY,CAAC,YAAW,CAAC,SAAS,iBAClE,IAAI,EAAE,IAAI,EACV,YAAY,EAAE,WAAW,EACzB,UAAU,EAAE,oBAAS,CAAC,iBAAiB,EACvC,SAAS,EAAE,IAAI,CAAC,UAAU,CAAC,QAAQ,EACnC,aAAa,EAAE,IAAI,CAAC,UAAU,CAAC,YAAY,IACxC,CAAC,CAAA,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,YAAY,KAAI,EAAE,aAAa,EAAE,OAAO,CAAC,YAAY,EAAE,CAAC,EACrE,CAAC,CAAA;YACH,MAAM,EAAE,QAAQ,EAAE,YAAY,EAAE,UAAU,EAAG,aAAa,EAAE,GAAG,GAAG,CAAC,IAAI,CAAC;YACxE,MAAM,MAAM,GAAG,IAAI,CAAC,SAAS,CAAe,QAAQ,CAAC,CAAC;YACtD,MAAM,IAAI,GAAS,EAAE,CAAC;YACtB,KAAK,MAAM,CAAC,CAAC,EAAE,CAAC,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,EAAE,CAAC;gBAC5C,IAAI,4BAAqB,CAAC,CAAC,CAAC,EAAE,CAAC;oBAC7B,IAAI,CAAC,4BAAqB,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;gBACrC,CAAC;YACH,CAAC;YAED,OAAO;gBACL,IAAI;gBACJ,OAAO,EAAE,QAAQ;gBACjB,WAAW,EAAE,YAAY;gBACzB,SAAS,EAAE,UAAU;gBACrB,YAAY,EAAE,aAAa;aAC5B,CAAA;QACH,CAAC;KAAA;IAED;;;;;;MAME;IACI,0BAA0B,CAAC,sBAA8B,EAAE,OAAgC;;YAC/F,OAAO,IAAI,CAAC,aAAa,CAA0B,sBAAsB,EAAE,OAAO,CAAC,CAAC;QACtF,CAAC;KAAA;IAED;;;;;;OAMG;IACG,mBAAmB,CAAC,KAAa,EAAE,OAAgC;;YACvE,IAAI,CAAC;gBACH,MAAM,IAAI,CAAC,aAAa,CAAC,KAAK,EAAE,OAAO,CAAC,CAAC;gBACzC,OAAO,IAAI,CAAC;YACd,CAAC;YAAC,OAAO,CAAC,EAAE,CAAC;gBACX,OAAO,KAAK,CAAC;YACf,CAAC;QACH,CAAC;KAAA;IAID;;;;;;;;;;;;;;OAcG;IACH,YAAY,CAAC,OAA0B;QACrC,MAAM,EAAE,GAAG,YAAW,CAAC,SAAS,+CAC3B,CAAC,CAAA,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,WAAW,KAAI,EAAE,aAAa,EAAE,OAAO,CAAC,WAAW,EAAE,CAAC,GAChE,CAAC,CAAA,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,qBAAqB,KAAI,EAAE,wBAAwB,EAAE,OAAO,CAAC,qBAAqB,EAAE,CAAC,GAC/F,CAAC,CAAA,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,KAAK,KAAI,EAAE,KAAK,EAAE,OAAO,CAAC,KAAK,EAAE,CAAC,EAC/C,CAAC;QAEH,OAAO,GAAG,IAAI,CAAC,UAAU,CAAC,MAAM,IAAI,cAAc,GAAG,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC;IAC5E,CAAC;IAED;;;;;;;OAOG;IACH,oBAAoB,CAAC,MAAc,EAAE,OAA+B,EAAE,OAAe;QACnF,MAAM,SAAS,GAAG,OAAO,CAAC,YAAY,CAAC,CAAC;QACxC,MAAM,gBAAgB,GAAG,OAAO,CAAC,mBAAmB,CAAC,CAAC;QACtD,MAAM,gBAAgB,GAAG,OAAO,CAAC,mBAAmB,CAAC,CAAC;QAEtD,OAAO,IAAI,CAAC,sBAAsB,CAAC,MAAM,EAAE,SAAS,EAAE,gBAAgB,EAAE,gBAAgB,EAAE,OAAO,CAAC,CAAC;IACrG,CAAC;IAED;;;;;;;OAOG;IACH,wBAAwB,CAAC,MAAc,EAAE,OAA+B,EAAE,OAAe;QACvF,MAAM,aAAa,GAAG,OAAO,CAAC,gBAAgB,CAAC,CAAC;QAChD,MAAM,oBAAoB,GAAG,OAAO,CAAC,uBAAuB,CAAC,CAAC;QAC9D,MAAM,oBAAoB,GAAG,OAAO,CAAC,uBAAuB,CAAC,CAAC;QAE9D,OAAO,IAAI,CAAC,sBAAsB,CAAC,MAAM,EAAE,aAAa,EAAE,oBAAoB,EAAE,oBAAoB,EAAE,OAAO,CAAC,CAAC;IACjH,CAAC;IAED;;;;;;;;;OASG;IACK,sBAAsB,CAAC,MAAc,EAAE,EAAU,EAAE,SAAiB,EAAE,SAAiB,EAAE,OAAe;QAC9G,IAAI,CAAC,EAAE,IAAI,CAAC,SAAS,IAAI,CAAC,SAAS,EAAE,CAAC;YACpC,MAAM,IAAI,yCAAwB,CAAC,0BAA0B,CAAC,CAAC;QACjE,CAAC;QAED,MAAM,WAAW,GAAG,MAAM,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;QACtC,IAAI,WAAW,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YAC3B,MAAM,IAAI,yCAAwB,CAAC,gBAAgB,CAAC,CAAC;QACvD,CAAC;QAED,IAAI,CAAC;YACH,MAAM,aAAa,GAAG,IAAI,CAAC,eAAe,CAAC,SAAS,CAAC,CAAC;YACtD,MAAM,IAAI,GAAG,GAAG,EAAE,IAAI,IAAI,CAAC,KAAK,CAAC,aAAa,CAAC,OAAO,EAAE,GAAG,IAAI,CAAC,IAAI,OAAO,EAAE,CAAC;YAC9E,MAAM,WAAW,GAAG,MAAM,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC,CAAC,EAAE,QAAQ,CAAC,CAAC;YAC1D,MAAM,iBAAiB,GAAG,IAAI,CAAC,gBAAgB,CAAC,WAAW,EAAE,IAAI,CAAC,CAAC;YACnE,MAAM,kBAAkB,GAAG,SAAS,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;YAEhD,KAAK,MAAM,kBAAkB,IAAI,kBAAkB,EAAE,CAAC;gBACpD,MAAM,CAAC,OAAO,EAAE,iBAAiB,CAAC,GAAG,kBAAkB,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;gBACnE,IAAI,OAAO,KAAK,yBAAyB,EAAE,CAAC;oBAC1C,SAAS;gBACX,CAAC;gBACD,IAAI,gBAAM,CAAC,eAAe,CAAC,MAAM,CAAC,IAAI,CAAC,iBAAiB,EAAE,QAAQ,CAAC,EAAE,MAAM,CAAC,IAAI,CAAC,iBAAiB,EAAE,QAAQ,CAAC,CAAC,EAAE,CAAC;oBAC/G,OAAO,IAAI,CAAC;gBACd,CAAC;YACH,CAAC;YAED,MAAM,IAAI,yCAAwB,CAAC,mBAAmB,CAAC,CAAC;QAC1D,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,IAAI,KAAK,YAAY,yCAAwB,EAAE,CAAC;gBAC9C,MAAM,KAAK,CAAC;YACd,CAAC;YACD,MAAM,IAAI,yCAAwB,CAAC,mBAAmB,CAAC,CAAC;QAC1D,CAAC;IACH,CAAC;IAED;;;;;;;;OAQG;IACG,aAAa,CAAI,KAAa,EAAE,OAAgC;;YACpE,MAAM,IAAI,CAAC,UAAU,CAAC,OAAO,EAAE,CAAC;YAChC,MAAM,IAAI,GAAG,IAAI,CAAC,iBAAiB,CAAC;gBAClC,IAAI,EAAE,IAAI,CAAC,UAAU,CAAC,IAAI;aAC3B,CAAC,CAAA;YACF,IAAI,CAAC;gBACH,MAAM,EAAE,OAAO,EAAE,GAAG,MAAM,IAAI,CAAC,SAAS,CAAI,KAAK,EAAE,IAAI,kCAClD,CAAC,CAAA,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,MAAM,KAAI,EAAE,MAAM,EAAE,OAAO,CAAC,MAAM,EAAE,CAAC,GAC/C,CAAC,CAAA,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,QAAQ,KAAI,EAAE,QAAQ,EAAE,OAAO,CAAC,QAAQ,EAAE,CAAC,EACxD,CAAC;gBAEH,IAAI,CAAA,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,cAAc,KAAI,OAAO,CAAC,cAAc,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;oBACjE,IAAI,CAAC,YAAY,CAAC,KAAK,EAAE,OAAO,CAAC,cAAc,CAAC,CAAC;gBACnD,CAAC;gBAED,OAAO,OAAO,CAAC;YACjB,CAAC;YAAC,OAAO,KAAK,EAAE,CAAC;gBACf,MAAM,IAAI,sDAAqC,CAAC,KAAK,CAAC,CAAC;YACzD,CAAC;QACH,CAAC;KAAA;IAED;;;;;;;OAOG;IACH,YAAY,CAAC,KAAa,EAAE,cAAwB;QAClD,MAAM,OAAO,GAAG,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC;QACtC,MAAM,MAAM,GAAG,IAAI,CAAC,wBAAwB,CAAC,OAAO,CAAC,CAAC;QAEtD,MAAM,aAAa,GAAG,cAAc,CAAC,MAAM,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC,MAAM,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAC;QAE9E,IAAI,aAAa,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YAC7B,MAAM,IAAI,sDAAqC,CAAC,kCAAkC,aAAa,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QAChH,CAAC;QAED,OAAO,IAAI,CAAC;IACd,CAAC;IAED;;;;;OAKG;IACK,wBAAwB,CAAC,OAA4B;QAC3D,MAAM,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC;QAC9B,OAAO,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC;YAC1B,CAAC,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,KAAK,EAAE,EAAE,WAAC,OAAA,CAAC,CAAC,CAAA,MAAA,KAAK,CAAC,IAAI,qDAAI,CAAA,CAAA,EAAA,CAAC;YAC5C,CAAC,CAAC,EAAE,CAAC;IACT,CAAC;IAED;;;;;OAKG;IACK,eAAe,CAAC,YAAoB;QAC1C,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC;QAC1C,MAAM,SAAS,GAAG,QAAQ,CAAC,YAAY,EAAE,EAAE,CAAC,CAAC;QAC7C,IAAI,KAAK,CAAC,SAAS,CAAC,EAAE,CAAC;YACrB,MAAM,IAAI,yCAAwB,CAAC,2BAA2B,CAAC,CAAC;QAClE,CAAC;QACD,IAAI,GAAG,GAAG,SAAS,GAAG,4BAA4B,EAAE,CAAC;YACnD,MAAM,IAAI,yCAAwB,CAAC,2BAA2B,CAAC,CAAC;QAClE,CAAC;QACD,IAAI,SAAS,GAAG,GAAG,GAAG,4BAA4B,EAAE,CAAC;YACnD,MAAM,IAAI,yCAAwB,CAAC,2BAA2B,CAAC,CAAC;QAClE,CAAC;QAED,OAAO,IAAI,IAAI,CAAC,SAAS,GAAG,IAAI,CAAC,CAAC;IACpC,CAAC;IAED;;;;;;OAMG;IACK,gBAAgB,CAAC,WAAmB,EAAE,IAAY;QACxD,OAAO,gBAAM,CAAC,UAAU,CAAC,QAAQ,EAAE,WAAW,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;IAChF,CAAC;IAED;;;;;OAKG;IACG,kBAAkB,CAAC,YAAoB;;YAC3C,IAAI,CAAC,YAAY,EAAE,CAAC;gBAClB,MAAM,IAAI,KAAK,CAAC,2BAA2B,CAAC,CAAC;YAC/C,CAAC;YAED,IAAI,GAAG,CAAC;YACR,IAAI,CAAC;gBACH,GAAG,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,YAAY,CAAC,YAAW,CAAC,SAAS,CAAC;oBAC7D,UAAU,EAAE,oBAAS,CAAC,YAAY;oBAClC,SAAS,EAAE,IAAI,CAAC,UAAU,CAAC,QAAQ;oBACnC,aAAa,EAAE,IAAI,CAAC,UAAU,CAAC,YAAY;oBAC3C,aAAa,EAAE,YAAY;iBAC5B,CAAC,CAAC,CAAC;YACN,CAAC;YAAC,OAAO,KAAK,EAAE,CAAC;gBACf,MAAM,IAAI,KAAK,CAAC,4BAA4B,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,eAAe,EAAE,CAAC,CAAC;YAC1G,CAAC;YAED,IAAI,CAAC,GAAG,IAAI,CAAC,GAAG,CAAC,IAAI,EAAE,CAAC;gBACtB,MAAM,IAAI,KAAK,CAAC,6CAA6C,CAAC,CAAC;YACjE,CAAC;YAED,MAAM,EAAE,YAAY,EAAE,aAAa,EAAE,GAAG,GAAG,CAAC,IAAI,CAAC;YAEjD,8CAA8C;YAC9C,IAAI,CAAC,YAAY,EAAE,CAAC;gBAClB,MAAM,IAAI,KAAK,CAAC,iDAAiD,CAAC,CAAC;YACrE,CAAC;YACD,IAAI,CAAC,aAAa,EAAE,CAAC;gBACnB,MAAM,IAAI,KAAK,CAAC,kDAAkD,CAAC,CAAC;YACtE,CAAC;YAED,OAAO;gBACL,WAAW,EAAE,YAAY;gBACzB,YAAY,EAAE,aAAa;aAC5B,CAAC;QACJ,CAAC;KAAA;CACF;AA9aD,iCA8aC"}
|
package/package.json
CHANGED
package/src/core.ts
CHANGED
|
@@ -20,7 +20,7 @@ export default class CoreClient {
|
|
|
20
20
|
public keys: JWK[] = [];
|
|
21
21
|
public accessToken: string | null = null;
|
|
22
22
|
public axios: Axios;
|
|
23
|
-
public sdkVersion = `Scalekit-Node/2.1.
|
|
23
|
+
public sdkVersion = `Scalekit-Node/2.1.5`;
|
|
24
24
|
public apiVersion = "20250830";
|
|
25
25
|
public userAgent = `${this.sdkVersion} Node/${process.version} (${process.platform}; ${os.arch()})`;
|
|
26
26
|
constructor(
|
package/src/scalekit.ts
CHANGED
|
@@ -257,7 +257,37 @@ export default class ScalekitClient {
|
|
|
257
257
|
const webhookTimestamp = headers['webhook-timestamp'];
|
|
258
258
|
const webhookSignature = headers['webhook-signature'];
|
|
259
259
|
|
|
260
|
-
|
|
260
|
+
return this.verifyPayloadSignature(secret, webhookId, webhookTimestamp, webhookSignature, payload);
|
|
261
|
+
}
|
|
262
|
+
|
|
263
|
+
/**
|
|
264
|
+
* Verify interceptor payload
|
|
265
|
+
*
|
|
266
|
+
* @param {string} secret The secret
|
|
267
|
+
* @param {Record<string, string>} headers The headers
|
|
268
|
+
* @param {string} payload The payload
|
|
269
|
+
* @return {boolean} Returns true if the payload is valid.
|
|
270
|
+
*/
|
|
271
|
+
verifyInterceptorPayload(secret: string, headers: Record<string, string>, payload: string): boolean {
|
|
272
|
+
const interceptorId = headers['interceptor-id'];
|
|
273
|
+
const interceptorTimestamp = headers['interceptor-timestamp'];
|
|
274
|
+
const interceptorSignature = headers['interceptor-signature'];
|
|
275
|
+
|
|
276
|
+
return this.verifyPayloadSignature(secret, interceptorId, interceptorTimestamp, interceptorSignature, payload);
|
|
277
|
+
}
|
|
278
|
+
|
|
279
|
+
/**
|
|
280
|
+
* Common payload signature verification logic
|
|
281
|
+
*
|
|
282
|
+
* @param {string} secret The secret
|
|
283
|
+
* @param {string} id The webhook/interceptor id
|
|
284
|
+
* @param {string} timestamp The timestamp
|
|
285
|
+
* @param {string} signature The signature
|
|
286
|
+
* @param {string} payload The payload
|
|
287
|
+
* @return {boolean} Returns true if the payload signature is valid.
|
|
288
|
+
*/
|
|
289
|
+
private verifyPayloadSignature(secret: string, id: string, timestamp: string, signature: string, payload: string): boolean {
|
|
290
|
+
if (!id || !timestamp || !signature) {
|
|
261
291
|
throw new WebhookVerificationError("Missing required headers");
|
|
262
292
|
}
|
|
263
293
|
|
|
@@ -267,18 +297,18 @@ export default class ScalekitClient {
|
|
|
267
297
|
}
|
|
268
298
|
|
|
269
299
|
try {
|
|
270
|
-
const
|
|
271
|
-
const data = `${
|
|
300
|
+
const timestampDate = this.verifyTimestamp(timestamp);
|
|
301
|
+
const data = `${id}.${Math.floor(timestampDate.getTime() / 1000)}.${payload}`;
|
|
272
302
|
const secretBytes = Buffer.from(secretParts[1], 'base64');
|
|
273
303
|
const computedSignature = this.computeSignature(secretBytes, data);
|
|
274
|
-
const receivedSignatures =
|
|
304
|
+
const receivedSignatures = signature.split(" ");
|
|
275
305
|
|
|
276
306
|
for (const versionedSignature of receivedSignatures) {
|
|
277
|
-
const [version,
|
|
307
|
+
const [version, receivedSignature] = versionedSignature.split(",");
|
|
278
308
|
if (version !== WEBHOOK_SIGNATURE_VERSION) {
|
|
279
309
|
continue;
|
|
280
310
|
}
|
|
281
|
-
if (crypto.timingSafeEqual(Buffer.from(
|
|
311
|
+
if (crypto.timingSafeEqual(Buffer.from(receivedSignature, 'base64'), Buffer.from(computedSignature, 'base64'))) {
|
|
282
312
|
return true;
|
|
283
313
|
}
|
|
284
314
|
}
|