Instantly share code, notes, and snippets.

Embed
What would you like to do?
A multipass example written for Node.js.
var crypto = require('crypto')
// site name is your desk.com subdomain
, siteName = 'site_name'
// api key is generated here: https://your_subdomain.desk.com/admin/channels/support-center/auth_settings
, apiKey = 'multipass_token'
, data = JSON.stringify({
uid: '19238333',
expires: (new Date(Date.now() + 120000)).toISOString(),
customer_email: 'john@example.com',
customer_name: 'John'
})
, key, iv, cipher, buffers, multipass, signature
console.log("== Generating ==");
console.log(" Create the encryption key using a 16 byte SHA1 digest of your api key and subdomain");
key = crypto.createHash('sha1')
.update(apiKey + siteName)
.digest()
.slice(0, 16);
console.log(" Generate a random 16 byte IV");
iv = crypto.randomBytes(16);
console.log(" Encrypt data using AES128-cbc");
cipher = crypto.createCipheriv('aes-128-cbc', key, iv);
buffers = [];
buffers.push(cipher.update(data, 'utf8', 'buffer'));
buffers.push(cipher.final('buffer'));
console.log(" Prepend the IV to the multipass token.");
buffers.unshift(iv);
console.log(" Combine the buffers and convert to base64.");
multipass = Buffer.concat(buffers).toString('base64');
console.log(" Build an HMAC-SHA1 signature using the encoded string and your api key");
signature = crypto.createHmac('sha1', apiKey)
.update(multipass)
.digest('base64');
console.log(" Finally, URL encode the multipass and signature");
multipass = encodeURIComponent(multipass);
signature = encodeURIComponent(signature);
console.log("== Finished ==");
console.log("URL: https://" + siteName + ".desk.com/customer/authentication/multipass/callback?multipass=" + multipass + "&signature=" + signature);
@ShekharReddy4

This comment has been minimized.

Copy link

ShekharReddy4 commented Aug 2, 2016

@tstachl
Hello, could provide how to decode the tokens with an example :)

@zeyarnaung

This comment has been minimized.

Copy link

zeyarnaung commented Nov 24, 2016

push

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment