Namespace: userauth
Enumerations
Type Aliases
WebAuthenticator
Ƭ WebAuthenticator: (userId: string, signature: string, stage: string) => Promise<Result>
Web authenticator function signature.
Type declaration
▸ (userId, signature, stage): Promise<Result>
Parameters
| Name | Type |
|---|---|
userId |
string |
signature |
string |
stage |
string |
Returns
Promise<Result>
Functions
authenticateFB
▸ authenticateFB(id, signature, now, allowedSecrets): Result
Authenticate a Facebook Instant Games signature. The string is base64url encoded and signed with an HMAC version of the app secret, based on the OAuth 2.0 spec.
Parameters
| Name | Type | Description |
|---|---|---|
id |
null | string |
User ID |
signature |
null | string |
Base64 encoded signature |
now |
number |
Time in milliseconds, ie. Date.now() |
allowedSecrets |
string[] |
Allowed app secrets |
Returns
authenticateVK
▸ authenticateVK(userId, signature, appId, allowedSecrets): Result
Authenticate a VKontakte signature. The string is set on VKontakte server as follows:
auth_key = md5(api_id + '_' + viewer_id + '_' + api_secret)
Parameters
| Name | Type | Description |
|---|---|---|
userId |
null | string |
User ID, ie. viewer_id |
signature |
null | string |
MD5 encoded signature, ie. auth_key |
appId |
undefined | string |
Application ID, ie. api_id |
allowedSecrets |
string[] |
Allowed app secrets, ie. api_secret |
Returns
authenticateWeb
▸ authenticateWeb(userId, signature, stage): Promise<Result>
Authenticate a generic web signature. If a custom authenticator has been set with
setWebAuthenticator that will be used. By default the authenticator blindly accepts everything
in dev stage and returns FAIL_NOT_IMPLEMENTED for all other stages.
Parameters
| Name | Type | Description |
|---|---|---|
userId |
string |
User ID |
signature |
string |
Custom signature |
stage |
string |
Stage of the environment |
Returns
Promise<Result>
authenticateWebhook
▸ authenticateWebhook(signature, payload, allowedSecrets): boolean
Authenticate a Facebook webhook signature. The HTTP request will contain an X-Hub-Signature
header which contains the SHA1 signature of the request payload, using the app secret as the
key, and prefixed with sha1=.
Parameters
| Name | Type | Description |
|---|---|---|
signature |
undefined | string |
Hex encoded signature |
payload |
undefined | null | string |
Payload to authenticate |
allowedSecrets |
string[] |
Allowed app secrets |
Returns
boolean
authenticateZoom
▸ authenticateZoom(userId, signature, clientId, allowedSecrets): Result
Authenticate a Zoom signature. The string should be set in the game server’s home URL redirect
as follows:
signature = md5(client_id + '_' + user_id + '_' + client_secret)
Parameters
| Name | Type | Description |
|---|---|---|
userId |
string |
User ID |
signature |
string |
MD5 encoded signature |
clientId |
undefined | string |
Application’s client ID |
allowedSecrets |
string[] |
Allowed client secrets |
Returns
describeResult
▸ describeResult(result): string
Convert an authentication result into a human-readable error string.
Parameters
| Name | Type | Description |
|---|---|---|
result |
Result |
Authentication result |
Returns
string
getWebhookPayloadSignature
▸ getWebhookPayloadSignature(payload, secret): string
Calculate a Facebook webhook signature from a payload using an app secret.
Parameters
| Name | Type | Description |
|---|---|---|
payload |
string |
Payload for calculating the signature |
secret |
string |
App secret to use for encoding |
Returns
string
setWebAuthenticator
▸ setWebAuthenticator(authenticator): void
Set a custom web authenticator function.
Parameters
| Name | Type | Description |
|---|---|---|
authenticator |
null | WebAuthenticator |
Athenticator function |
Returns
void