simonr-cb
simonr-cb
/ shipraider.js
Created
January 12, 2018 17:02
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // The Auth0 client ID | |
| const AUTH0_CLIENT_ID = "PUT-YOUR-CLIENT-ID-HERE" | |
| // The Auth0 domain | |
| const AUTH0_DOMAIN = "PUT-YOUR-DOMAIN-HERE" |
simonr-cb
/ demo-configuration.js
Created
January 12, 2018 17:01
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| config.auth0Domain = "PUT-YOUR-DOMAIN-HERE" |
simonr-cb
/ demo-configuration.js
Created
January 12, 2018 17:01
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| config.serverHostName = "PUT-YOUR-SERVER-HOSTNAME-HERE" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // Just use the static secret during HMAC verification for this demo stage | |
| hmac = crypto.createHmac('sha256', Buffer.from(secret, 'base64')) | |
| ... | |
| ... | |
| // Compute the request HMAC using the HMAC SHA-256 algorithm | |
| hmac.update(req.protocol) | |
| hmac.update(req.host) | |
| hmac.update(req.originalUrl) | |
| hmac.update(req.get('Authorization')) | |
| var ourShipFastHMAC = hmac.digest('hex') |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // Retrieve the ShipFast HMAC used to sign the API request from the request header | |
| var requestShipFastHMAC = req.get('SF-HMAC') |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // The ShipFast HMAC secret used to sign API requests | |
| const SHIPFAST_HMAC_SECRET = '4ymoofRe0l87QbGoR0YH+/tqBN933nKAGxzvh5z2aXr5XlsYzlwQ6pVArGweqb7cN56khD/FvY0b6rWc4PFOPw==' |
simonr-cb
/ demo-configuration.js
Created
January 12, 2018 16:48
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // The current demo stage | |
| config.currentDemoStage = DEMO_STAGE.HMAC_STATIC_SECRET_PROTECTION |
simonr-cb
/ DemoConfiguration.kt
Created
January 12, 2018 16:48
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /** The current demo stage */ | |
| val currentDemoStage = DemoStage.HMAC_STATIC_SECRET_PROTECTION |
simonr-cb
/ shipraider.js
Created
January 12, 2018 16:47
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| for (var lat = latStart; lat <= latEnd; lat += locStep) { | |
| for (var lon = lonStart; lon <= lonEnd; lon += locStep) { | |
| fetchNearestShipment(lat, lon) | |
| } | |
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // Create middleware for checking the JWT | |
| const checkJwt = jwt({ | |
| // Dynamically provide a signing key based on the kid in the header and the singing keys provided by the JWKS endpoint | |
| secret: jwksRsa.expressJwtSecret({ | |
| cache: true, | |
| rateLimit: true, | |
| jwksRequestsPerMinute: 5, | |
| jwksUri: "https://" + config.auth0Domain + "/.well-known/jwks.json" | |
| }), |
NewerOlder