Setup

Install the project dependencies:

npm install

Create a .env file at the root of the repository and paste the following:

LIVE_API_KEY=liveApiKey
LIVE_USERNAME=liveAccountUsername
LIVE_PASSWORD=liveAccountPassword

DEMO_API_KEY=demoApiKey
DEMO_USERNAME=demoAccountUsername
DEMO_PASSWORD=demoAccountPassword

Replace the placeholder credentials with your own.

Testing

To run the tests once:

npm run test

To run the tests during development:

npm run test:watch

Problem

When logging into IG via the API, the password can be optionally encrypted for extra security to help prevent "man in the middle" attacks.

To send the password encrypted, an encryptionKey and timeStamp must first be requested via the session/encryptionKey endpoint.

The returned encryptionKey is in base64 format.

What is unclear to me is how the RSA token should be generated.

This post discusses the problem, but the solution is still not obvious to me.

So far I have gathered that the encryptionKey is to be used to create an RSA token and then the password should be encrypted with the timeStamp like so:

password + "|" + timeStamp

I am attempting to use the popular node-rsa package to create the RSA token. However, I would like to know:

1. What format should the RSA key be in?
   • pkcs1 or pkcs8?
   • public or private?
   • pem or der?
2. Should I wrap the encryptionKey in a header and footer?
3. Does the encryptionKey need to be decoded from base64 before it is used?

The relevant code that configures the RSA key can be seen here.