-
Notifications
You must be signed in to change notification settings - Fork 0
/
rpns_receiver.js
70 lines (60 loc) · 2.31 KB
/
rpns_receiver.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
var readline = require('readline/promises');
const rl = readline.createInterface({
input: process.stdin,
output: process.stdout
});
var webtoken = require('jsonwebtoken');
var jwksclient = require('jwks-rsa');
var prodKeyUrl = "https://assets.cs.roku.com/keys/partner-jwks.json";
var testKeyUrl = "https://assets.cs.roku.com/keys/partner-jwks-test.json"
async function start() {
let action = await rl.question("Please choose environment. \n \
1. Production \n \
2. Test \n")
let messageBody = await rl.question("Enter message body \n");
switch (action) {
case "1":
await decodeAndVerifyMessage(messageBody, prodKeyUrl);
break;
case "2":
await decodeAndVerifyMessage(messageBody, testKeyUrl);
break;
default:
console.log("Not implimented.")
break;
}
await start()
}
let decodeAndVerifyMessage = async (token, keyUrl) => {
var decodedPayload = webtoken.decode(token, { complete: true });
console.log("*************** Decoded token *******************");
console.log(decodedPayload);
if (decodedPayload && decodedPayload.header) {
// Retrieve header
let kid = decodedPayload.header.kid
let jku = keyUrl
let jkuClient = jwksclient({ jwksUri: jku });
let key = await jkuClient.getSigningKey(kid)
let signKey = key.getPublicKey();
try {
// Verify method will take care of the registred claims and signature validation.
let verifiedToken = webtoken.verify(token, signKey);
// Retrieve roku private claims.
let messageType = verifiedToken["x-Roku-message-type"]
let message = verifiedToken["x-Roku-message"]
console.log("*************** Decoded message *******************");
// Validate push notification is from roku production environment.
if (messageType == "roku.rpay.push") {
let buff = Buffer.from(message, "base64");
console.log(JSON.parse(buff.toString('utf-8')));
}
// Any message body that is not from rpay production endpoint.
else {
console.log(verifiedToken);
}
} catch (err) {
console.log(err.message);
}
}
}
start();