Create a gist now

Instantly share code, notes, and snippets.

What would you like to do?
A multipass example written for Node.js.
var crypto = require('crypto')
// site name is your desk.com subdomain
, siteName = 'site_name'
// api key is generated here: https://your_subdomain.desk.com/admin/channels/support-center/auth_settings
, apiKey = 'multipass_token'
, data = JSON.stringify({
uid: '19238333',
expires: (new Date(Date.now() + 120000)).toISOString(),
customer_email: 'john@example.com',
customer_name: 'John'
})
, key, iv, cipher, buffers, multipass, signature
console.log("== Generating ==");
console.log(" Create the encryption key using a 16 byte SHA1 digest of your api key and subdomain");
key = crypto.createHash('sha1')
.update(apiKey + siteName)
.digest()
.slice(0, 16);
console.log(" Generate a random 16 byte IV");
iv = crypto.randomBytes(16);
console.log(" Encrypt data using AES128-cbc");
cipher = crypto.createCipheriv('aes-128-cbc', key, iv);
buffers = [];
buffers.push(cipher.update(data, 'utf8', 'buffer'));
buffers.push(cipher.final('buffer'));
console.log(" Prepend the IV to the multipass token.");
buffers.unshift(iv);
console.log(" Combine the buffers and convert to base64.");
multipass = Buffer.concat(buffers).toString('base64');
console.log(" Build an HMAC-SHA1 signature using the encoded string and your api key");
signature = crypto.createHmac('sha1', apiKey)
.update(multipass)
.digest('base64');
console.log(" Finally, URL encode the multipass and signature");
multipass = encodeURIComponent(multipass);
signature = encodeURIComponent(signature);
console.log("== Finished ==");
console.log("URL: https://" + siteName + ".desk.com/customer/authentication/multipass/callback?multipass=" + multipass + "&signature=" + signature);

ShekharReddy4 commented Aug 2, 2016 edited

@tstachl
Hello, could provide how to decode the tokens with an example :)

push

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment