forked from detectify/api-examples
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathdetectify.js
137 lines (119 loc) · 4.82 KB
/
detectify.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
'use strict'
const crypto = require('crypto')
const fetch = require('node-fetch')
// The endpoint to Detectify's API, no trailing slash
const DetectifyEndpoint = 'https://api.detectify.com/rest/v2'
// Generate the headers to use for API calls. If `secretKey` is not null, its value will be used to create
// the signature headers. `body` should be omitted unless the call requires a JSON payload.
function makeHeaders(apiKey, secretKey, method, path, timestamp, body) {
let headers = {'X-Detectify-Key': apiKey}
// Add signature headers if secret key is used
if (secretKey !== null) {
let signature = signatureHeaders(apiKey, secretKey, method, path, timestamp, body)
headers = {...headers, ...signature}
}
return headers
}
// Generates the signature headers used together with the secret key.
function signatureHeaders(apiKey, secretKey, method, path, timestamp, body) {
method = method.toUpperCase()
if (body === null) {
body = ''
}
let data = `${method};${path};${apiKey};${timestamp};${body}`
let secret = Buffer.from(secretKey, 'base64')
let hmac = crypto.createHmac('sha256', secret)
hmac.update(data)
let signature = hmac.digest('base64')
return {
'X-Detectify-Signature': signature,
'X-Detectify-Timestamp': timestamp,
}
}
// Starts a scan for the provided scan profile. Returns true if the scan was started, false if not.
function startScan(scanProfile, apiKey, secretKey) {
const path = `/scans/${scanProfile}/`
const url = `${DetectifyEndpoint}${path}`
const timestamp = Math.floor(new Date() / 1000)
// Create headers for the API call
const headers = makeHeaders(apiKey, secretKey, 'POST', path, timestamp, null)
// Perform the call
fetch(url, {
method: 'POST',
headers: headers,
}).then(function (response) {
switch (response.status) {
case 202:
console.log('Scan start request accepted')
return true
case 400:
console.log('Invalid scan profile token')
return false
case 401:
console.log('Missing/invalid API key or message signature, or invalid timestamp')
return false
case 403:
console.log('The API key cannot access this functionality')
return false
case 404:
console.log('The specified scan profile does not exist or the API cannot access the profile')
return false
case 409:
console.log('A scan is already running on the specified profile')
return false
case 423:
console.log('The domain is not verified')
return false
case 500:
case 503:
console.log('An error occurred while processing the request')
return false
default:
console.log(`Unhandled API response, got code ${response.status}`)
return false
}
})
}
// Returns the scan status as JSON if the scan is running.
function scanStatus(scanProfile, apiKey, secretKey) {
const path = `/scans/${scanProfile}/`
const url = `${DetectifyEndpoint}${path}`
const timestamp = Math.floor(new Date() / 1000)
// Create headers for the API call
const headers = makeHeaders(apiKey, secretKey, 'GET', path, timestamp, null)
// Perform the call
fetch(url, {
method: 'GET',
headers: headers,
})
.then(function (response) {
switch (response.status) {
case 200:
console.log(response.json())
break
case 400:
console.log('Invalid scan profile token')
break
case 401:
console.log('Missing/invalid API key or message signature, or invalid timestamp')
break
case 403:
console.log('The API key cannot access this functionality')
break
case 404:
console.log('No scan running for the specified profile, or the specified scan profile does not exist, or the API cannot access the profile')
break
case 500:
case 503:
console.log('An error occurred while processing the request')
break
default:
console.log(`Unhandled API response, got code ${response.status}`)
}
})
}
const apiKey = 'd4bf676ee6146557cbf0f28fe6cbc290'
const secretKey = 'SGVsbG8sIHdvcmxkISBJIGFtIGEgdGVhcG90IQ=='
const scanProfile = '5605b488634efe810dff4276e28ca7f9'
startScan(scanProfile, apiKey, secretKey)
scanStatus(scanProfile, apiKey, secretKey)