Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
africastalking
Advanced tools
Official AfricasTalking node.js API wrapper
$ npm install --save africastalking
var options = {
apiKey: 'YOUR_API_KEY',
username: 'YOUR_USERNAME',
format: 'json' // or xml
};
var AfricasTalking = require('africastalking')(options);
// ...
Important
: If you register a callback URL with the API, always remember to acknowledge the receipt of any data it sends by responding with an HTTP 200
; e.g. res.status(200);
for express.
var sms = AfricasTalking.SMS;
// all methods return a promise
sms.send(opts)
.then(success)
.catch(error);
send(options)
: Send a message. options
contains:
to
: A single recipient or an array of recipients. REQUIRED
from
: Shortcode or alphanumeric ID that is registered with Africa's Talking account.message
: SMS content. REQUIRED
sendBulk(options)
: Send bulk SMS. In addition to paramaters of send()
, we would have:
enqueue
: "[...] would like deliver as many messages to the API before waiting for an Ack from the Telcos."sendPremium(options)
: Send premium SMS. In addition to paramaters of send()
, we would have:
keyword
: Value is a premium keyword REQUIRED
linkId
: "[...] We forward the linkId
to your application when the user send a message to your service" REQUIRED
retryDurationInHours
: "It specifies the number of hours your subscription message should be retried in case it's not delivered to the subscriber"You can register a callback URL with us and we will forward any messages that are sent to your account the moment they arrive. Read more
fetchMessages(options)
: Manually retrieve your messages.
lastReceivedId
: "This is the id of the message that you last processed". Defaults to 0
. REQUIRED
If you have subscription products on your premium SMS short codes, you will need to configure a callback URL that we will invoke to notify you when users subscribe or unsubscribe from your products. Read more
createSubscription(options)
:
shortCode
: "This is a premium short code mapped to your account". REQUIRED
keyword
: "Value is a premium keyword under the above short code and mapped to your account". REQUIRED
phoneNumber
: "The phoneNumber to be subscribed" REQUIRED
fetchSubscription(options)
:
shortCode
: "This is a premium short code mapped to your account". REQUIRED
keyword
: "Value is a premium keyword under the above short code and mapped to your account". REQUIRED
lastReceivedId
: "ID of the subscription you believe to be your last." Defaults to 0
Processing USSD requests using our API is very easy once your account is set up. In particular, you will need to:
- Register a service code with us.
- Register a URL that we can call whenever we get a request from a client coming into our system.
Once you register your callback URL, any requests that we receive belonging to you will trigger a callback that sends the request data to that page using HTTP POST. Read more.
If you are using connect-like frameworks (express), you could use the middleware AfricasTalking.USSD(handler)
:
handler(params, next)
: Process USSD request and call next()
when done.
params
: contains the following user data sent by Africa's Talking servers: sessionId
, serviceCode
, phoneNumber
and text
.next(args)
: args
must contain the following:
response
: Text to display on user's device. REQUIRED
endSession
: Boolean to decide whether to END session or to CONtinue it. REQUIRED
// example (express)
app.post('/natoil-ussd', new AfricasTalking.USSD((params, next) => {
var endSession = false;
var message = '';
var session = sessions.get(params.sessionId);
var user = db.getUserByPhone(params.phoneNumber);
if (params.text === '') {
message = "Welcome to Nat Oil \n";
message += "1: For account info \n";
message += "2: For lost gas cylinder";
} else if (params.text === '1') {
message = user.getInfo();
endSession = true;
} else if (params.text === '2') {
message = "Enter 1 for recovery \n";
message += "Enter 2 for lost and found";
endSession = true;
} else {
message = "Invalid option";
endSession = true;
}
next({
response: message,
endSession: endSession
});
}));
var voice = AfricasTalking.VOICE;
xml
to send back to Africa's Taking API when it comes POST
ing. Read more
Say
, Play
, GetDigits
, Dial
, Record
, Enqueue
, Dequeue
, Conference
, Redirect
, Reject
var airtime = AfricasTalking.AIRTIME;
airtime.send(options)
: Send airtime
recipients
: An array of the following
phoneNumber
: Receipient of airtimeamount
: Amount sent. >= 10 && <= 10K
airtime.send(options)
.then(success)
.catch(error);
AfricasTalking.fetchAccount()
.then(success)
.catch(error);
fetchAccount()
: Fetch account info; i.e. balanceFAQs
Official AfricasTalking node.js API wrapper
The npm package africastalking receives a total of 4,332 weekly downloads. As such, africastalking popularity was classified as popular.
We found that africastalking demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 4 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.