twitter-autohook
Advanced tools
Comparing version 1.7.1 to 1.7.2
@@ -19,2 +19,3 @@ #!/usr/bin/env node | ||
.option('--consumer-secret <consumerSecret>', 'your OAuth consumer secret. (Env var: TWITTER_CONSUMER_SECRET)') | ||
.option('--ngrok-secret <authToken>', 'your ngrok authtoken. (Env var: NGROK_AUTH_TOKEN)') | ||
.option('--env <env>', 'your Premium environment label as defined in https://developer.twitter.com/en/account/environments. (Env var: TWITTER_WEBHOOK_ENV)') | ||
@@ -21,0 +22,0 @@ .option('--port <port>', 'port where the local HTTP server should run. Default: 1337. (Env var: PORT)') |
const needle = require('needle'); | ||
const crypto = require('crypto'); | ||
const package = require('../package.json'); | ||
const { URL, URLSearchParams } = require('url'); | ||
const { oauth } = require('../oauth'); | ||
needle.defaults({user_agent: `${package.name}/${package.version}`}) | ||
needle.defaults({user_agent: `${package.name}/${package.version}`}); | ||
const auth = (method, url, options, body) => { | ||
if (Object.prototype.toString.call(options) !== '[object Object]') { | ||
try { | ||
Reflect.getPrototypeOf(options); | ||
} catch (e) { | ||
return {}; | ||
@@ -11,0 +11,0 @@ } |
@@ -55,3 +55,6 @@ const {Autohook, validateWebhook, validateSignature} = require('..'); | ||
try { | ||
const NGROK_AUTH_TOKEN = process.env.NGROK_AUTH_TOKEN; | ||
if (NGROK_AUTH_TOKEN) { | ||
await ngrok.authtoken(process.env.NGROK_AUTH_TOKEN); | ||
} | ||
const url = await ngrok.connect(PORT); | ||
@@ -58,0 +61,0 @@ const webhookURL = `${url}/standalone-server/webhook`; |
47
index.js
#!/usr/bin/env node | ||
/* global process, Buffer */ | ||
const ngrok = require('ngrok'); | ||
@@ -48,5 +49,5 @@ const http = require('http'); | ||
return _getSubscriptionsCount; | ||
} | ||
}; | ||
const updateSubscriptionCount = increment => { | ||
const updateSubscriptionCount = (increment) => { | ||
if (!_getSubscriptionsCount) { | ||
@@ -57,3 +58,3 @@ return; | ||
_getSubscriptionsCount.subscriptions_count += increment; | ||
} | ||
}; | ||
@@ -68,8 +69,8 @@ const deleteWebhooks = async (webhooks, auth, env) => { | ||
}, | ||
} | ||
}; | ||
console.log(`Removing ${url}…`); | ||
const response = await del(requestConfig); | ||
await del(requestConfig); | ||
} | ||
} | ||
}; | ||
@@ -79,3 +80,3 @@ const validateWebhook = (token, auth) => { | ||
return {response_token: `sha256=${responseToken}`}; | ||
} | ||
}; | ||
@@ -97,3 +98,3 @@ const validateSignature = (header, auth, body) => { | ||
Buffer.from(signature)); | ||
} | ||
}; | ||
@@ -118,3 +119,3 @@ const verifyCredentials = async (auth) => { | ||
return response.body.screen_name; | ||
} | ||
}; | ||
@@ -127,2 +128,3 @@ class Autohook extends EventEmitter { | ||
consumer_secret = (process.env.TWITTER_CONSUMER_SECRET || '').trim(), | ||
ngrok_secret = (process.env.NGROK_AUTH_TOKEN || '').trim(), | ||
env = (process.env.TWITTER_WEBHOOK_ENV || '').trim(), | ||
@@ -133,3 +135,3 @@ port = process.env.PORT || DEFAULT_PORT, | ||
Object.entries({token, token_secret, consumer_key, consumer_secret, env, port}).map(el => { | ||
Object.entries({token, token_secret, consumer_key, consumer_secret, env, port}).map((el) => { | ||
const [key, value] = el; | ||
@@ -143,2 +145,3 @@ if (!value) { | ||
this.auth = {token, token_secret, consumer_key, consumer_secret}; | ||
this.ngrokSecret = ngrok_secret; | ||
this.env = env; | ||
@@ -162,3 +165,3 @@ this.port = port; | ||
return; | ||
}; | ||
} | ||
} catch (e) { | ||
@@ -174,3 +177,3 @@ console.error(e); | ||
let body = ''; | ||
req.on('data', chunk => { | ||
req.on('data', (chunk) => { | ||
body += chunk.toString(); | ||
@@ -183,3 +186,3 @@ }); | ||
return; | ||
}; | ||
} | ||
} catch (e) { | ||
@@ -213,3 +216,3 @@ console.error(e); | ||
}, | ||
} | ||
}; | ||
@@ -221,5 +224,5 @@ const response = await post(requestConfig); | ||
(response) => new URIError(response, [ | ||
`Cannot get webhooks. Please check that '${env}' is a valid environment defined in your`, | ||
`Developer dashboard at https://developer.twitter.com/en/account/environments, and that`, | ||
`your OAuth credentials are valid and can access '${env}'. (HTTP status: ${response.statusCode})`].join(' ')) | ||
`Cannot get webhooks. Please check that '${this.env}' is a valid environment defined in your`, | ||
'Developer dashboard at https://developer.twitter.com/en/account/environments, and that', | ||
`your OAuth credentials are valid and can access '${this.env}'. (HTTP status: ${response.statusCode})`].join(' ')) | ||
); | ||
@@ -241,2 +244,3 @@ | ||
} catch (e) { | ||
token = null; | ||
throw e; | ||
@@ -257,3 +261,3 @@ } | ||
`Cannot get webhooks. Please check that '${this.env}' is a valid environment defined in your`, | ||
`Developer dashboard at https://developer.twitter.com/en/account/environments, and that`, | ||
'Developer dashboard at https://developer.twitter.com/en/account/environments, and that', | ||
`your OAuth credentials are valid and can access '${this.env}'. (HTTP status: ${response.statusCode})`].join(' '))); | ||
@@ -281,2 +285,5 @@ | ||
this.startServer(); | ||
if (this.ngrokSecret) { | ||
await ngrok.authtoken(this.ngrokSecret); | ||
} | ||
const url = await ngrok.connect(this.port); | ||
@@ -289,3 +296,4 @@ webhookUrl = `${url}${WEBHOOK_ROUTE}`; | ||
console.log('Webhook created.'); | ||
} catch(e) { | ||
} catch (e) { | ||
console.log('Cannot create webhook:', e); | ||
throw e; | ||
@@ -306,2 +314,3 @@ } | ||
} catch (e) { | ||
screen_name = null; | ||
throw e; | ||
@@ -308,0 +317,0 @@ } |
{ | ||
"name": "twitter-autohook", | ||
"version": "1.7.1", | ||
"version": "1.7.2", | ||
"description": "Automatically setup and serve webhooks for the Twitter Account Activity API", | ||
@@ -26,3 +26,6 @@ "repository": { | ||
"nock": "^12.0.2" | ||
}, | ||
"devDependencies": { | ||
"eslint": "^7.6.0" | ||
} | ||
} |
@@ -69,2 +69,3 @@ # Autohook 🎣 | ||
TWITTER_WEBHOOK_ENV= # https://developer.twitter.com/en/account/environments ➡️ One of 'Dev environment label' or 'Prod environment label' | ||
NGROK_AUTH_TOKEN= # https://ngrok.com/ - (optional) Create a free account to get your auth token for stable tunnels | ||
``` | ||
@@ -86,5 +87,6 @@ | ||
export TWITTER_WEBHOOK_ENV= # https://developer.twitter.com/en/account/environments ➡️ One of 'Dev environment label' or 'Prod environment label' | ||
export NGROK_AUTH_TOKEN= # https://ngrok.com/ - (optional) Create a free account to get your auth token for stable tunnels | ||
# To other services, e.g. Heroku | ||
heroku config:set TWITTER_CONSUMER_KEY=value TWITTER_CONSUMER_SECRET=value TWITTER_ACCESS_TOKEN=value TWITTER_ACCESS_TOKEN_SECRET=value TWITTER_WEBHOOK_ENV=value | ||
heroku config:set TWITTER_CONSUMER_KEY=value TWITTER_CONSUMER_SECRET=value TWITTER_ACCESS_TOKEN=value TWITTER_ACCESS_TOKEN_SECRET=value TWITTER_WEBHOOK_ENV=value NGROK_AUTH_TOKEN=value | ||
``` | ||
@@ -103,2 +105,3 @@ ## Directly | ||
consumer_secret: 'value', | ||
ngrok_secret: 'value', // optional | ||
env: 'env', | ||
@@ -117,3 +120,4 @@ port: 1337 | ||
--consumer-secret $TWITTER_CONSUMER_SECRET \ | ||
--env $TWITTER_WEBHOOK_ENV | ||
--env $TWITTER_WEBHOOK_ENV \ | ||
--ngrok-secret $NGROK_AUTH_TOKEN # optional | ||
``` | ||
@@ -120,0 +124,0 @@ |
Sorry, the diff of this file is not supported yet
Environment variable access
Supply chain riskPackage accesses environment variables, which may be a sign of credential stuffing or data theft.
Found 1 instance in 1 package
60427
23
1444
130
1
37