Instantly share code, notes, and snippets.

What would you like to do?
A multipass example written for Node.js.
var crypto = require('crypto')
// site name is your subdomain
, siteName = 'site_name'
// api key is generated here:
, apiKey = 'multipass_token'
, data = JSON.stringify({
uid: '19238333',
expires: (new Date( + 120000)).toISOString(),
customer_email: '',
customer_name: 'John'
, key, iv, cipher, buffers, multipass, signature
console.log("== Generating ==");
console.log(" Create the encryption key using a 16 byte SHA1 digest of your api key and subdomain");
key = crypto.createHash('sha1')
.update(apiKey + siteName)
.slice(0, 16);
console.log(" Generate a random 16 byte IV");
iv = crypto.randomBytes(16);
console.log(" Encrypt data using AES128-cbc");
cipher = crypto.createCipheriv('aes-128-cbc', key, iv);
buffers = [];
buffers.push(cipher.update(data, 'utf8', 'buffer'));
console.log(" Prepend the IV to the multipass token.");
console.log(" Combine the buffers and convert to base64.");
multipass = Buffer.concat(buffers).toString('base64');
console.log(" Build an HMAC-SHA1 signature using the encoded string and your api key");
signature = crypto.createHmac('sha1', apiKey)
console.log(" Finally, URL encode the multipass and signature");
multipass = encodeURIComponent(multipass);
signature = encodeURIComponent(signature);
console.log("== Finished ==");
console.log("URL: https://" + siteName + "" + multipass + "&signature=" + signature);

This comment has been minimized.

ShekharReddy4 commented Aug 2, 2016

Hello, could provide how to decode the tokens with an example :)


This comment has been minimized.

zeyarnaung commented Nov 24, 2016


Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment