vgs-nodejs-sample
Integration of node.js app with VGS
This demo app demonstrates the typical scenario for secure/revealing traffic from customer application to payments operator.
- Create account on Stripe
- Generate Stripe sandbox API key (https://dashboard.stripe.com/account/apikeys)
- Create account on HomeAway
- Get your HomeAway client_id and secret (https://www.homeaway.com/platform/myClients)
- Go to VGS-Dashboard, create a new organization, create a new vault.
- Select your vault, go to
Integrationpage - Copy your proxy URL, it should be in format:
http://<user>:<password>@<tenant>.SANDBOX.verygoodproxy.com:8080
- Proxy URL should start with
http://, otherwisehttps-proxy-agentlib won't work - This application contains SSL certificate
cert.pemfor VGS Sandbox environment only
- Clone repository and go to
appfolder - Install all dependencies
npm install - Run the app
HA_CLIENT='<client_id>' HA_SECRET='<secret_key>' STRIPE_TOKEN='<token>' HTTP_PROXY='<proxy_url>' npm start
- Run ngrok
ngrok http 3000 - Copy provided address
https://<some_id>.ngrok.io
/- search form, after selecting some hotel will redirect to the payment page/list- list of payments for booked hotels/list/:id- revealed payment data page
- Go to VGS dashboard
- Go to
Secure traffic->Inbound - Put ngrok url to upstream
- Application should be available by
https://<tenant>.sandbox.verygoodproxy.com/ - Fill forms in app, submit payment data
- Take a look at list of payments
https://<tenant>.sandbox.verygoodproxy.com/list. The data was saved as is.
- Next we are going to save and use tokens instead of the sensitive data. Open VGS dashboard, go to
Logs - Ensure that logger is recording payloads
- Find the request with payment data, click on it
- Click on
Secure this payload - Select fields, click
Secure - Done, you inbound secure route has been created and should look like this:
- Take a look at list of payments again
https://<tenant>.sandbox.verygoodproxy.com/listto ensure using tokens instead of sensitive data.
- Open payments list page at
https://<tenant>.sandbox.verygoodproxy.com/list - All fields should be replaced with tokens
- Click on
Reveal, nothing should change because revealing rule isn't setup yet - Open VGS dashboard, go to
Routes - Click
New Route->New inbound route - Put ngrok url to upstream
- Set one filter condition:
Pathinfo matches /list/\\d+ - Phase:
On response - Basic type:
REVEAL - Operation:
RegExp - Fields in Regexp:
tok_[a-z]*_[0-9a-zA-Z]{20,22} - Click Save
- Go back to the payments page at
https://<tenant>.sandbox.verygoodproxy.com/list - Click on
Reveal, now instead of tokens you should see real data there - Done, you inbound self-revealing route has been created correctly and should look like this:
- Go to VGS dashboard
- Go to
Secure traffic->Outbound - Switch to the application, submit payment data again
- Go back to VGS dashboard, it should detect the outbound connection, click on
Secure data - Find the request to Stripe API
https://api.stripe.com/v1/tokens, click on it - Click on
Secure this payload - Select fields, click
Secure, now Stripe will be receiving revealed data - Done, you outbound secure route has been created and should look like this:
Want to just jump right in? Check out our getting started guide.
Very Good Security (VGS) allows you to enhance your security standing while maintaining the utility of your data internally and with third-parties. As an added benefit, we accelerate your compliance certification process and help you quickly obtain security-related compliances that stand between you and your market opportunities.
To learn more, visit us at https://www.verygoodsecurity.com/
This project is licensed under the MIT license. See the LICENSE file for details.