tstachl/multipass.js

## multipass.js
var crypto = require('crypto')
// site name is your desk.com subdomain
  , siteName = 'site_name'
// api key is generated here: https://your_subdomain.desk.com/admin/channels/support-center/auth_settings
  , apiKey = 'multipass_token'

  , data = JSON.stringify({
    uid: '19238333',
    expires: (new Date(Date.now() + 120000)).toISOString(),
    customer_email: 'john@example.com',
    customer_name: 'John'
  })

  , key, iv, cipher, buffers, multipass, signature

console.log("== Generating ==");
console.log("    Create the encryption key using a 16 byte SHA1 digest of your api key and subdomain");
key = crypto.createHash('sha1')
            .update(apiKey + siteName)
            .digest()
            .slice(0, 16);

console.log("    Generate a random 16 byte IV");
iv = crypto.randomBytes(16);

console.log("    Encrypt data using AES128-cbc");
cipher  = crypto.createCipheriv('aes-128-cbc', key, iv);
buffers = [];

buffers.push(cipher.update(data, 'utf8', 'buffer'));
buffers.push(cipher.final('buffer'));

console.log("    Prepend the IV to the multipass token.");
buffers.unshift(iv);

console.log("    Combine the buffers and convert to base64.");
multipass = Buffer.concat(buffers).toString('base64');

console.log("    Build an HMAC-SHA1 signature using the encoded string and your api key");
signature = crypto.createHmac('sha1', apiKey)
                  .update(multipass)
                  .digest('base64');

console.log("    Finally, URL encode the multipass and signature");
multipass = encodeURIComponent(multipass);
signature = encodeURIComponent(signature);

console.log("== Finished ==");
console.log("URL: https://" + siteName + ".desk.com/customer/authentication/multipass/callback?multipass=" + multipass + "&signature=" + signature);
	var crypto = require('crypto')
	// site name is your desk.com subdomain
	, siteName = 'site_name'
	// api key is generated here: https://your_subdomain.desk.com/admin/channels/support-center/auth_settings
	, apiKey = 'multipass_token'

	, data = JSON.stringify({
	uid: '19238333',
	expires: (new Date(Date.now() + 120000)).toISOString(),
	customer_email: 'john@example.com',
	customer_name: 'John'
	})

	, key, iv, cipher, buffers, multipass, signature

	console.log("== Generating ==");
	console.log(" Create the encryption key using a 16 byte SHA1 digest of your api key and subdomain");
	key = crypto.createHash('sha1')
	.update(apiKey + siteName)
	.digest()
	.slice(0, 16);

	console.log(" Generate a random 16 byte IV");
	iv = crypto.randomBytes(16);

	console.log(" Encrypt data using AES128-cbc");
	cipher = crypto.createCipheriv('aes-128-cbc', key, iv);
	buffers = [];

	buffers.push(cipher.update(data, 'utf8', 'buffer'));
	buffers.push(cipher.final('buffer'));

	console.log(" Prepend the IV to the multipass token.");
	buffers.unshift(iv);

	console.log(" Combine the buffers and convert to base64.");
	multipass = Buffer.concat(buffers).toString('base64');

	console.log(" Build an HMAC-SHA1 signature using the encoded string and your api key");
	signature = crypto.createHmac('sha1', apiKey)
	.update(multipass)
	.digest('base64');

	console.log(" Finally, URL encode the multipass and signature");
	multipass = encodeURIComponent(multipass);
	signature = encodeURIComponent(signature);

	console.log("== Finished ==");
	console.log("URL: https://" + siteName + ".desk.com/customer/authentication/multipass/callback?multipass=" + multipass + "&signature=" + signature);