Skip to content

Instantly share code, notes, and snippets.

View shrmpy's full-sized avatar

Shrimp Research shrmpy

6 followers · 40 following
View GitHub Profile
@shrmpy
shrmpy / butler-oauth.go
Created June 30, 2022 02:15
itch CLI command butler login is the normal way to obtain the wharf scope key, but there is no arm; culled from mansion/authenticate.go
package main
import (
"fmt"
"net"
"net/http"
"net/url"
"regexp"
)
@shrmpy
shrmpy / main_middleware.go
Created November 19, 2021 07:04
refactor init and lambda.Start with the addition of middleware
var conf *ebs.Config
func init() {
conf = ebs.NewConfig()
secret := os.Getenv("EXTENSION_SECRET")
helper = newService(decodeSecret(secret))
}
func main() {
lambda.Start(
@shrmpy
shrmpy / Preflight_test.go
Created November 19, 2021 06:46
refactor preflight request test for the addition of middleware
func TestPreflight(t *testing.T) {
// prep test data
conf := ebs.NewConfig()
expectMethods := "POST, GET, OPTIONS, PUT"
expectHeaders := "Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization"
expectOrigin := ""
req := newTestRequest("OPTIONS")
// run the handler logic
result, err := ebs.MiddlewareCORS(conf, handler)(req)
@shrmpy
shrmpy / middleware.go
Created November 19, 2021 06:14
package middleware to manage headers and support the CORS tests
package ebs
import (
"net/http"
"github.com/aws/aws-lambda-go/events"
)
type HandlerFunc func(events.APIGatewayProxyRequest) (events.APIGatewayProxyResponse, error)
@shrmpy
shrmpy / config.go
Created November 19, 2021 06:09
package configuration to abstract environment variables and support the CORS tests
package ebs
import (
"fmt"
"os"
)
// configuration
// to make environment variables available to testing
const EXTENSION_ID = "EXTENSION_ID"
@shrmpy
shrmpy / AllowOrigin_test.go
Created November 19, 2021 05:43
func TestAccessControlAllowOrigin(t *testing.T) {
// prepare data
conf := ebs.NewConfig()
conf.ExtensionId("HOSTNAME-TEST")
expectMethods := "POST, GET, OPTIONS, PUT"
expectHeaders := "Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization"
expectOrigin := "https://HOSTNAME-TEST.ext-twitch.tv"
req := newTestRequest("GET")
// run handler logic
@shrmpy
shrmpy / preprocess.go
Created November 3, 2021 07:52
Add claims-extraction because it verifies the extension secret
// extension secret is enforced by claims extraction
cl, err := helper.claims(token)
if err != nil {
log.Print("Malformed claims meta data")
return newResponse("Wrong authorization header", http.StatusUnauthorized),
errors.New("claims")
}
log.Printf("Claims (ch/role): %s / %s", cl.ChannelID, cl.Role)
@shrmpy
shrmpy / WrongSecret_test.go
Last active November 3, 2021 02:53
Add the negative test to verify there is logic that enforces the correct extension secret
func TestWrongExtensionSecret(t *testing.T) {
// prepare data
wrongHeader := make(map[string]string)
wrongHeader["Authorization"] = "Bearer WRONG-KEY"
req := events.APIGatewayProxyRequest{
HTTPMethod: "GET",
Body: "",
Headers: wrongHeader,
}
@shrmpy
shrmpy / sequence-ebs-auth.md
Created October 10, 2021 00:47
mermaid sequence diagram for Authorization header between Twitch panel and EBS 
sequenceDiagram
    autonumber
    Panel->>+Twitch: onAuthorized
    Twitch-->>-Panel: token

    Panel->>+EBS: Authorization: Bearer token
    Note left of Panel: Button click event
 EBS-->>-Panel: Pavlok URL
@shrmpy
shrmpy / Dockerfile
Created November 27, 2018 23:58
Build Flourine snap using the containerized Electron-builder
# Build Fluorine snap
# 1. Save this as a file named Dockerfile (e.g., /tmp/Dockerfile)
# 2. Build the container
# cd /tmp/Dockerfile
# docker build -t fluorine .
#
# The result Fluorine_1.2.5_amd64.snap file is inside the container /usr/local/fluorine/dist
# 3. To copy the file, run the container with a mount argument:
# docker run -ti --rm -v $PWD:/tmp/tocopy --entrypoint sh fluorine
# >cp /usr/local/fluorine/dist/Fluorine_1.2.5_amd64.snap /tmp/tocopy/