Skip to content

Instantly share code, notes, and snippets.

@mpilar

mpilar/GigyaSignatureValidator.js

Created June 7, 2017 16:22
Show Gist options
  • Save mpilar/f0e60e463b3743b12844c4df3306c5d6 to your computer and use it in GitHub Desktop.
Save mpilar/f0e60e463b3743b12844c4df3306c5d6 to your computer and use it in GitHub Desktop.
Download ZIP
GigyaSignatureValidator
Raw
GigyaSignatureValidator.js
'use strict'
const crypto = require('crypto');
var calcSignature = (baseString, secretKey) => {
const secretBuffer = new Buffer(secretKey, 'base64');
return crypto.createHmac('sha1', secretBuffer).update(baseString).digest('base64');
};
var verifySignature = (UID, signature, timestamp, secretKey) => {
if (Math.abs(Date.now() / 1000 - timestamp) < process.env.GIGYA_TS_DELTA) {
let baseString = Number(timestamp) + "_" + UID;
let expectedSig = this.calcSignature(baseString, secretKey);
return expectedSig === signature;
} else {
return false;
}
}
module.exports.calcSignature = calcSignature;
module.exports.verifySignature = verifySignature;
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment