Agora-token-helper - Some help tools for AgoraToken

Related tags

Miscellaneoushelpertokenagoraio
Overview

Agora Token Helper

Support AgoraToken version 001 - 006. But for security reasons, I recommend using version 006 and above.

1 Analyzer

The analyzer can help you parse the original content of the AgoraToken, which you can use to check whether it is correct.

# Example(appID: 970CA35de60c44645bbae8a215061b33, appCert: 5CFd2fd1755d40ecb72977518be15d3b)
python3 analyzer.py 006970CA35de60c44645bbae8a215061b33IACV0fZUBw+72cVoL9eyGGh3Q6Poi8bgjwVLnyKSJyOXR7dIfRBXoFHlEAABAAAAR/QQAAEAAQCvKDdW

# Output
## version:  006
## [Analyze] AccessToken(V6), Signature: 95d1f654070fbbd9c5682fd7b218687743a3e88bc6e08f054b9f229227239747, AppId: 970CA35de60c44645bbae8a215061b33, CRC(ChannelName): 276646071, CRC(Uid): 3847331927, Ts: 1111111, Salt: 1, privilege: 1:1446455471

2 Checker

If you want to use a checker, you need to modify the configs/project.json file and set the parameters in the file to the one used by the current generated AgoraToken.

# Example(appID: 970CA35de60c44645bbae8a215061b33, appCert: 5CFd2fd1755d40ecb72977518be15d3b)
python3 checker.py 006970CA35de60c44645bbae8a215061b33IACV0fZUBw+72cVoL9eyGGh3Q6Poi8bgjwVLnyKSJyOXR7dIfRBXoFHlEAABAAAAR/QQAAEAAQCvKDdW -c 7d72365eb983485397e3e3f9d460bdda -u 2882341273

# Output
## version:  006
## [Check] AccessToken(V6), Signature: 95d1f654070fbbd9c5682fd7b218687743a3e88bc6e08f054b9f229227239747, AppId: 970CA35de60c44645bbae8a215061b33, CRC(ChannelName): 276646071, CRC(Uid): 3847331927, Ts: 1111111, Salt: 1, privilege: 1:1446455471
## [Check] Error: token expired, now ts: 1642995315, expired at 1111111
## [Check] Error: token privilege expired, privilege: 1, now ts: 1642995315, expired at 1446455471

# -----------------------------------
# Example use wrong channel and user id(appID: 970CA35de60c44645bbae8a215061b33, appCert: 5CFd2fd1755d40ecb72977518be15d3b)
python3 checker.py 006970CA35de60c44645bbae8a215061b33IACV0fZUBw+72cVoL9eyGGh3Q6Poi8bgjwVLnyKSJyOXR7dIfRBXoFHlEAABAAAAR/QQAAEAAQCvKDdW -c abc -u 123

# Output
## version:  006
## [Check] AccessToken(V6), Signature: 95d1f654070fbbd9c5682fd7b218687743a3e88bc6e08f054b9f229227239747, AppId: 970CA35de60c44645bbae8a215061b33, CRC(ChannelName): 276646071, CRC(Uid): 3847331927, Ts: 1111111, Salt: 1, privilege: 1:1446455471
## [Check] Error: token expired, now ts: 1642995508, expired at 1111111
## [Check] Error: token privilege expired, privilege: 1, now ts: 1642995508, expired at 1446455471
## [Check] Error: channel name crc32 not same
## [Check] Error: user id crc32 not same
## [Check] Error: signature not same

You also need to pay attention to whether the privilege settings are correct, which cannot be judged from the token alone. For example, a user who has no privilege cannot send any audio, video, etc.

3 Server

Attention:

  1. this is a very simple example service that you need to rewrite and check user's permissions very carefully!
  2. need to follow the actual business needs and don't assign user too much privilege!
  3. pay attention to the token ttl, don't assign a high permissions(audio, video, etc.) for a long time!
  4. should also think about the risk of AppCert leaks, which should consider a regularly updates to AppCert, and a blue-green replacement strategy.

If you want to use a server, you need to modify the configs/project.json file and set the parameters in the file to the one used by the current generated AgoraToken.

This part relies on flask and needs to be installed according to the requirements.txt.

# Install
pip3 install -r requirements.txt

# Example(appID: 970CA35de60c44645bbae8a215061b33, appCert: 5CFd2fd1755d40ecb72977518be15d3b)
python3 server.py

# Request
curl -X "POST" "http://127.0.0.1:8080/token/6" \
     -H 'Content-Type: application/json; charset=utf-8' \
     -d $'{"expired_ts":1586843002,"channel_name":"123","privilege":[1000]}'
     
# Response
{"app_id":"970CA35de60c44645bbae8a215061b33","token":"006970CA35de60c44645bbae8a215061b33IAB+3uS6z5qjTFNJdj8L/kpoJ361NRzQ5Lr3Ld8cLZ0dJdJjSIgAAAAAKAAQIGcAmrLwYQUAAQB6TZVeAgB6TZVeAwB6TZVeBAB6TZVe6AN6TZVe","channel_name":"123","uid":""}

4 Cautious

'Security and safety were the reward of dullness.' by Hanif Kureishi

You might also like...
School helper, helps you at your pyllabus's.
School helper, helps you at your pyllabus's.

pyllabus, helps you at your syllabus's... WARNING: It won't run without config.py! You should add config.py yourself, it will include your APIKEY. e.g

Ahmet Efe AKYAZI 6 Aug 7, 2022
Voldemort's Python import helper

importmagician Voldemort's Python import helper pip install importmagician Import from uninstalled Python directories Say you have a directory (relat

Zhengyang Feng 4 Mar 9, 2022
The CS Netlogo Helper is a small python script I made, to make computer science homework easier.
The CS Netlogo Helper is a small python script I made, to make computer science homework easier.

The CS Netlogo Helper is a small python script I made, to make computer science homework easier. This project is really ironic now that I think about it.

null 1 Jan 13, 2022
Helper to organize your windows on your desktop.
Helper to organize your windows on your desktop.

The script of positionsing windows on the screen. How does it work? Select your window to move/res

Andrii D. 1 Jul 9, 2021
FantasyBballHelper - Espn Fantasy Basketball Helper
FantasyBballHelper - Espn Fantasy Basketball Helper

ESPN FANTASY BASKETBALL HELPER The simple goal of this project is to allow fanta

null 1 Jan 18, 2022
SEH-Helper - Binary Ninja plugin for exploring Structured Exception Handlers
SEH-Helper - Binary Ninja plugin for exploring Structured Exception Handlers

SEH Helper Author: EliseZeroTwo A Binary Ninja helper for exploring structured e

Elise 74 Dec 26, 2022
Some ideas and tools to develop Python 3.8 plugins for GIMP 2.99.4
Some ideas and tools to develop Python 3.8 plugins for GIMP 2.99.4

gimp-python-development Some ideas and tools to develop Python 3.8 plugins for GIMP 2.99.4. GIMP 2.99.4 is the latest unstable pre-release of GIMP 3.

Ismael Benito 53 Sep 25, 2022
x-tools is a collection of tools developed in Python

x-tools X-tools is a collection of tools developed in Python Commands\

null 5 Jan 24, 2022
token vesting escrow with cliff and clawback

Yearn Vesting Escrow A modified version of Curve Vesting Escrow contracts with added functionality: An escrow can have a start_date in the past.

null 62 Dec 8, 2022
Releases(0.1.0)
Owner
imagora
imagora
GitHub Repository
A tool to help you to do the monthly reading requirements

Monthly Reading Requirement Auto ⚙️ A tool to help you do the monthly reading requirements Important ⚠️ Some words can't be translated Links: Synonym

Julian Jauk 2 Oct 31, 2021
The Zig programming language, packaged for PyPI

Zig PyPI distribution This repository contains the script used to repackage the releases of the Zig programming language as Python binary wheels. This

Zig Programming Language 100 Nov 04, 2022
Werkzeug has a debug console that requires a pin. It's possible to bypass this with an LFI vulnerability or use it as a local privilege escalation vector.

Werkzeug Debug Console Pin Bypass Werkzeug has a debug console that requires a pin by default. It's possible to bypass this with an LFI vulnerability

Wyatt Dahlenburg 23 Dec 17, 2022
Script that creates graphical representations of Julia an Mandelbrot sets.

Julia and Mandelbrot Picture Maker This simple functions create simple plots of the Julia and Mandelbrot sets. The Julia set require the important par

Juan Riera Gomez 1 Jan 10, 2022
A quick experiment to demonstrate Metamath formula parsing, where the grammar is embedded in a few additional 'syntax axioms'.

Warning: Hacked-up code ahead. (But it seems to work...) What it does This demonstrates an idea which I posted about several times on the Metamath mai

Marnix Klooster 1 Oct 21, 2021
A collection of software that serve no purpose other than waste your time. Forking is encouraged!

the-useless-collection A collection of software that serve no purpose other than waste your time. Forking is encouraged! Requires Python 3.9. Usage Go

Imsad2 1 Mar 16, 2022
BlueBorne Dockerized

BlueBorne Dockerized This is the repo to reproduce the BlueBorne kill-chain on Dockerized Android as described here, to fully understand the code you

SecSI 5 Sep 14, 2022
Python bindings for Basler's VisualApplets TCL script generation

About visualapplets.py The Basler AG company provides a TCL scripting engine to automatize the creation of VisualApplets designs (a former Silicon Sof

Jürgen Hock 2 Dec 07, 2022
A Python Web Application for Checking vaccine slots by pincodes and auto slot booking.

The Dashboard is developed using Bokeh and python 3.5+. This dashboard is useful for you if you are looking for something which will help you to book the vaccine slot once slots become available. Oth

Suraj Deshmukh 10 Jan 23, 2022
Meaningful and minimalist release notes for developers

Managing manual release notes is hard. Therefore, everyone tends to generate release notes from commit messages. But, you won't get a meaningful release note at the end.

codezri 31 Dec 30, 2022
Nook is a simple, concatenative programming language written in Python.

Nook Nook is a simple, concatenative programming language written in Python. Status Nook is currently WIP. It lacks a lot of basic feature, and will n

Wumi4 4 Jul 20, 2022
ripgrep recursively searches directories for a regex pattern while respecting your gitignore

ripgrep (rg) ripgrep is a line-oriented search tool that recursively searches the current directory for a regex pattern. By default, ripgrep will resp

Andrew Gallant 35k Dec 31, 2022
Apache Superset out of box version(Windows 64-bit)

superset_app Apache Superset out of box version (Windows 64bit) prepare job download 3 files python-3.8.10-embed-amd64.zip get-pip.py python_geohash‑0

Steven Lee 9 Oct 02, 2022
Repo created for the purpose of adding any kind of programs and projects

Programs and Project Repository A repository for adding programs and projects of any kind starting from beginners level to expert ones Contributing to

Unicorn Dev Community 3 Nov 02, 2022
Home Assistant integration for spanish electrical data providers (e.g., datadis)

homeassistant-edata Esta integración para Home Assistant te permite seguir de un vistazo tus consumos y máximas potencias alcanzadas. Para ello, se ap

VMG 163 Jan 05, 2023
Python tools for experimenting with differentiable intonation cost measures

Differentiable Intonation Tools The Differentiable Intonation Tools (dit) are a collection of Python functions to analyze the intonation in multitrack

Simon Schwär 2 Mar 27, 2022
Run CodeServer on Google Colab using Inlets in less than 60 secs using your own domain.

Inlets Colab Run CodeServer on Colab using Inlets in less than 60 secs using your own domain. Features Optimized for Inlets/InletsPro Use your own Cus

2 Dec 30, 2021
Manage Procfile-based applications

Foreman Manage Procfile-based applications Installation $ gem install foreman Ruby users should take care not to install foreman in their project's G

David Dollar 5.8k Jan 03, 2023
An optional component handler for hikari, inspired by discord.py's views.

hikari-miru An optional component handler for hikari, inspired by discord.py's views.

43 Dec 26, 2022
Shutdown Time - A pretty much useless application that allows you to shut your computer down in x time with a GUI.

A pretty much useless application that allows you to shut your computer down in x time with a GUI. Should eventually support Windows (all versions), Linux (v2.0+), MacOS (probably with Linux, idk)

1 Nov 08, 2022