UNPKG

@azure/cosmos

Version:

Microsoft Azure Cosmos DB Service Node.js SDK for NOSQL API

github.com/Azure/azure-sdk-for-js/tree/main/sdk/cosmosdb/cosmos/README.md

Azure/azure-sdk-for-js

129 lines 6.13 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
"use strict"; // Copyright (c) Microsoft Corporation. // Licensed under the MIT License. Object.defineProperty(exports, "__esModule", { value: true }); exports.createAuthorizationSasToken = createAuthorizationSasToken; exports.utcsecondsSinceEpoch = utcsecondsSinceEpoch; const index_js_1 = require("../common/index.js"); const encode_js_1 = require("./encode.js"); const hmac_js_1 = require("./hmac.js"); /** * Experimental internal only * Generates the payload representing the permission configuration for the sas token. */ async function createAuthorizationSasToken(masterKey, sasTokenProperties) { let resourcePrefixPath = ""; if (typeof sasTokenProperties.databaseName === "string" && sasTokenProperties.databaseName !== "") { resourcePrefixPath += `/${index_js_1.Constants.Path.DatabasesPathSegment}/${sasTokenProperties.databaseName}`; } if (typeof sasTokenProperties.containerName === "string" && sasTokenProperties.containerName !== "") { if (sasTokenProperties.databaseName === "") { throw new Error(`illegalArgumentException : ${sasTokenProperties.databaseName} \ is an invalid database name`); } resourcePrefixPath += `/${index_js_1.Constants.Path.CollectionsPathSegment}/${sasTokenProperties.containerName}`; } if (typeof sasTokenProperties.resourceName === "string" && sasTokenProperties.resourceName !== "") { if (sasTokenProperties.containerName === "") { throw new Error(`illegalArgumentException : ${sasTokenProperties.containerName} \ is an invalid container name`); } switch (sasTokenProperties.resourceKind) { case "ITEM": resourcePrefixPath += `${index_js_1.Constants.Path.Root}${index_js_1.Constants.Path.DocumentsPathSegment}`; break; case "STORED_PROCEDURE": resourcePrefixPath += `${index_js_1.Constants.Path.Root}${index_js_1.Constants.Path.StoredProceduresPathSegment}`; break; case "USER_DEFINED_FUNCTION": resourcePrefixPath += `${index_js_1.Constants.Path.Root}${index_js_1.Constants.Path.UserDefinedFunctionsPathSegment}`; break; case "TRIGGER": resourcePrefixPath += `${index_js_1.Constants.Path.Root}${index_js_1.Constants.Path.TriggersPathSegment}`; break; default: throw new Error(`illegalArgumentException : ${sasTokenProperties.resourceKind} \ is an invalid resource kind`); break; } resourcePrefixPath += `${index_js_1.Constants.Path.Root}${sasTokenProperties.resourceName}${index_js_1.Constants.Path.Root}`; } sasTokenProperties.resourcePath = resourcePrefixPath.toString(); let partitionRanges = ""; if (sasTokenProperties.partitionKeyValueRanges !== undefined && sasTokenProperties.partitionKeyValueRanges.length > 0) { if (typeof sasTokenProperties.resourceKind !== "string" && sasTokenProperties.resourceKind !== "ITEM") { throw new Error(`illegalArgumentException : ${sasTokenProperties.resourceKind} \ is an invalid partition key value range`); } sasTokenProperties.partitionKeyValueRanges.forEach((range) => { partitionRanges += `${(0, encode_js_1.encodeUTF8)(range)},`; }); } if (sasTokenProperties.controlPlaneReaderScope === 0) { sasTokenProperties.controlPlaneReaderScope += index_js_1.SasTokenPermissionKind.ContainerReadAny; sasTokenProperties.controlPlaneWriterScope += index_js_1.SasTokenPermissionKind.ContainerReadAny; } if (sasTokenProperties.dataPlaneReaderScope === 0 && sasTokenProperties.dataPlaneWriterScope === 0) { sasTokenProperties.dataPlaneReaderScope = index_js_1.SasTokenPermissionKind.ContainerFullAccess; sasTokenProperties.dataPlaneWriterScope = index_js_1.SasTokenPermissionKind.ContainerFullAccess; } if (typeof sasTokenProperties.keyType !== "number" || typeof sasTokenProperties.keyType === "undefined") { switch (sasTokenProperties.keyType) { case index_js_1.CosmosKeyType.PrimaryMaster: sasTokenProperties.keyType = 1; break; case index_js_1.CosmosKeyType.SecondaryMaster: sasTokenProperties.keyType = 2; break; case index_js_1.CosmosKeyType.PrimaryReadOnly: sasTokenProperties.keyType = 3; break; case index_js_1.CosmosKeyType.SecondaryReadOnly: sasTokenProperties.keyType = 4; break; default: throw new Error(`illegalArgumentException : ${sasTokenProperties.keyType} \ is an invalid key type`); break; } } const payload = sasTokenProperties.user + "\n" + sasTokenProperties.userTag + "\n" + sasTokenProperties.resourcePath + "\n" + partitionRanges + "\n" + utcsecondsSinceEpoch(sasTokenProperties.startTime).toString(16) + "\n" + utcsecondsSinceEpoch(sasTokenProperties.expiryTime).toString(16) + "\n" + sasTokenProperties.keyType + "\n" + sasTokenProperties.controlPlaneReaderScope.toString(16) + "\n" + sasTokenProperties.controlPlaneWriterScope.toString(16) + "\n" + sasTokenProperties.dataPlaneReaderScope.toString(16) + "\n" + sasTokenProperties.dataPlaneWriterScope.toString(16) + "\n"; const signedPayload = await (0, hmac_js_1.hmac)(masterKey, Buffer.from(payload).toString("base64")); return "type=sas&ver=1.0&sig=" + signedPayload + ";" + Buffer.from(payload).toString("base64"); } /** * @hidden */ // TODO: utcMilllisecondsSinceEpoch function utcsecondsSinceEpoch(date) { return Math.round(date.getTime() / 1000); } //# sourceMappingURL=SasToken.js.map