Agora-token-helper - Some help tools for AgoraToken

Related tags

Miscellaneoushelpertokenagoraio
Overview

Agora Token Helper

Support AgoraToken version 001 - 006. But for security reasons, I recommend using version 006 and above.

1 Analyzer

The analyzer can help you parse the original content of the AgoraToken, which you can use to check whether it is correct.

# Example(appID: 970CA35de60c44645bbae8a215061b33, appCert: 5CFd2fd1755d40ecb72977518be15d3b)
python3 analyzer.py 006970CA35de60c44645bbae8a215061b33IACV0fZUBw+72cVoL9eyGGh3Q6Poi8bgjwVLnyKSJyOXR7dIfRBXoFHlEAABAAAAR/QQAAEAAQCvKDdW

# Output
## version:  006
## [Analyze] AccessToken(V6), Signature: 95d1f654070fbbd9c5682fd7b218687743a3e88bc6e08f054b9f229227239747, AppId: 970CA35de60c44645bbae8a215061b33, CRC(ChannelName): 276646071, CRC(Uid): 3847331927, Ts: 1111111, Salt: 1, privilege: 1:1446455471

2 Checker

If you want to use a checker, you need to modify the configs/project.json file and set the parameters in the file to the one used by the current generated AgoraToken.

# Example(appID: 970CA35de60c44645bbae8a215061b33, appCert: 5CFd2fd1755d40ecb72977518be15d3b)
python3 checker.py 006970CA35de60c44645bbae8a215061b33IACV0fZUBw+72cVoL9eyGGh3Q6Poi8bgjwVLnyKSJyOXR7dIfRBXoFHlEAABAAAAR/QQAAEAAQCvKDdW -c 7d72365eb983485397e3e3f9d460bdda -u 2882341273

# Output
## version:  006
## [Check] AccessToken(V6), Signature: 95d1f654070fbbd9c5682fd7b218687743a3e88bc6e08f054b9f229227239747, AppId: 970CA35de60c44645bbae8a215061b33, CRC(ChannelName): 276646071, CRC(Uid): 3847331927, Ts: 1111111, Salt: 1, privilege: 1:1446455471
## [Check] Error: token expired, now ts: 1642995315, expired at 1111111
## [Check] Error: token privilege expired, privilege: 1, now ts: 1642995315, expired at 1446455471

# -----------------------------------
# Example use wrong channel and user id(appID: 970CA35de60c44645bbae8a215061b33, appCert: 5CFd2fd1755d40ecb72977518be15d3b)
python3 checker.py 006970CA35de60c44645bbae8a215061b33IACV0fZUBw+72cVoL9eyGGh3Q6Poi8bgjwVLnyKSJyOXR7dIfRBXoFHlEAABAAAAR/QQAAEAAQCvKDdW -c abc -u 123

# Output
## version:  006
## [Check] AccessToken(V6), Signature: 95d1f654070fbbd9c5682fd7b218687743a3e88bc6e08f054b9f229227239747, AppId: 970CA35de60c44645bbae8a215061b33, CRC(ChannelName): 276646071, CRC(Uid): 3847331927, Ts: 1111111, Salt: 1, privilege: 1:1446455471
## [Check] Error: token expired, now ts: 1642995508, expired at 1111111
## [Check] Error: token privilege expired, privilege: 1, now ts: 1642995508, expired at 1446455471
## [Check] Error: channel name crc32 not same
## [Check] Error: user id crc32 not same
## [Check] Error: signature not same

You also need to pay attention to whether the privilege settings are correct, which cannot be judged from the token alone. For example, a user who has no privilege cannot send any audio, video, etc.

3 Server

Attention:

  1. this is a very simple example service that you need to rewrite and check user's permissions very carefully!
  2. need to follow the actual business needs and don't assign user too much privilege!
  3. pay attention to the token ttl, don't assign a high permissions(audio, video, etc.) for a long time!
  4. should also think about the risk of AppCert leaks, which should consider a regularly updates to AppCert, and a blue-green replacement strategy.

If you want to use a server, you need to modify the configs/project.json file and set the parameters in the file to the one used by the current generated AgoraToken.

This part relies on flask and needs to be installed according to the requirements.txt.

# Install
pip3 install -r requirements.txt

# Example(appID: 970CA35de60c44645bbae8a215061b33, appCert: 5CFd2fd1755d40ecb72977518be15d3b)
python3 server.py

# Request
curl -X "POST" "http://127.0.0.1:8080/token/6" \
     -H 'Content-Type: application/json; charset=utf-8' \
     -d $'{"expired_ts":1586843002,"channel_name":"123","privilege":[1000]}'
     
# Response
{"app_id":"970CA35de60c44645bbae8a215061b33","token":"006970CA35de60c44645bbae8a215061b33IAB+3uS6z5qjTFNJdj8L/kpoJ361NRzQ5Lr3Ld8cLZ0dJdJjSIgAAAAAKAAQIGcAmrLwYQUAAQB6TZVeAgB6TZVeAwB6TZVeBAB6TZVe6AN6TZVe","channel_name":"123","uid":""}

4 Cautious

'Security and safety were the reward of dullness.' by Hanif Kureishi

You might also like...
School helper, helps you at your pyllabus's.
School helper, helps you at your pyllabus's.

pyllabus, helps you at your syllabus's... WARNING: It won't run without config.py! You should add config.py yourself, it will include your APIKEY. e.g

Ahmet Efe AKYAZI 6 Aug 7, 2022
Voldemort's Python import helper

importmagician Voldemort's Python import helper pip install importmagician Import from uninstalled Python directories Say you have a directory (relat

Zhengyang Feng 4 Mar 9, 2022
The CS Netlogo Helper is a small python script I made, to make computer science homework easier.
The CS Netlogo Helper is a small python script I made, to make computer science homework easier.

The CS Netlogo Helper is a small python script I made, to make computer science homework easier. This project is really ironic now that I think about it.

null 1 Jan 13, 2022
Helper to organize your windows on your desktop.
Helper to organize your windows on your desktop.

The script of positionsing windows on the screen. How does it work? Select your window to move/res

Andrii D. 1 Jul 9, 2021
FantasyBballHelper - Espn Fantasy Basketball Helper
FantasyBballHelper - Espn Fantasy Basketball Helper

ESPN FANTASY BASKETBALL HELPER The simple goal of this project is to allow fanta

null 1 Jan 18, 2022
SEH-Helper - Binary Ninja plugin for exploring Structured Exception Handlers
SEH-Helper - Binary Ninja plugin for exploring Structured Exception Handlers

SEH Helper Author: EliseZeroTwo A Binary Ninja helper for exploring structured e

Elise 74 Dec 26, 2022
Some ideas and tools to develop Python 3.8 plugins for GIMP 2.99.4
Some ideas and tools to develop Python 3.8 plugins for GIMP 2.99.4

gimp-python-development Some ideas and tools to develop Python 3.8 plugins for GIMP 2.99.4. GIMP 2.99.4 is the latest unstable pre-release of GIMP 3.

Ismael Benito 53 Sep 25, 2022
x-tools is a collection of tools developed in Python

x-tools X-tools is a collection of tools developed in Python Commands\

null 5 Jan 24, 2022
token vesting escrow with cliff and clawback

Yearn Vesting Escrow A modified version of Curve Vesting Escrow contracts with added functionality: An escrow can have a start_date in the past.

null 62 Dec 8, 2022
Releases(0.1.0)
Owner
imagora
imagora
GitHub Repository
Generate a wordlist to fuzz amounts or any other numerical values.

Generate a wordlist to fuzz amounts or any other numerical values. Based on Common Security Issues in Financially-Oriented Web Applications.

Ivan Ε incek 3 Oct 14, 2022
gwcheck is a tool to check .gnu.warning.* sections in ELF object files and display their content.

gwcheck Description gwcheck is a tool to check .gnu.warning.* sections in ELF object files and display their content. For an introduction to .gnu.warn

Frederic Cambus 11 Oct 28, 2022
An advanced NFT Generator

NFT Generator An advanced NFT Generator Free software: GNU General Public License v3 Documentation: https://nft-generator.readthedocs.io. Features TOD

NFT Generator 5 Apr 21, 2022
A bot to use in a pump & dump event

A bot to use in a pump & dump event on Binance.com. Please note the bot is in heavy devleopment currently so be aware of errors. If you experience err

Freddie Jonas 189 Dec 24, 2022
dbt adapter for Firebolt

dbt-firebolt dbt adapter for Firebolt dbt-firebolt supports dbt 0.21 and newer Installation First, download the JDBC driver and place it wherever you'

23 Dec 14, 2022
Tool for working with Direct System Calls in Cobalt Strike's Beacon Object Files (BOF) via Syswhispers2

Tool for working with Direct System Calls in Cobalt Strike's Beacon Object Files (BOF) via Syswhispers2

150 Dec 31, 2022
Aesthetic NFT Generator

A E S T H E T I C Dependencies Pillow numpy OpenCV You can use pip to install any missing dependencies. Basic Usage Vaporwave artwork can be generated

Mentor Elezi 4 Mar 13, 2022
An AddOn storing wireguard configuration

Wireguard Database Connector Overview Development Status: 0.1.7 (alpha) First of all, I'd like to thank Jared McKnight for wireguard who inspired me t

Markus Neubauer 3 Dec 30, 2021
Intelligent Systems Project In Python

Intelligent Systems Project In Python

RLLAB 3 May 16, 2022
A python script made for personal use to monitor for sports card restocks on target.com since they are sold out often

TargetProductMonitor A python script made for personal use to monitor for sports card resocks on target.com since they are sold out often. When a rest

Bryan Lorden 2 Jul 31, 2022
Exploiting Linksys WRT54G using a vulnerability I found.

Exploiting Linksys WRT54G Exploit # Install the requirements. pip install -r requirements.txt ROUTER_HOST=192.169.1.1 ROUTER_USERNAME=admin ROUTER_P

Elon Gliksberg 31 May 29, 2022
Credit Card Fraud Detection

Credit Card Fraud Detection For this project, I used the datasets from the kaggle competition called IEEE-CIS Fraud Detection. The competition aims to

RayWu 4 Jun 21, 2022
SWS Filters App - SWS Filters App With Python

SWS Filters App Fun πŸ˜… ... Fun πŸ˜… Click On photo and see πŸ˜‚ πŸ˜‚ πŸ˜‚ Your Video rec

Sagar Jangid 3 Jul 07, 2022
Access Modbus RTU via API call to Sungrow WiNet-S

SungrowModbusWebClient Access Modbus RTU via API call to Sungrow WiNet-S Class based on pymodbus.ModbusTcpClient, completely interchangeable, just rep

8 Oct 30, 2022
A reproduction repo for a Scheduling bug in AirFlow 2.2.3

A reproduction repo for a Scheduling bug in AirFlow 2.2.3

Ilya Strelnikov 1 Feb 09, 2022
AIST++ API This repo contains starter code for using the AIST++ dataset.

Explainability for Vision Transformers (in PyTorch) This repository implements methods for explainability in Vision Transformers

Google 260 Dec 30, 2022
An improved version of the common Λ™pacman -SΛ™

BetterPacmanLook An improved version of the common pacman -S. Installation I know that this is probably one of the worst solutions and i will be worki

1 Nov 06, 2021
Use this function to get list of routes for particular journey

route-planner Functions api_processing Use this function to get list of routes for particular journey. Function has three parameters: Origin Destinati

2 Nov 28, 2021
πŸ’˜ Write any Python with 9 Characters: e,x,c,h,r,(,+,1,)

πŸ’˜ PyFuck exchr(+1) PyFuck is a strange playful code. It uses only nine different characters to write Python3 code. Inspired by aemkei/jsfuck Example

Satoki 10 Dec 25, 2022
36 key ergo split keyboard, designed around the Seeeduino Xiao platform

Slice36 Minimalist Split Keyboard 36 key ergo split keyboard, designed around the Seeeduino Xiao platform. Inspired by the Corne, Ferris, Ben Vallack'

54 Dec 21, 2022