-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathindex.js
76 lines (64 loc) · 2.54 KB
/
index.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
const jwt = require('jsonwebtoken');
const axios = require('axios');
const fs = require('fs');
const uuid = require('uuid').v4;
const appId = process.env.APP_ID;
const purchaseAmountUsd = process.env.AMOUNT_USD;
const { kmsSign } = require('./kms');
const key_arn = process.env.KMS_KEY_ARN
const createApiToken = async ({ scopes }) => {
// Example payload to make a trading (buy Bitcoin) request
const payload = {
// iss: Who you claim to be. Our server will validate this using the public key you uploaded, and the private key you used to sign this message below
iss: appId,
// jti: Unique nonce. Generate a new value per request (no code modifications are necessary, you can use uuid())
// This is used to prevent replay attacks.
jti: uuid(),
// aud: who the token is intended for. If you issue tokens for multiple destinations with the same private key
// this, along with aud validation by other resource servers, will mitigate token reuse between multilpe resource servers
aud: 'https://api.swanbitcoin.com',
// scopes: What access you are requesting. This should correspond to the API you are calling.
scopes
}
const headers = {alg: 'ES256', typ: 'JWT'};
if (key_arn) {
//production-like demo: using KMS as our HSM
return kmsSign({headers, payload, key_arn});
} else {
// In this demo, we're reading the private key from the file system (see README.md for how to generate this key)
//
// DO NOT DO THIS in production. Read about securing your key here:
// https://developers.swanbitcoin.com/docs/personal-access/authentication#securing-private-keys
const privateKey = fs.readFileSync("private.pem")
return jwt.sign(payload, privateKey, {algorithm: 'ES256', expiresIn: '5s'});
}
}
const makeRequest = async ({ scopes, url, params}) => {
const token = await createApiToken({scopes});
const authorizationHeader = `Bearer ${token}`;
try {
let response = await axios.post(url, params, { headers: {'Authorization': authorizationHeader}});
return response;
} catch (e) {
if (e.response) {
console.warn(e.response.data);
return e.response
} else {
console.error(e);
return null;
}
}
}
(async() => {
const marketBuyResponse = await makeRequest({
url: 'https://api.dev.swanbitcoin.com/integrations/v20220222/trades/execute/market',
params: {
fundsType: 'balance',
purchaseAmountUsd
},
scopes: ['write:trades']
});
if (marketBuyResponse) {
console.log("Bought", marketBuyResponse.data.btcAmount, "BTC");
}
})();