Security News
Research
Data Theft Repackaged: A Case Study in Malicious Wrapper Packages on npm
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
@wazo/sdk
Advanced tools
The Wazo JavaScript Software Development Kit is an API wrapper making it easy for you to communicate with your Wazo server. It allows you to add Wazo functionalities to any JavaScript application you are developing.
You may install the Wazo JavaScript Software Development Kit to your project one of the following ways:
npm install @wazo/sdk
yarn add @wazo/sdk
Alternatively, you may load the Wazo SDK from a CDN. Use one of the following Content Delivery Networks:
<script src="https://unpkg.com/@wazo/sdk/dist/wazo-sdk.js"></script>
<script src="https://cdn.jsdelivr.net/npm/@wazo/sdk"></script>
Depending on your preference, you may require or add the Wazo SDK to your own client application one of the following ways:
const { WazoApiClient } = require('@wazo/sdk');
import { WazoApiClient } from '@wazo/sdk';
const client = new WazoApiClient({
server: 'demo.wazo.community', // required string
agent: null // http(s).Agent instance, allows custom proxy, unsecured https, certificate etc.
});
client.auth.logIn({
expiration, // optional integer. Session life in number of seconds. If omitted, defaults to 3600 (an hour).
username, // required string
password, // required string
backend, // optional string. If omitted, defaults to wazo_user
}).then(/* undefined if login failed, or : */{
metadata: {
username,
uuid_tenant_uuid,
xivo_user_uuid,
groups,
xivo_uuid,
tenants: [{ uuid }],
auth_id
},
token, // should be used for other request
acls,
utc_expires_at,
xivo_uuid,
issued_at,
utc_issued_at,
auth_id,
expires_at,
xivo_user_uuid
});
// or
const result = await client.auth.login(/* ... */);
client.auth.logOut(token).then(/* ... */);
// or
await client.auth.logOut(token);
client.auth.checkToken(token).then(valid);
// or
const valid = await client.auth.checkToken(token);
client.auth.listTenants(token);
client.auth.createTenant(token, name);
client.auth.deleteTenant(token, uuid);
client.auth.listUsers(token);
client.auth.listGroups(token);
client.auth.listPolicies(token);
client.application.calls(token, applicationUuid); // list calls
client.application.hangupCall(token, applicationUuid, callId); // hangup a call
client.application.answerCall(token, applicationUuid, callId, context, exten, autoanswer); // answer a call
client.application.listNodes(token, applicationUuid); // list nodes
client.application.listCallsNodes(token, applicationUuid, nodeUuid); // list calls in a node
client.application.removeCallNodes(token, applicationUuid, nodeUuid, callId); // remove call from node (no hangup)
client.application.addCallNodes(token, applicationUuid, nodeUuid, callId); // add call in a node
client.application.playCall(token, applicationUuid, callId, language, uri); // play a sound into a call
client.confd.listUsers(token);
client.confd.getUser(token, userUuid);
client.confd.getUserLineSip(token, userUuid, lineId);
client.confd.listApplications(token);
client.accessd.listSubscriptions(token);
client.accessd.createSubscription(token, { productSku, name, startDate, contractDate, autoRenew, term });
client.accessd.getSubscription(token, uuid);
client.accessd.listAuthorizations(token);
client.accessd.getAuthorization(token, uuid);
import { WazoWebRTCClient } from '@wazo/sdk';
const phone = new WazoWebRTCClient({
displayName: 'From WEB',
host: 'quintana.wazo.community',
authorizationUser: lineData.username,
password: lineData.secret,
media: {
audio: boolean,
video: boolean | document.getElementById('video'), // pointing to a `<video id="video" />` element
localVideo: boolean | document.getElementById('video'), // pointing to a `<video id="video" />` element
}
});
// eventName can be on the of events :
// - transport: `connected`, `disconnected`, `transportError`, `message`, `closed`, `keepAliveDebounceTimeout`
// - webrtc: `registered`, `unregistered`, `registrationFailed`, `invite`, `inviteSent`, `transportCreated`, `newTransaction`, `transactionDestroyed`, `notify`, `outOfDialogReferRequested`, `message`.
phone.on('invite', (session: SIP.sessionDescriptionHandler) => {
this.currentSession = session;
// ...
});
// or a wildcard : `*`
phone.on('*', (data: mixed, eventName: string) => {
});
phone.call('1234');
phone.call(number: string);
phone.on('invite', (session: SIP.sessionDescriptionHandler) => {
this.currentSession = session;
});
phone.answer(session: SIP.sessionDescriptionHandler);
phone.hangup(session: SIP.sessionDescriptionHandler);
phone.reject(session: SIP.sessionDescriptionHandler);
phone.mute(session: SIP.sessionDescriptionHandler);
phone.unmute(session: SIP.sessionDescriptionHandler);
phone.hold(session: SIP.sessionDescriptionHandler);
phone.unhold(session: SIP.sessionDescriptionHandler);
phone.transfert(session: SIP.sessionDescriptionHandler, target: string);
phone.sendDTMF(session: SIP.sessionDescriptionHandler, tone: string);
phone.sendDTMF(message: string, destination: string);
phone.close();
phone.merge(sessions: Array<SIP.InviteClientContext>);
phone.addToMerge(session: SIP.InviteClientContext);
phone.removeFromMerge(session: SIP.InviteClientContext, shouldHold: boolean);
// shouldHold indicate if the session should be held after removed from session
phone.unmerge(sessions: Array<SIP.InviteClientContext>)
import { WazoWebSocketClient } from '@wazo/sdk';
const ws = new WazoWebSocket({
host, // wazo websocket host
token, // valid Wazo token
});
// eventName can be on the of events here: http://documentation.wazo.community/en/stable/api_sdk/websocket.html
ws.on('eventName', (data: mixed) => {
});
// You can also use a wildcard to catch all events
ws.on('*', (data: mixed, eventName: string) => {
});
ws.connect();
ws.close();
FAQs
Wazo's JavaScript Software Development Kit.
The npm package @wazo/sdk receives a total of 316 weekly downloads. As such, @wazo/sdk popularity was classified as not popular.
We found that @wazo/sdk demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
Research
Security News
Attackers used a malicious npm package typosquatting a popular ESLint plugin to steal sensitive data, execute commands, and exploit developer systems.
Security News
The Ultralytics' PyPI Package was compromised four times in one weekend through GitHub Actions cache poisoning and failure to rotate previously compromised API tokens.