Merge pull request #4153 from omnivore-app/fix/intercom
have separate intercom secret in env var and return the hash based on the client
This commit is contained in:
@ -4,6 +4,7 @@
|
|||||||
/* eslint-disable @typescript-eslint/no-unsafe-member-access */
|
/* eslint-disable @typescript-eslint/no-unsafe-member-access */
|
||||||
/* eslint-disable @typescript-eslint/explicit-module-boundary-types */
|
/* eslint-disable @typescript-eslint/explicit-module-boundary-types */
|
||||||
import { createHmac } from 'crypto'
|
import { createHmac } from 'crypto'
|
||||||
|
import * as httpContext from 'express-http-context2'
|
||||||
import { isError } from 'lodash'
|
import { isError } from 'lodash'
|
||||||
import { Highlight } from '../entity/highlight'
|
import { Highlight } from '../entity/highlight'
|
||||||
import { LibraryItem, LibraryItemState } from '../entity/library_item'
|
import { LibraryItem, LibraryItemState } from '../entity/library_item'
|
||||||
@ -355,14 +356,26 @@ export const functionResolvers = {
|
|||||||
},
|
},
|
||||||
User: {
|
User: {
|
||||||
async intercomHash(user: User) {
|
async intercomHash(user: User) {
|
||||||
if (env.intercom.secretKey) {
|
let secret: string
|
||||||
const userIdentifier = user.id.toString()
|
|
||||||
|
|
||||||
return createHmac('sha256', env.intercom.secretKey)
|
const client = httpContext.get('client') as string
|
||||||
.update(userIdentifier)
|
switch (client.toLowerCase()) {
|
||||||
.digest('hex')
|
case 'ios':
|
||||||
|
secret = env.intercom.iosSecret
|
||||||
|
break
|
||||||
|
case 'android':
|
||||||
|
secret = env.intercom.androidSecret
|
||||||
|
break
|
||||||
|
default:
|
||||||
|
secret = env.intercom.webSecret
|
||||||
}
|
}
|
||||||
return undefined
|
|
||||||
|
if (!secret) {
|
||||||
|
return undefined
|
||||||
|
}
|
||||||
|
|
||||||
|
const userIdentifier = user.id
|
||||||
|
return createHmac('sha256', secret).update(userIdentifier).digest('hex')
|
||||||
},
|
},
|
||||||
async features(_: User, __: Record<string, unknown>, ctx: ResolverContext) {
|
async features(_: User, __: Record<string, unknown>, ctx: ResolverContext) {
|
||||||
if (!ctx.claims?.uid) {
|
if (!ctx.claims?.uid) {
|
||||||
|
|||||||
@ -54,6 +54,9 @@ export interface BackendEnv {
|
|||||||
intercom: {
|
intercom: {
|
||||||
token: string
|
token: string
|
||||||
secretKey: string
|
secretKey: string
|
||||||
|
webSecret: string
|
||||||
|
iosSecret: string
|
||||||
|
androidSecret: string
|
||||||
}
|
}
|
||||||
sentry: {
|
sentry: {
|
||||||
dsn: string
|
dsn: string
|
||||||
@ -193,6 +196,9 @@ const nullableEnvVars = [
|
|||||||
'PG_REPLICA_USER',
|
'PG_REPLICA_USER',
|
||||||
'PG_REPLICA_PASSWORD',
|
'PG_REPLICA_PASSWORD',
|
||||||
'PG_REPLICA_DB',
|
'PG_REPLICA_DB',
|
||||||
|
'INTERCOM_WEB_SECRET',
|
||||||
|
'INTERCOM_IOS_SECRET',
|
||||||
|
'INTERCOM_ANDROID_SECRET',
|
||||||
] // Allow some vars to be null/empty
|
] // Allow some vars to be null/empty
|
||||||
|
|
||||||
const envParser =
|
const envParser =
|
||||||
@ -268,6 +274,9 @@ export function getEnv(): BackendEnv {
|
|||||||
const intercom = {
|
const intercom = {
|
||||||
token: parse('INTERCOM_TOKEN'),
|
token: parse('INTERCOM_TOKEN'),
|
||||||
secretKey: parse('INTERCOM_SECRET_KEY'),
|
secretKey: parse('INTERCOM_SECRET_KEY'),
|
||||||
|
webSecret: parse('INTERCOM_WEB_SECRET'),
|
||||||
|
iosSecret: parse('INTERCOM_IOS_SECRET'),
|
||||||
|
androidSecret: parse('INTERCOM_ANDROID_SECRET'),
|
||||||
}
|
}
|
||||||
const sentry = {
|
const sentry = {
|
||||||
dsn: parse('SENTRY_DSN'),
|
dsn: parse('SENTRY_DSN'),
|
||||||
|
|||||||
Reference in New Issue
Block a user