Created
January 8, 2020 11:29
-
-
Save sergi/6fb14de54f71e80447e194e035f37960 to your computer and use it in GitHub Desktop.
ING sandbox auth
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
const { execSync } = require("child_process"); | |
const uuidv1 = require("uuid/v1"); | |
const crypto = require("crypto"); | |
const moment = require("moment"); | |
const fs = require("fs"); | |
const rp = require("request-promise"); | |
const hostname = "api.sandbox.ing.com"; | |
const keyId = "e77..."; // client_id as provided in the documentation | |
const certPath = "./certs/"; // path of the downloaded certificates and keys | |
const key = fs.readFileSync(`${certPath}example_client_tls.key`); | |
const cert = fs.readFileSync(`${certPath}example_client_tls.cer`); | |
const REQ_ID = uuidv1(); | |
function getDigest(payload) { | |
return ( | |
"SHA-256=" + | |
crypto | |
.createHash("sha256") | |
.update(payload) | |
.digest("base64") | |
); | |
} | |
function getCurrentDate() { | |
return moment | |
.utc() | |
.format("ddd, DD MMM YYYY kk:mm:ss z") | |
.replace("UTC", "GMT"); | |
} | |
function getSignature(str) { | |
const cmd = `printf "${str}" | openssl dgst -sha256 -sign "${certPath}example_client_signing.key" -passin "pass:changeit" | openssl base64 -A`; | |
const signature = execSync(cmd); | |
return `Signature keyId="${keyId}",algorithm="rsa-sha256",headers="(request-target) date digest x-request-id",signature="${signature.toString()}"`; | |
} | |
(async () => { | |
const payload = "grant_type=client_credentials"; | |
const digest = getDigest(payload); | |
const now = getCurrentDate(); | |
const signingString = `(request-target): post /oauth2/token | |
date: ${now} | |
digest: ${digest} | |
x-request-id: ${REQ_ID}`; | |
const options = { | |
method: "POST", | |
uri: `https://${hostname}/oauth2/token`, | |
headers: { | |
"x-request-id": REQ_ID, | |
Accept: "application/json", | |
"Content-Type": "application/x-www-form-urlencoded", | |
Digest: digest, | |
Date: now, | |
authorization: getSignature(signingString), | |
"cache-control": "no-cache" | |
}, | |
body: payload, | |
json: true, | |
key, | |
cert | |
}; | |
const bodyJson = await rp(options); | |
const accessToken = bodyJson["access_token"]; | |
{ | |
const body = "grant_type=client_credentials"; | |
const digest = getDigest(body); | |
const date = getCurrentDate(); | |
const signature = getSignature(`(request-target): get /v3/accounts | |
date: ${date} | |
digest: ${digest} | |
x-request-id: ${REQ_ID}`); | |
const opts = { | |
method: "GET", | |
uri: `https://${hostname}/v3/accounts`, | |
headers: { | |
"x-request-id": REQ_ID, | |
Accept: "application/json", | |
signature, | |
digest, | |
date, | |
Authorization: `Bearer ${accessToken}`, | |
"cache-control": "no-cache" | |
}, | |
body, | |
json: true, | |
key, | |
cert | |
}; | |
try { | |
const acctBody = await rp(opts); | |
console.log(acctBody); | |
} catch (e) { | |
console.log(e.name, e.statusCode); | |
console.log(e.message); | |
} | |
} | |
})(); |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment