A multipass example written for Node.js.

multipass.js

var crypto = require('crypto')
// site name is your desk.com subdomain
  , siteName = 'site_name'
// api key is generated here: https://your_subdomain.desk.com/admin/channels/support-center/auth_settings
  , apiKey = 'multipass_token'
  
  , data = JSON.stringify({
    uid: '19238333',
    expires: (new Date(Date.now() + 120000)).toISOString(),
    customer_email: '[email protected]',
    customer_name: 'John'
  })

  , key, iv, cipher, buffers, multipass, signature

console.log("== Generating ==");
console.log("    Create the encryption key using a 16 byte SHA1 digest of your api key and subdomain");
key = crypto.createHash('sha1')
            .update(apiKey + siteName)
            .digest()
            .slice(0, 16);

console.log("    Generate a random 16 byte IV");
iv = crypto.randomBytes(16);

console.log("    Encrypt data using AES128-cbc");
cipher  = crypto.createCipheriv('aes-128-cbc', key, iv);
buffers = [];

buffers.push(cipher.update(data, 'utf8', 'buffer'));
buffers.push(cipher.final('buffer'));

console.log("    Prepend the IV to the multipass token.");
buffers.unshift(iv);

console.log("    Combine the buffers and convert to base64.");
multipass = Buffer.concat(buffers).toString('base64');

console.log("    Build an HMAC-SHA1 signature using the encoded string and your api key");
signature = crypto.createHmac('sha1', apiKey)
                  .update(multipass)
                  .digest('base64');

console.log("    Finally, URL encode the multipass and signature");
multipass = encodeURIComponent(multipass);
signature = encodeURIComponent(signature);

console.log("== Finished ==");
console.log("URL: https://" + siteName + ".desk.com/customer/authentication/multipass/callback?multipass=" + multipass + "&signature=" + signature);

push