From 8ba93b201d4fb9802073aadd8821c83852e8c2dd Mon Sep 17 00:00:00 2001 From: dannyvassallo Date: Fri, 15 Jan 2021 19:54:53 -0500 Subject: [PATCH 01/12] trying to convert python to node --- src/api/discord-verification.js | 0 1 file changed, 0 insertions(+), 0 deletions(-) create mode 100644 src/api/discord-verification.js diff --git a/src/api/discord-verification.js b/src/api/discord-verification.js new file mode 100644 index 0000000..e69de29 From f38fc309a35839d665a8395e582078c88433675c Mon Sep 17 00:00:00 2001 From: dannyvassallo Date: Fri, 15 Jan 2021 19:57:38 -0500 Subject: [PATCH 02/12] dictionary --- .vscode/settings.json | 65 +++++++++++++++++++++++++++++++++ src/api/discord-verification.js | 56 ++++++++++++++++++++++++++++ 2 files changed, 121 insertions(+) create mode 100644 .vscode/settings.json diff --git a/.vscode/settings.json b/.vscode/settings.json new file mode 100644 index 0000000..241453a --- /dev/null +++ b/.vscode/settings.json @@ -0,0 +1,65 @@ +{ + "cSpell.ignoreWords": [ + "autogenerated", + "boop", + "braintree", + "buildkite", + "camelcase", + "caniuse", + "chartmetric", + "codecov", + "codegen", + "codeship", + "ddex", + "dedupe", + "deployers", + "destructure", + "dont", + "dropzone", + "entrypoint", + "eval", + "feature", + "ffmpeg", + "flexbox", + "flowtype", + "ftui", + "geocountry", + "githooks", + "graphdoc", + "has", + "hocs", + "kubectl", + "kubernetes", + "loadables", + "luxon", + "minitest", + "nacl", + "name", + "new", + "noopener", + "noreferrer", + "observee", + "paypal", + "pipefail", + "prebuild", + "raygun", + "recaptcha", + "repos", + "rubocop", + "scrollable", + "semibold", + "soundcloud", + "tandc", + "tcomb", + "theming", + "tipalti", + "turbolinks", + "typeof", + "unmock", + "unstyled", + "vevo", + "vydia", + "vydiadev", + "youtube" + ], +} diff --git a/src/api/discord-verification.js b/src/api/discord-verification.js index e69de29..452e545 100644 --- a/src/api/discord-verification.js +++ b/src/api/discord-verification.js @@ -0,0 +1,56 @@ +const naclFactory = require("js-nacl") +const PUBLIC_KEY = '' +const PING_PONG = {"type": 1} +const RESPONSE_TYPES = { + "PONG": 1, + "ACK_NO_SOURCE": 2, + "MESSAGE_NO_SOURCE": 3, + "MESSAGE_WITH_SOURCE": 4, + "ACK_WITH_SOURCE": 5 +} + +const verifySignature = (event) => { + rawBody = event["rawBody"] + authSig = event['params']['header']['x-signature-ed25519'] + authTs = event['params']['header']['x-signature-timestamp'] + + message = encodeURI(authTs) + encodeURI(rawBody) + naclFactory.instantiate((nacl) => { + return nacl.crypto_sign_verify_detached( + nacl.from_hex(authSig), + message, + nacl.from_hex(PUBLIC_KEY) + ) + }) +} + +const pingPong = (body) => { + if (body["type"] == 1) return true + return false +} + +const lambdaHandler = (event, context) => { + console.log(`event ${event}`) + + try { + verifySignature(event) + } catch { + console.error(f"[UNAUTHORIZED] Invalid request signature: {e}") + } + + const body = event['body-json'] + + if (pingPong(body)) { + return PING_PONG + } + + return { + "type": RESPONSE_TYPES['MESSAGE_NO_SOURCE'], + "data": { + "tts": False, + "content": "BEEP BOOP", + "embeds": [], + "allowed_mentions": [] + } + } +} From efc7560c649a149a39086fee9539927fb6becd47 Mon Sep 17 00:00:00 2001 From: dannyvassallo Date: Fri, 15 Jan 2021 19:59:43 -0500 Subject: [PATCH 03/12] that conditional is dumb --- src/api/discord-verification.js | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/src/api/discord-verification.js b/src/api/discord-verification.js index 452e545..f665a40 100644 --- a/src/api/discord-verification.js +++ b/src/api/discord-verification.js @@ -25,8 +25,7 @@ const verifySignature = (event) => { } const pingPong = (body) => { - if (body["type"] == 1) return true - return false + body["type"] == 1 } const lambdaHandler = (event, context) => { From 0c17439e7a7338eb17e56570d622756f8c2d8a7e Mon Sep 17 00:00:00 2001 From: dannyvassallo Date: Fri, 15 Jan 2021 20:01:04 -0500 Subject: [PATCH 04/12] added js-nacl --- package.json | 3 ++- src/api/{discord-verification.js => discord.js} | 6 +----- yarn.lock | 5 +++++ 3 files changed, 8 insertions(+), 6 deletions(-) rename src/api/{discord-verification.js => discord.js} (93%) diff --git a/package.json b/package.json index 63cd43d..8dea270 100644 --- a/package.json +++ b/package.json @@ -6,7 +6,8 @@ "author": "dannyvassallo ", "license": "MIT", "dependencies": { - "discord.js": "^12.5.1" + "discord.js": "^12.5.1", + "js-nacl": "^1.3.2" }, "scripts": { "start": "node index.js" diff --git a/src/api/discord-verification.js b/src/api/discord.js similarity index 93% rename from src/api/discord-verification.js rename to src/api/discord.js index f665a40..835afa3 100644 --- a/src/api/discord-verification.js +++ b/src/api/discord.js @@ -24,10 +24,6 @@ const verifySignature = (event) => { }) } -const pingPong = (body) => { - body["type"] == 1 -} - const lambdaHandler = (event, context) => { console.log(`event ${event}`) @@ -39,7 +35,7 @@ const lambdaHandler = (event, context) => { const body = event['body-json'] - if (pingPong(body)) { + if (body["type"] == 1) { return PING_PONG } diff --git a/yarn.lock b/yarn.lock index 83877a2..db56eab 100644 --- a/yarn.lock +++ b/yarn.lock @@ -59,6 +59,11 @@ event-target-shim@^5.0.0: resolved "https://registry.yarnpkg.com/event-target-shim/-/event-target-shim-5.0.1.tgz#5d4d3ebdf9583d63a5333ce2deb7480ab2b05789" integrity sha512-i/2XbnSz/uxRCU6+NdVJgKWDTM427+MqYbkQzD321DuCQJUqOuJKIA0IM2+W2xtYHdKOmZ4dR6fExsd4SXL+WQ== +js-nacl@^1.3.2: + version "1.3.2" + resolved "https://registry.yarnpkg.com/js-nacl/-/js-nacl-1.3.2.tgz#f2f6da8bad61d300f09ccc5acbd0fd75f11e258f" + integrity sha512-XEV2slQ60lLhtL8X+PfFYFfen3b0eg+IU3deWKXKF285nqAf/f24Z15LvlLkVogpAb/9eAxe7o1AtThhKGvQkg== + mime-db@1.45.0: version "1.45.0" resolved "https://registry.yarnpkg.com/mime-db/-/mime-db-1.45.0.tgz#cceeda21ccd7c3a745eba2decd55d4b73e7879ea" From 78c2ae74dae5799f4e42b859b8fbce88728a42fe Mon Sep 17 00:00:00 2001 From: dannyvassallo Date: Fri, 15 Jan 2021 20:06:17 -0500 Subject: [PATCH 05/12] more refactoring --- src/api/discord.js | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/api/discord.js b/src/api/discord.js index 835afa3..483d637 100644 --- a/src/api/discord.js +++ b/src/api/discord.js @@ -1,4 +1,5 @@ const naclFactory = require("js-nacl") + const PUBLIC_KEY = '' const PING_PONG = {"type": 1} const RESPONSE_TYPES = { @@ -14,11 +15,10 @@ const verifySignature = (event) => { authSig = event['params']['header']['x-signature-ed25519'] authTs = event['params']['header']['x-signature-timestamp'] - message = encodeURI(authTs) + encodeURI(rawBody) naclFactory.instantiate((nacl) => { return nacl.crypto_sign_verify_detached( nacl.from_hex(authSig), - message, + `${encodeURI(authTs)}${encodeURI(rawBody)}`, nacl.from_hex(PUBLIC_KEY) ) }) From 769644805ea99cd9a7f4070a621fdf025fe78c7e Mon Sep 17 00:00:00 2001 From: dannyvassallo Date: Fri, 15 Jan 2021 20:08:59 -0500 Subject: [PATCH 06/12] updated to use tsx --- src/api/{discord.js => discord.tsx} | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) rename src/api/{discord.js => discord.tsx} (74%) diff --git a/src/api/discord.js b/src/api/discord.tsx similarity index 74% rename from src/api/discord.js rename to src/api/discord.tsx index 483d637..102cb4d 100644 --- a/src/api/discord.js +++ b/src/api/discord.tsx @@ -1,4 +1,4 @@ -const naclFactory = require("js-nacl") +import naclFactory from "js-nacl" const PUBLIC_KEY = '' const PING_PONG = {"type": 1} @@ -11,9 +11,9 @@ const RESPONSE_TYPES = { } const verifySignature = (event) => { - rawBody = event["rawBody"] - authSig = event['params']['header']['x-signature-ed25519'] - authTs = event['params']['header']['x-signature-timestamp'] + const rawBody = event["rawBody"] + const authSig = event['params']['header']['x-signature-ed25519'] + const authTs = event['params']['header']['x-signature-timestamp'] naclFactory.instantiate((nacl) => { return nacl.crypto_sign_verify_detached( @@ -30,7 +30,7 @@ const lambdaHandler = (event, context) => { try { verifySignature(event) } catch { - console.error(f"[UNAUTHORIZED] Invalid request signature: {e}") + console.error("[UNAUTHORIZED] Invalid request signature: {e}") } const body = event['body-json'] @@ -42,7 +42,7 @@ const lambdaHandler = (event, context) => { return { "type": RESPONSE_TYPES['MESSAGE_NO_SOURCE'], "data": { - "tts": False, + "tts": false, "content": "BEEP BOOP", "embeds": [], "allowed_mentions": [] From 21f767ae2a1090c064b239e9fc556c30e8cabae3 Mon Sep 17 00:00:00 2001 From: dannyvassallo Date: Fri, 15 Jan 2021 20:10:51 -0500 Subject: [PATCH 07/12] use real public key --- src/api/discord.tsx | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/api/discord.tsx b/src/api/discord.tsx index 102cb4d..0bce054 100644 --- a/src/api/discord.tsx +++ b/src/api/discord.tsx @@ -1,6 +1,6 @@ import naclFactory from "js-nacl" -const PUBLIC_KEY = '' +const PUBLIC_KEY = '516311b92a3f7ef74e8034274aedcad679216d5f19183becf4a627b06b9884d4' const PING_PONG = {"type": 1} const RESPONSE_TYPES = { "PONG": 1, From 79ea93350710990f66505caaec6dc985256a73be Mon Sep 17 00:00:00 2001 From: dannyvassallo Date: Fri, 15 Jan 2021 20:12:55 -0500 Subject: [PATCH 08/12] more cleanup --- src/api/discord.tsx | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/src/api/discord.tsx b/src/api/discord.tsx index 0bce054..6218f5c 100644 --- a/src/api/discord.tsx +++ b/src/api/discord.tsx @@ -1,7 +1,6 @@ import naclFactory from "js-nacl" const PUBLIC_KEY = '516311b92a3f7ef74e8034274aedcad679216d5f19183becf4a627b06b9884d4' -const PING_PONG = {"type": 1} const RESPONSE_TYPES = { "PONG": 1, "ACK_NO_SOURCE": 2, @@ -36,7 +35,7 @@ const lambdaHandler = (event, context) => { const body = event['body-json'] if (body["type"] == 1) { - return PING_PONG + return {"type": 1} } return { From 2b5df75675a4a89f6210877e030a3a941bc4269c Mon Sep 17 00:00:00 2001 From: dannyvassallo Date: Fri, 15 Jan 2021 20:16:07 -0500 Subject: [PATCH 09/12] single quotes --- src/api/discord.tsx | 32 ++++++++++++++++---------------- 1 file changed, 16 insertions(+), 16 deletions(-) diff --git a/src/api/discord.tsx b/src/api/discord.tsx index 6218f5c..44a5a3d 100644 --- a/src/api/discord.tsx +++ b/src/api/discord.tsx @@ -1,16 +1,16 @@ -import naclFactory from "js-nacl" +import naclFactory from 'js-nacl' const PUBLIC_KEY = '516311b92a3f7ef74e8034274aedcad679216d5f19183becf4a627b06b9884d4' const RESPONSE_TYPES = { - "PONG": 1, - "ACK_NO_SOURCE": 2, - "MESSAGE_NO_SOURCE": 3, - "MESSAGE_WITH_SOURCE": 4, - "ACK_WITH_SOURCE": 5 + 'PONG': 1, + 'ACK_NO_SOURCE': 2, + 'MESSAGE_NO_SOURCE': 3, + 'MESSAGE_WITH_SOURCE': 4, + 'ACK_WITH_SOURCE': 5 } const verifySignature = (event) => { - const rawBody = event["rawBody"] + const rawBody = event['rawBody'] const authSig = event['params']['header']['x-signature-ed25519'] const authTs = event['params']['header']['x-signature-timestamp'] @@ -29,22 +29,22 @@ const lambdaHandler = (event, context) => { try { verifySignature(event) } catch { - console.error("[UNAUTHORIZED] Invalid request signature: {e}") + console.error('[UNAUTHORIZED] Invalid request signature: {e}') } const body = event['body-json'] - if (body["type"] == 1) { - return {"type": 1} + if (body['type'] == 1) { + return {'type': 1} } return { - "type": RESPONSE_TYPES['MESSAGE_NO_SOURCE'], - "data": { - "tts": false, - "content": "BEEP BOOP", - "embeds": [], - "allowed_mentions": [] + 'type': RESPONSE_TYPES['MESSAGE_NO_SOURCE'], + 'data': { + 'tts': false, + 'content': 'BEEP BOOP', + 'embeds': [], + 'allowed_mentions': [] } } } From 752240e2ab9e018e63803bc67ec4e3253adeaa6b Mon Sep 17 00:00:00 2001 From: TSMMark Date: Fri, 15 Jan 2021 20:43:55 -0500 Subject: [PATCH 10/12] export default handler --- src/api/discord.tsx | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/src/api/discord.tsx b/src/api/discord.tsx index 44a5a3d..93da791 100644 --- a/src/api/discord.tsx +++ b/src/api/discord.tsx @@ -1,4 +1,5 @@ import naclFactory from 'js-nacl' +import type { NextApiRequest, NextApiResponse } from 'next' const PUBLIC_KEY = '516311b92a3f7ef74e8034274aedcad679216d5f19183becf4a627b06b9884d4' const RESPONSE_TYPES = { @@ -23,7 +24,7 @@ const verifySignature = (event) => { }) } -const lambdaHandler = (event, context) => { +export default function handler(req: NextApiRequest, res: NextApiResponse) { console.log(`event ${event}`) try { From 7958e2abcc8b0d58913a86a5f76b0ec001586d9b Mon Sep 17 00:00:00 2001 From: TSMMark Date: Fri, 15 Jan 2021 20:46:59 -0500 Subject: [PATCH 11/12] noo try catch --- src/api/discord.tsx | 7 +------ 1 file changed, 1 insertion(+), 6 deletions(-) diff --git a/src/api/discord.tsx b/src/api/discord.tsx index 93da791..91200da 100644 --- a/src/api/discord.tsx +++ b/src/api/discord.tsx @@ -27,12 +27,7 @@ const verifySignature = (event) => { export default function handler(req: NextApiRequest, res: NextApiResponse) { console.log(`event ${event}`) - try { - verifySignature(event) - } catch { - console.error('[UNAUTHORIZED] Invalid request signature: {e}') - } - + verifySignature(event) const body = event['body-json'] if (body['type'] == 1) { From c008f09ae67462961819373715ca215dda479f70 Mon Sep 17 00:00:00 2001 From: Tyler Geerdts Date: Sat, 16 Jan 2021 00:51:10 -0500 Subject: [PATCH 12/12] Moved to pages and changed event to req --- pages/api/discord.tsx | 77 +++++++++++++++++++++++++++++++++++++++++++ src/api/discord.tsx | 51 ---------------------------- 2 files changed, 77 insertions(+), 51 deletions(-) create mode 100644 pages/api/discord.tsx delete mode 100644 src/api/discord.tsx diff --git a/pages/api/discord.tsx b/pages/api/discord.tsx new file mode 100644 index 0000000..f5b48aa --- /dev/null +++ b/pages/api/discord.tsx @@ -0,0 +1,77 @@ +import naclFactory from 'js-nacl' +import type { NextApiRequest, NextApiResponse } from 'next' + +export const config = { + api: { + bodyParser: false, + } +} + +const PUBLIC_KEY = '516311b92a3f7ef74e8034274aedcad679216d5f19183becf4a627b06b9884d4' +const RESPONSE_TYPES = { + 'PONG': 1, + 'ACK_NO_SOURCE': 2, + 'MESSAGE_NO_SOURCE': 3, + 'MESSAGE_WITH_SOURCE': 4, + 'ACK_WITH_SOURCE': 5 +} + +const verifySignature = (rawBody: string, headers: Object) => { + const authSig = headers['x-signature-ed25519'] + const authTs = headers['x-signature-timestamp'] + const authT: string = typeof(authTs) === 'string' ? authTs : authTs[0] + + console.log('raw body: ', rawBody) + + naclFactory.instantiate((nacl) => { + const verified = nacl.crypto_sign_verify_detached( + nacl.from_hex(authSig), + `${encodeURI(authT)}${encodeURI(rawBody)}`, + nacl.from_hex(PUBLIC_KEY) + ) + console.log(verified) + return verified + }) +} + +export default async (req: NextApiRequest, res: NextApiResponse) => { + // console.log(`headers: ${JSON.stringify(req.headers)}`) + // console.log(`body: ${JSON.stringify(req.body)}`) + + const rawBody: string = await new Promise((resolve) => { + if (!req.body) { + let buffer = '' + req.on('data', (chunk) => { + console.log(chunk) + buffer += chunk + }) + + req.on('end', () => { + resolve(buffer) + }) + } + }) + const body = JSON.parse(Buffer.from(rawBody).toString()) + + console.log(`raw body: ${rawBody}`) + console.log(`body: ${JSON.stringify(body)}`) + try { + verifySignature(rawBody, req.headers) + } catch { + console.error('[UNAUTHORIZED] Invalid request signature: {e}') + } + + if (body['type'] == 1) { + return {'type': 1} + } + + return { + 'type': RESPONSE_TYPES['MESSAGE_NO_SOURCE'], + 'data': { + 'tts': false, + 'content': 'BEEP BOOP', + 'embeds': [], + 'allowed_mentions': [] + } + } +} diff --git a/src/api/discord.tsx b/src/api/discord.tsx deleted file mode 100644 index 93da791..0000000 --- a/src/api/discord.tsx +++ /dev/null @@ -1,51 +0,0 @@ -import naclFactory from 'js-nacl' -import type { NextApiRequest, NextApiResponse } from 'next' - -const PUBLIC_KEY = '516311b92a3f7ef74e8034274aedcad679216d5f19183becf4a627b06b9884d4' -const RESPONSE_TYPES = { - 'PONG': 1, - 'ACK_NO_SOURCE': 2, - 'MESSAGE_NO_SOURCE': 3, - 'MESSAGE_WITH_SOURCE': 4, - 'ACK_WITH_SOURCE': 5 -} - -const verifySignature = (event) => { - const rawBody = event['rawBody'] - const authSig = event['params']['header']['x-signature-ed25519'] - const authTs = event['params']['header']['x-signature-timestamp'] - - naclFactory.instantiate((nacl) => { - return nacl.crypto_sign_verify_detached( - nacl.from_hex(authSig), - `${encodeURI(authTs)}${encodeURI(rawBody)}`, - nacl.from_hex(PUBLIC_KEY) - ) - }) -} - -export default function handler(req: NextApiRequest, res: NextApiResponse) { - console.log(`event ${event}`) - - try { - verifySignature(event) - } catch { - console.error('[UNAUTHORIZED] Invalid request signature: {e}') - } - - const body = event['body-json'] - - if (body['type'] == 1) { - return {'type': 1} - } - - return { - 'type': RESPONSE_TYPES['MESSAGE_NO_SOURCE'], - 'data': { - 'tts': false, - 'content': 'BEEP BOOP', - 'embeds': [], - 'allowed_mentions': [] - } - } -}