vodorod/Dorod-Sky
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity

move totp feature to the advanced settings for task (#606)

Browse Source
This commit is contained in:
Shuchang Zheng
2024-07-17 15:34:11 -07:00
committed by GitHub
parent 64f565cb7c
commit c87aeddfcc
3 changed files with 35 additions and 38 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
docs/mint.json
View File

@@ -72,7 +72,6 @@
"running-tasks/introduction", "running-tasks/introduction",
"running-tasks/api-spec", "running-tasks/api-spec",
"running-tasks/webhooks-faq", "running-tasks/webhooks-faq",
"running-tasks/totp-verification-code",
"running-tasks/visualizing-results", "running-tasks/visualizing-results",
"running-tasks/prompting-tips", "running-tasks/prompting-tips",
"running-tasks/advanced-features" "running-tasks/advanced-features"

35
docs/running-tasks/advanced-features.mdx
View File

@@ -20,3 +20,38 @@ Headers:
Body: Body:
.. usual task body .. .. usual task body ..
``` ```
## Time-based One-time Password (TOTP)
Skyvern supports one-time password (see https://www.twilio.com/docs/glossary/totp for more information) by fetching it from your endpoint. You can pass `totp_verification_url` when [creating a task](/running-tasks/api-spec#request-initiate-a-task). Inside this endpoint hosted by you, you have to conform to the following schema:
## Set Up Your TOTP Endpoint
For websites that requires a verification code to complete a task, you have to set up a TOTP endpoint for Skyvern to fetch the verification code.
Here's the TOTP endpoint contract you should use:
Request (POST):
| Parameter | Type | Required? | Sample Value | Description |
| --- | --- | --- | --- | --- |
| task_id | String | yes | tsk_123 | The task ID that needs the verification to be done |
Response:
| Parameter | Type | Required? | Sample Value | Description |
| task_id | String | yes | tsk_123 | The task ID that needs the verification to be done |
| verification_code | String | no | 123456 | The verification code |
## Validate The Sender of The Request
Same as the webhook API, your server needs to make sure its Skyvern thats making the request.
- a python example for how to generate and validate the signature:
```python
def validate_skyvern_request_headers(request: Request) -> bool:
header_skyvern_signature = request.headers["x-skyvern-signature"]
payload = request.body() # this is a bytes
hash_obj = hmac.new(SKYVERN_API_KEY.encode("utf-8"), msg=payload, digestmod=hashlib.sha256)
client_generated_signature = hash_obj.hexdigest()
return header_skyvern_signature == client_generated_signature
```
SKYVERN_API_KEY: this is the [api key](/running-tasks/introduction) specific to your organization

37
docs/running-tasks/totp-verification-code.mdx
View File

@@ -1,37 +0,0 @@
---
title: Time-based One-time Passowrd
description: 'How Skyvern gets the one time password from you?'
---
Skyvern supports one-time password by fetching it from your endpoint. You can pass `totp_verification_url` when creating a task. Inside this endpoint hosted by you, you have to conform to the following schema:
## Set Up Your Time-based One-time Password (TOTP) Endpoint
For websites that requires a verification code (see https://www.twilio.com/docs/glossary/totp for more information) to complete a task, you have to set up a TOTP endpoint for Skyvern to fetch the verification code.
Here's the TOTP endpoint contract you should use:
Request (POST):
| Parameter | Type | Required? | Sample Value | Description |
| --- | --- | --- | --- | --- |
| task_id | String | yes | tsk_123 | The task ID that needs the verification to be done |
Response:
| Parameter | Type | Required? | Sample Value | Description |
| task_id | String | yes | tsk_123 | The task ID that needs the verification to be done |
| verification_code | String | no | 123456 | The verification code |
## Validate The Sender of The Request
Same as the webhook API, your server needs to make sure its Skyvern thats making the request.
- a python example for how to generate and validate the signature:
```python
def validate_skyvern_request_headers(request: Request) -> bool:
header_skyvern_signature = request.headers["x-skyvern-signature"]
payload = request.body() # this is a bytes
hash_obj = hmac.new(SKYVERN_API_KEY.encode("utf-8"), msg=payload, digestmod=hashlib.sha256)
client_generated_signature = hash_obj.hexdigest()
return header_skyvern_signature == client_generated_signature
```
SKYVERN_API_KEY: this is the [api key](/running-tasks/introduction) specific to your organization