Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More
Socket
Sign inDemoInstall
Socket
Sign inDemoInstall

vksdk

Package Overview
Dependencies
Maintainers
1
Versions
14
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

vksdk - npm Package Compare versions

Comparing version 5.1.5 to 5.2.0

6

package.json
{
"name": "vksdk",
"description": "SDK for API of vk.com",
"version": "5.1.5",
"version": "5.2.0",
"homepage": "https://github.com/57uff3r/nodejs-vksdk",

@@ -26,5 +26,5 @@ "email": "57uff3r@gmail.com",

"devDependencies": {
"chai": "^1.9.1",
"mocha": "^1.20.0"
"chai": "^3.4.0",
"mocha": "^2.3.3"
}
}

9

README.md

@@ -145,2 +145,11 @@ nodejs-vksdk

# JSON parsing errors
SDK emits 'parse-error' event in case of non-valid API answer.
```js
vk.on('parse-error', function(_e) {
console.log(_e);
});
```
SDK provides all methods from [events.EventEmitter](http://nodejs.org/api/events.html)

@@ -147,0 +156,0 @@

102

sdk.js

@@ -180,13 +180,9 @@ /**

params.method = _method;
params.timestamp = new Date().getTime();
params.timestamp = Math.round(new Date().getTime() / 1000);
params.format = 'json';
params.random = Math.floor(Math.random() * 9999);
// JS doesn't guarantee the sequence of parameters in the object. It can break.
params = this.sortObjectByKey(params);
var sig = '';
for(var key in params) {
sig = sig + key + '=' + params[key];
}
sig = sig + this.options.appSecret;
params.sig = crypto.createHash('md5').update(sig, 'utf8').digest('hex');
params.sig = this._createSig(params);

@@ -289,11 +285,16 @@ var requestString = this.buildQuery(params);

res.on('end', function() {
try {
var o = JSON.parse(apiResponse);
if (responseType === 'callback' && typeof _response === 'function') {
_response(o);
} else {
if (responseType === 'event' && !!_response) {
return self.emit(_response, o);
}
return self.emit('done:' + _method, o);
}
} catch(e) {
return self.emit('parse-error', apiResponse);
}
if (responseType === 'callback' && typeof _response === 'function') {
_response(o);
} else {
if (responseType === 'event' && !!_response) {
return self.emit(_response, o);
}
return self.emit('done:' + _method, o);
}
});

@@ -462,1 +463,72 @@ }).on('error', function (e) {

/**
* Authorization on a Remote Side
* https://vk.com/dev/openapi_auth
*
* @param {String} sessionData
* @returns {Boolean}
*/
VK.prototype.isAuthOpenAPIMember = function(sessionData) {
var data = this._parseSessionData(sessionData);
if (data && data.sig === this._createSig(data) && data.expire > Math.floor(Date.now() / 1000)) {
return true;
}
return false;
};
/**
* Create signature from parameters
*
* @param {Object} params
* @returns {String}
* @private
*/
VK.prototype._createSig = function(params) {
var sig = '';
for(var key in params) {
if (key !== 'sig') {
sig += key + '=' + params[key];
}
}
sig = sig + this.options.appSecret;
return crypto.createHash('md5').update(sig, 'utf8').digest('hex');
};
/**
* Parse params from auth session data
*
* @param {String} data
*
* @returns {Object|Undefined}
* @private
*/
VK.prototype._parseSessionData = function(data) {
var items = data.split('&'),
validKeys = ['expire', 'mid', 'secret', 'sid', 'sig'],
parsedData = {},
item,
key,
k;
for (k in items) {
item = items[k].split('=');
key = item[0];
if (this.isEmpty(key) || this.isEmpty(item[1]) || validKeys.indexOf(key) === -1) {
return;
}
parsedData[key] = item[1];
}
for (k in validKeys) {
if (typeof parsedData[validKeys[k]] === 'undefined') {
return;
}
}
return this.sortObjectByKey(parsedData);
};

29

test/index.js

@@ -124,4 +124,4 @@ var assert = require('chai').assert,

assert.equal(_o.response[0].id, 1);
assert.equal(_o.response[0].first_name, 'Pavel');
assert.equal(_o.response[0].last_name, 'Durov');
assert.ok(['Павел', 'Pavel'].indexOf(_o.response[0].first_name) !== -1);
assert.ok(['Дуров', 'Durov'].indexOf(_o.response[0].last_name) !== -1);
done();

@@ -162,3 +162,2 @@ });

vk.on('done:secure.getAppBalance', function(_o) {
console.log(_o);
assert.equal(_o.error.error_code, 500);

@@ -226,2 +225,26 @@ done();

it('Should create equal sig', function () {
var rightSid = 'expire=1271238742&mid=100172&secret=97c1e8933e&sid=549b550f608e4a4d247734941debb5e68df50a66c58dc6ee2a4f60a2&sig=372df9795fe8dd29684a2f996872457c',
rightSessionData = vk._parseSessionData(rightSid),
wrongSid;
assert.deepEqual(rightSessionData, {
expire: '1271238742',
mid: '100172',
secret: '97c1e8933e',
sid: '549b550f608e4a4d247734941debb5e68df50a66c58dc6ee2a4f60a2',
sig: '372df9795fe8dd29684a2f996872457c'
});
wrongSid = 'test=here&expire=1271238742&mid=100172&secret=97c1e8933e&sid=549b550f608e4a4d247734941debb5e68df50a66c58dc6ee2a4f60a2&sig=372df9795fe8dd29684a2f996872457c';
assert.isUndefined(vk._parseSessionData(wrongSid));
wrongSid = 'mid=100172&secret=97c1e8933e&sid=549b550f608e4a4d247734941debb5e68df50a66c58dc6ee2a4f60a2&sig=372df9795fe8dd29684a2f996872457c';
assert.isUndefined(vk._parseSessionData(wrongSid));
var testVk = new VK({ appId: 1, appSecret: '6FF1PUlZfEyutJxctvtd'});
assert.equal(testVk._createSig(rightSessionData), '372df9795fe8dd29684a2f996872457c');
// It will be ok, if disable check by data.expire
//assert.ok(testVk.isAuthOpenAPIMember(rightSid));
});
});
.npmignore

Sorry, the diff of this file is not supported yet

Makefile

Sorry, the diff of this file is not supported yet

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

About

Packages

npm

Go

Maven

PyPI

Rubygems

Stay in touch

Get open source security insights delivered straight into your inbox.

  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc