-
Notifications
You must be signed in to change notification settings - Fork 1
Expand file tree
/
Copy pathapp.js
More file actions
88 lines (72 loc) · 1.87 KB
/
app.js
File metadata and controls
88 lines (72 loc) · 1.87 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
var express = require('express');
var path = require('path');
var logger = require('morgan');
var cookieParser = require('cookie-parser');
var bodyParser = require('body-parser');
var crypto = require('crypto');
//
// Secret token configured while webhook integration
//
var SECRET_TOKEN = process.env.WEBHOOK_INTEGRATION_SECRET;
var app = express();
app.use(logger('dev'));
app.use(bodyParser.json());
app.use(bodyParser.urlencoded({extended: false}));
app.use(cookieParser());
app.use(express.static(path.join(__dirname, 'public')));
//
// Webhook receiver api
//
app.use('/webhook_client', verify_signature, process_webhook);
// catch 404 and forward to error handler
app.use(function(req, res, next) {
var err = new Error('Not Found');
err.status = 404;
next(err);
});
// error handler
app.use(function(err, req, res, next) {
console.error(err);
// render the error page
res.status(err.status || 500);
res.json();
});
//
// Verify sequr signature
//
function verify_signature(req, res, next) {
//
// Save sequr signature in local data holder
//
var x_sequr_signature = req.headers['x-sequr-signature'];
var payload = req.body;
//
// Print payload
//
console.log("Payload :: " + JSON.stringify(payload));
console.log("x-sequr-signature : %s", x_sequr_signature);
//
// Create hex from payload with secret
//
let hmac = crypto.createHmac('sha1', SECRET_TOKEN);
hmac.update(JSON.stringify(payload));
var client_signature = 'sha1=' + hmac.digest('hex');
//
// Compare sequr signature and computed signature
//
if (client_signature == x_sequr_signature) { return next(); }
//
// Signatures are not matching so let user know
//
var error = new Error("Signatures didn't match!");
error.status = 401;
return next(error);
}
//
// Webhook processing function
//
function process_webhook(req, res, next) {
res.status(200);
res.end();
}
module.exports = app;