Add Mastodon coupon posts

Author: bkimminich

.github/workflows/coupon-distribution.yml

@@ -26,3 +26,5 @@ jobs:
           REDDIT_ACCOUNT_PASSWORD: ${{ secrets.REDDIT_ACCOUNT_PASSWORD }}
           REDDIT_APP_ID: ${{ secrets.REDDIT_APP_ID }}
           REDDIT_APP_SECRET: ${{ secrets.REDDIT_APP_SECRET }}
+          MASTODON_URL: ${{ secrets.MASTODON_URL }}
+          MASTODON_TOKEN: ${{ secrets.MASTODON_TOKEN }}

README.md

@@ -30,8 +30,7 @@ juicy-coupon-bot
 > Next you need a BlueSky account
 > to which you obviously have to provide your own identifier (i.e. email) and app password for
 > the environment variables `BLUESKY_IDENTIFIER` and
-> `BLUESKY_PASSWORD`. For Reddit integration you additionally
-> need a [Reddit App](https://www.reddit.com/prefs/apps) and have to
+> `BLUESKY_PASSWORD`. For Mastodon integration you have to generate an [Access Token](https://docs.joinmastodon.org/client/authorized/) and pass it in via `MASTODON_TOKEN` along with the `MASTODON_URL` of your instance. For Reddit integration you need a [Reddit App](https://www.reddit.com/prefs/apps) and have to
 > define the environment variables `REDDIT_ACCOUNT_NAME`,
 > `REDDIT_ACCOUNT_PASSWORD`, `REDDIT_APP_ID` and `REDDIT_APP_SECRET`.
 

lib/mastodonPost.js

@@ -0,0 +1,20 @@
+/*
+ * Copyright (c) 2019-2024 Bjoern Kimminich & the OWASP Juice Shop contributors.
+ * SPDX-License-Identifier: MIT
+ */
+
+const logger = require('../lib/logger')
+const colors = require('colors')
+
+module.exports = (discount, coupon, expiryDate) => {
+  const texts = [
+    `[🤖] Enjoy ${discount}% off all our juicy products with this #coupon code: ${coupon} (valid until ${expiryDate})`,
+    `[🤖] Save ${discount}% during your next shopping frenzy with #coupon code: ${coupon} (expires ${expiryDate})`,
+    `[🤖] All your favorite juices are now ${discount}% off! Only with #coupon code: ${coupon} (use before ${expiryDate})`,
+    `[🤖] ${discount}% off!?! We must be crazy! Use our #coupon code before we come to our senses: ${coupon} (valid until ${expiryDate})`,
+    `[🤖] You're not seriously gonna miss out on ${discount}% off our assortment of juices? Better redeem #coupon code: ${coupon} (latest on ${expiryDate})`
+  ]
+  const status = texts[Math.floor(Math.random() * texts.length)]
+  logger.info(`[${colors.green('✔')}] Mastodon post prepared: ${colors.cyan(status)}`)
+  return status
+}

lib/publishBlueSky.js

@@ -25,11 +25,11 @@ module.exports = async (post) => {
         }
       })
 
-      logger.info(`[${colors.green('✔')}] Post published: ${res}`)
+      logger.info(`[${colors.green('✔')}] Post published: ${JSON.stringify(res)}`)
     } catch (error) {
       logger.warn(`[${colors.red('❌')}] Post failed: ${colors.red(error)}`)
     }
   } else {
-    logger.info(`[${colors.yellow('❌')}] Skipped BlueSky post: ${colors.yellow('Post will only be published when PUBLISHING_MODE is set as an environment variable')}`)
+    logger.info(`[${colors.yellow('🟡')}] Skipped BlueSky post: ${colors.yellow('Post will only be published when PUBLISHING_MODE is set as an environment variable')}`)
   }
 }

lib/publishMastodon.js

@@ -0,0 +1,25 @@
+/*
+ * Copyright (c) 2019-2024 Bjoern Kimminich & the OWASP Juice Shop contributors.
+ * SPDX-License-Identifier: MIT
+ */
+
+const logger = require('./logger')
+const colors = require('colors')
+import { createRestAPIClient } from "masto"
+const masto = createRestAPIClient({
+  url: process.env.MASTODON_URL,
+  accessToken: process.env.MASTODON_TOKEN,
+})
+
+module.exports = async (status) => {
+  if (process.env.PUBLISHING_MODE) {
+    try {
+      const res = await masto.v1.statuses.create({ status })
+      logger.info(`[${colors.green('✔')}] Post published: ${res.url}`)
+    } catch (error) {
+      logger.warn(`[${colors.red('❌')}] Post failed: ${colors.red(error)}`)
+    }
+  } else {
+    logger.info(`[${colors.yellow('🟡')}] Skipped Mastodon post: ${colors.yellow('Post will only be published when PUBLISHING_MODE is set as an environment variable')}`)
+  }
+}

lib/publishReddit.js

@@ -17,13 +17,13 @@ const R = new RedditAPI(
 module.exports = (text, title) => {
   if (process.env.PUBLISHING_MODE) {
     R.api.post('/api/submit', { api_type: 'json', sr: 'owasp_juiceshop', kind: 'self', title, text })
-      .then(function (response) {
-        logger.info(`[${colors.green('✔')}] Reddit post published: ${JSON.stringify(response[1].json.data)}`)
+      .then(function (res) {
+        logger.info(`[${colors.green('✔')}] Reddit post published: ${res[1].json.data.url}`)
       })
       .catch(function (error) {
         logger.warn(`[${colors.red('❌')}] Reddit post failed: ${colors.red(error)}`)
       })
   } else {
-    logger.info(`[${colors.yellow('❌')}] Skipped Reddit post: ${colors.yellow('Post will only be published when PUBLISHING_MODE is set as an environment variable')}`)
+    logger.info(`[${colors.yellow('🟡')}] Skipped Reddit post: ${colors.yellow('Post will only be published when PUBLISHING_MODE is set as an environment variable')}`)
   }
 }

package.json

@@ -1,6 +1,6 @@
 {
   "name": "juicy-coupon-bot",
-  "version": "2.0.0",
+  "version": "2.1.0",
   "description": "Coupon code generator and distribution bot for OWASP Juice Shop",
   "homepage": "http://owasp-juice.shop",
   "bugs": {
@@ -36,10 +36,9 @@
   "dependencies": {
     "@atproto/api": "^0.13.17",
     "colors": "^1.4.0",
-    "fbgraph": "^1.4.4",
+    "masto": "^6.10.1",
     "reddit-wrapper-v2": "^1.1.6",
     "sync-request": "^6.1.0",
-    "twitter": "^1.7.1",
     "winston": "^3.2.1"
   },
   "devDependencies": {

test/mastodonPost-spec.js

@@ -0,0 +1,46 @@
+/*
+ * Copyright (c) 2019-2024 Bjoern Kimminich & the OWASP Juice Shop contributors.
+ * SPDX-License-Identifier: MIT
+ */
+
+const chai = require('chai')
+const expect = chai.expect
+const mastodonPost = require('../lib/mastodonPost')
+
+describe('Mastodon post', () => {
+  it('should always include robot emoji', () => {
+    for (let i = 0; i < 100; i++) {
+      expect(mastodonPost()).to.include('[🤖]')
+    }
+  })
+
+  it('should always include #coupon hashtag', () => {
+    for (let i = 0; i < 100; i++) {
+      expect(mastodonPost()).to.include('#coupon')
+    }
+  })
+
+  it('should always mention discount amount', () => {
+    for (let i = 10; i < 40; i++) {
+      expect(mastodonPost(i)).to.include(i + '%')
+    }
+  })
+
+  it('should always contain coupon code', () => {
+    for (let i = 0; i < 100; i++) {
+      expect(mastodonPost(undefined, ':COUPON:')).to.include(':COUPON:')
+    }
+  })
+
+  it('should always mention expiration date', () => {
+    for (let i = 0; i < 100; i++) {
+      expect(mastodonPost(undefined, undefined, ':EXPIRATION:')).to.include(':EXPIRATION:')
+    }
+  })
+
+  it('should never be longer than 500 characters', () => {
+    for (let i = 0; i < 100; i++) {
+      expect(mastodonPost().length <= 500).to.equal(true)
+    }
+  })
+})