This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
// The Auth0 client ID | |
const AUTH0_CLIENT_ID = "PUT-YOUR-CLIENT-ID-HERE" | |
// The Auth0 domain | |
const AUTH0_DOMAIN = "PUT-YOUR-DOMAIN-HERE" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
config.auth0Domain = "PUT-YOUR-DOMAIN-HERE" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
config.serverHostName = "PUT-YOUR-SERVER-HOSTNAME-HERE" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
// Just use the static secret during HMAC verification for this demo stage | |
hmac = crypto.createHmac('sha256', Buffer.from(secret, 'base64')) | |
... | |
... | |
// Compute the request HMAC using the HMAC SHA-256 algorithm | |
hmac.update(req.protocol) | |
hmac.update(req.host) | |
hmac.update(req.originalUrl) | |
hmac.update(req.get('Authorization')) | |
var ourShipFastHMAC = hmac.digest('hex') |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
// Retrieve the ShipFast HMAC used to sign the API request from the request header | |
var requestShipFastHMAC = req.get('SF-HMAC') |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
// The ShipFast HMAC secret used to sign API requests | |
const SHIPFAST_HMAC_SECRET = '4ymoofRe0l87QbGoR0YH+/tqBN933nKAGxzvh5z2aXr5XlsYzlwQ6pVArGweqb7cN56khD/FvY0b6rWc4PFOPw==' |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
// The current demo stage | |
config.currentDemoStage = DEMO_STAGE.HMAC_STATIC_SECRET_PROTECTION |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
/** The current demo stage */ | |
val currentDemoStage = DemoStage.HMAC_STATIC_SECRET_PROTECTION |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
for (var lat = latStart; lat <= latEnd; lat += locStep) { | |
for (var lon = lonStart; lon <= lonEnd; lon += locStep) { | |
fetchNearestShipment(lat, lon) | |
} | |
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
// Create middleware for checking the JWT | |
const checkJwt = jwt({ | |
// Dynamically provide a signing key based on the kid in the header and the singing keys provided by the JWKS endpoint | |
secret: jwksRsa.expressJwtSecret({ | |
cache: true, | |
rateLimit: true, | |
jwksRequestsPerMinute: 5, | |
jwksUri: "https://" + config.auth0Domain + "/.well-known/jwks.json" | |
}), |
NewerOlder