From 873195b98a71bed631e38aacc0a53ccd22245ccb Mon Sep 17 00:00:00 2001 From: faonbr Date: Thu, 1 Dec 2022 19:14:18 -0300 Subject: [PATCH 1/7] Added airship validation endpoint --- app.js | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/app.js b/app.js index 7f30a56..415114e 100644 --- a/app.js +++ b/app.js @@ -5,6 +5,13 @@ app.use(express.urlencoded({ extended: true })); const port = 3000; +const myArgs = process.argv.slice(2); + +app.all('/validate', function (req, res) { + console.log("-------------- Validate Request --------------"); + res.json( {"confirmation_code":myArgs[0]} ); +}) + app.all('/*', function (req, res) { console.log("-------------- New Request --------------"); console.log("Headers:"+ JSON.stringify(req.headers, null, 3)); From a68a0252d539ab301bbe87400fd3153b2322d15f Mon Sep 17 00:00:00 2001 From: faonbr Date: Tue, 14 Feb 2023 07:55:01 -0300 Subject: [PATCH 2/7] twitter --- appTwitter.js | 44 ++++++++++++++++++++++++++++++++++++++++++++ package.json | 3 ++- 2 files changed, 46 insertions(+), 1 deletion(-) create mode 100644 appTwitter.js diff --git a/appTwitter.js b/appTwitter.js new file mode 100644 index 0000000..47e61e3 --- /dev/null +++ b/appTwitter.js @@ -0,0 +1,44 @@ +var express = require('express'); +var app = express(); +app.use(express.json()); +const port = 3000; + +app.post('/*', function (req, res) { + console.log("-------------- New Request POST --------------"); + console.log("Headers:"+ JSON.stringify(req.headers, null, 3)); + console.log("Body:"+ JSON.stringify(req.body, null, 3)); + res.json({ message: "Thank you for the message" }); +}) + +// Add support for GET requests to Twitter webhook +app.get("/*", (req, res) => { + // Parse the query params + var mode = req.query["hub.mode"]; + var token = req.query["hub.verify_token"]; + var challenge = req.query["hub.challenge"]; + + console.log("-------------- New Request GET --------------"); + console.log("Headers:"+ JSON.stringify(req.headers, null, 3)); + console.log("Body:"+ JSON.stringify(req.body, null, 3)); + + // Check if a token and mode is in the query string of the request + if (mode && token) { + // Check the mode and token sent is correct + if (mode === "subscribe" && token === "12345") { + // Respond with the challenge token from the request + console.log("WEBHOOK_VERIFIED"); + res.status(200).send(challenge); + } else { + console.log("Responding with 403 Forbidden"); + // Respond with '403 Forbidden' if verify tokens do not match + res.sendStatus(403); + } + } else { + console.log("Replying Thank you."); + res.json({ message: "Thank you for the message" }); + } +}); + +app.listen(port, function () { + console.log(`Example Facebook app listening at ${port}`) +}) \ No newline at end of file diff --git a/package.json b/package.json index c2c41fc..dbc3989 100644 --- a/package.json +++ b/package.json @@ -6,7 +6,8 @@ "start": "node app.js", "startSlack": "node appSlack.js", "startFacebook": "node appFB.js", - "startDropbox": "node appDropbox.js" + "startDropbox": "node appDropbox.js", + "startTwitter": "node appTwitter.js" }, "repository": { "type": "git", From ce1c48471dd3dda87861b3f08a3865d84896f95a Mon Sep 17 00:00:00 2001 From: faonbr Date: Tue, 14 Feb 2023 18:39:22 -0300 Subject: [PATCH 3/7] removed twitter --- appTwitter.js | 44 -------------------------------------------- package.json | 3 +-- 2 files changed, 1 insertion(+), 46 deletions(-) delete mode 100644 appTwitter.js diff --git a/appTwitter.js b/appTwitter.js deleted file mode 100644 index 47e61e3..0000000 --- a/appTwitter.js +++ /dev/null @@ -1,44 +0,0 @@ -var express = require('express'); -var app = express(); -app.use(express.json()); -const port = 3000; - -app.post('/*', function (req, res) { - console.log("-------------- New Request POST --------------"); - console.log("Headers:"+ JSON.stringify(req.headers, null, 3)); - console.log("Body:"+ JSON.stringify(req.body, null, 3)); - res.json({ message: "Thank you for the message" }); -}) - -// Add support for GET requests to Twitter webhook -app.get("/*", (req, res) => { - // Parse the query params - var mode = req.query["hub.mode"]; - var token = req.query["hub.verify_token"]; - var challenge = req.query["hub.challenge"]; - - console.log("-------------- New Request GET --------------"); - console.log("Headers:"+ JSON.stringify(req.headers, null, 3)); - console.log("Body:"+ JSON.stringify(req.body, null, 3)); - - // Check if a token and mode is in the query string of the request - if (mode && token) { - // Check the mode and token sent is correct - if (mode === "subscribe" && token === "12345") { - // Respond with the challenge token from the request - console.log("WEBHOOK_VERIFIED"); - res.status(200).send(challenge); - } else { - console.log("Responding with 403 Forbidden"); - // Respond with '403 Forbidden' if verify tokens do not match - res.sendStatus(403); - } - } else { - console.log("Replying Thank you."); - res.json({ message: "Thank you for the message" }); - } -}); - -app.listen(port, function () { - console.log(`Example Facebook app listening at ${port}`) -}) \ No newline at end of file diff --git a/package.json b/package.json index dbc3989..c2c41fc 100644 --- a/package.json +++ b/package.json @@ -6,8 +6,7 @@ "start": "node app.js", "startSlack": "node appSlack.js", "startFacebook": "node appFB.js", - "startDropbox": "node appDropbox.js", - "startTwitter": "node appTwitter.js" + "startDropbox": "node appDropbox.js" }, "repository": { "type": "git", From 70afca86d034fb2d728a1f66b106098cae9f8911 Mon Sep 17 00:00:00 2001 From: faonbr Date: Tue, 14 Feb 2023 19:18:44 -0300 Subject: [PATCH 4/7] Twitter --- appTwitter.js | 41 +++++++++++++++++++++++++++++++++++++++++ package.json | 3 ++- 2 files changed, 43 insertions(+), 1 deletion(-) create mode 100644 appTwitter.js diff --git a/appTwitter.js b/appTwitter.js new file mode 100644 index 0000000..6ce95fe --- /dev/null +++ b/appTwitter.js @@ -0,0 +1,41 @@ +var express = require('express'); +crypto = require('crypto') + +var app = express(); +app.use(express.json()); +const port = 3000; +const consumer_secret = "Twitter API Key Secret"; + +get_challenge_response = function(crc_token, consumer_secret) { + hmac = crypto.createHmac('sha256', consumer_secret).update(crc_token).digest('base64') + return hmac +} + +app.post('/*', function (req, res) { + console.log("-------------- New Request POST --------------"); + console.log("Headers:"+ JSON.stringify(req.headers, null, 3)); + console.log("Body:"+ JSON.stringify(req.body, null, 3)); + res.json({ message: "Thank you for the message" }); +}) + +// Add support for GET requests to Twitter webhook +app.get("/*", (req, res) => { + // Parse the query param + var crc_token = req.query["crc_token"]; + console.log("-------------- New Request GET --------------"); + console.log("Headers:"+ JSON.stringify(req.headers, null, 3)); + console.log("Body:"+ JSON.stringify(req.body, null, 3)); + // Check if a token is in the query string of the request + if (crc_token) { + var hash = get_challenge_response(crc_token, consumer_secret) + res.status(200); + res.send({response_token: 'sha256=' + hash}) + } else { + res.status(400); + res.send({ message: "Error: crc_token missing from request."}) + } +}); + +app.listen(port, function () { + console.log(`Example Twitter app listening at ${port}`) +}) \ No newline at end of file diff --git a/package.json b/package.json index c2c41fc..dbc3989 100644 --- a/package.json +++ b/package.json @@ -6,7 +6,8 @@ "start": "node app.js", "startSlack": "node appSlack.js", "startFacebook": "node appFB.js", - "startDropbox": "node appDropbox.js" + "startDropbox": "node appDropbox.js", + "startTwitter": "node appTwitter.js" }, "repository": { "type": "git", From f4d794ab676e4a22ea67645972b5e75dc2864907 Mon Sep 17 00:00:00 2001 From: faonbr Date: Mon, 20 Feb 2023 11:19:03 -0300 Subject: [PATCH 5/7] twitter --- testhmac.js | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) create mode 100644 testhmac.js diff --git a/testhmac.js b/testhmac.js new file mode 100644 index 0000000..1f22be0 --- /dev/null +++ b/testhmac.js @@ -0,0 +1,16 @@ +const crypto = require('crypto'); + +const verifySignature = function(secret, payload){ + const hash = crypto + .createHmac('sha256', secret) + .update(payload) + .digest('base64'); + return `sha256=${hash}`; + } + +payload={"event_id":"01GJ0FH2Y3H1TYFF8EP9H2RHSG","event_type":"form_response","form_response":{"form_id":"uyifVtg4","token":"a5f3s9fabveqqec7o9l9sa5f3s9fitvt","landed_at":"2022-11-16T15:04:08Z","submitted_at":"2022-11-16T15:04:43Z","definition":{"id":"uyifVtg4","title":"My typeform","fields":[{"id":"HTE1PyMQrlQK","ref":"01GJ0DJYHF6NH3B6NH0YSP1DVF","type":"short_text","title":"Hello, what's your name?","properties":{}},{"id":"7EfljHzxs76Q","ref":"01GJ0DJYHSJ8HMEG2MQ1E819TN","type":"multiple_choice","title":"Nice to meet you, {{field:01GJ0DJYHF6NH3B6NH0YSP1DVF}}, how is your day going?","properties":{},"choices":[{"id":"rbTzd6XVsx8x","label":"Terrific!"},{"id":"tHnbelIABoFL","label":"Not so well..."}]}]},"answers":[{"type":"text","text":"Felippe","field":{"id":"HTE1PyMQrlQK","type":"short_text","ref":"01GJ0DJYHF6NH3B6NH0YSP1DVF"}},{"type":"choice","choice":{"label":"Terrific!"},"field":{"id":"7EfljHzxs76Q","type":"multiple_choice","ref":"01GJ0DJYHSJ8HMEG2MQ1E819TN"}}]}} + +secret = "12345"; +hmac = verifySignature(secret, JSON.stringify(payload)); +console.log(hmac); + \ No newline at end of file From e53ea4f1f3145fadaa7672007786b9851d42928e Mon Sep 17 00:00:00 2001 From: faonbr Date: Mon, 20 Feb 2023 11:19:57 -0300 Subject: [PATCH 6/7] log hash --- appTwitter.js | 1 + 1 file changed, 1 insertion(+) diff --git a/appTwitter.js b/appTwitter.js index 6ce95fe..286feb2 100644 --- a/appTwitter.js +++ b/appTwitter.js @@ -28,6 +28,7 @@ app.get("/*", (req, res) => { // Check if a token is in the query string of the request if (crc_token) { var hash = get_challenge_response(crc_token, consumer_secret) + console.log("hash="+ hash); res.status(200); res.send({response_token: 'sha256=' + hash}) } else { From 3a30993303ff08326f8f52f451d89a3f3bf7b4bc Mon Sep 17 00:00:00 2001 From: faonbr Date: Mon, 20 Feb 2023 11:20:09 -0300 Subject: [PATCH 7/7] log hash --- appTwitter.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/appTwitter.js b/appTwitter.js index 286feb2..4a3666e 100644 --- a/appTwitter.js +++ b/appTwitter.js @@ -28,7 +28,7 @@ app.get("/*", (req, res) => { // Check if a token is in the query string of the request if (crc_token) { var hash = get_challenge_response(crc_token, consumer_secret) - console.log("hash="+ hash); + console.log("crc token hash="+ hash); res.status(200); res.send({response_token: 'sha256=' + hash}) } else {