@azure/cosmos
Version:
Microsoft Azure Cosmos DB Service Node.js SDK for NOSQL API
110 lines (109 loc) • 6.26 kB
JavaScript
var __defProp = Object.defineProperty;
var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
var __getOwnPropNames = Object.getOwnPropertyNames;
var __hasOwnProp = Object.prototype.hasOwnProperty;
var __export = (target, all) => {
for (var name in all)
__defProp(target, name, { get: all[name], enumerable: true });
};
var __copyProps = (to, from, except, desc) => {
if (from && typeof from === "object" || typeof from === "function") {
for (let key of __getOwnPropNames(from))
if (!__hasOwnProp.call(to, key) && key !== except)
__defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
}
return to;
};
var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
var SasToken_exports = {};
__export(SasToken_exports, {
createAuthorizationSasToken: () => createAuthorizationSasToken,
utcsecondsSinceEpoch: () => utcsecondsSinceEpoch
});
module.exports = __toCommonJS(SasToken_exports);
var import_common = require("../common/index.js");
var import_encode = require("./encode.js");
var import_hmac = require("./hmac.js");
async function createAuthorizationSasToken(masterKey, sasTokenProperties) {
let resourcePrefixPath = "";
if (typeof sasTokenProperties.databaseName === "string" && sasTokenProperties.databaseName !== "") {
resourcePrefixPath += `/${import_common.Constants.Path.DatabasesPathSegment}/${sasTokenProperties.databaseName}`;
}
if (typeof sasTokenProperties.containerName === "string" && sasTokenProperties.containerName !== "") {
if (sasTokenProperties.databaseName === "") {
throw new Error(`illegalArgumentException : ${sasTokenProperties.databaseName} is an invalid database name`);
}
resourcePrefixPath += `/${import_common.Constants.Path.CollectionsPathSegment}/${sasTokenProperties.containerName}`;
}
if (typeof sasTokenProperties.resourceName === "string" && sasTokenProperties.resourceName !== "") {
if (sasTokenProperties.containerName === "") {
throw new Error(`illegalArgumentException : ${sasTokenProperties.containerName} is an invalid container name`);
}
switch (sasTokenProperties.resourceKind) {
case "ITEM":
resourcePrefixPath += `${import_common.Constants.Path.Root}${import_common.Constants.Path.DocumentsPathSegment}`;
break;
case "STORED_PROCEDURE":
resourcePrefixPath += `${import_common.Constants.Path.Root}${import_common.Constants.Path.StoredProceduresPathSegment}`;
break;
case "USER_DEFINED_FUNCTION":
resourcePrefixPath += `${import_common.Constants.Path.Root}${import_common.Constants.Path.UserDefinedFunctionsPathSegment}`;
break;
case "TRIGGER":
resourcePrefixPath += `${import_common.Constants.Path.Root}${import_common.Constants.Path.TriggersPathSegment}`;
break;
default:
throw new Error(`illegalArgumentException : ${sasTokenProperties.resourceKind} is an invalid resource kind`);
break;
}
resourcePrefixPath += `${import_common.Constants.Path.Root}${sasTokenProperties.resourceName}${import_common.Constants.Path.Root}`;
}
sasTokenProperties.resourcePath = resourcePrefixPath.toString();
let partitionRanges = "";
if (sasTokenProperties.partitionKeyValueRanges !== void 0 && sasTokenProperties.partitionKeyValueRanges.length > 0) {
if (typeof sasTokenProperties.resourceKind !== "string" && sasTokenProperties.resourceKind !== "ITEM") {
throw new Error(`illegalArgumentException : ${sasTokenProperties.resourceKind} is an invalid partition key value range`);
}
sasTokenProperties.partitionKeyValueRanges.forEach((range) => {
partitionRanges += `${(0, import_encode.encodeUTF8)(range)},`;
});
}
if (sasTokenProperties.controlPlaneReaderScope === 0) {
sasTokenProperties.controlPlaneReaderScope += import_common.SasTokenPermissionKind.ContainerReadAny;
sasTokenProperties.controlPlaneWriterScope += import_common.SasTokenPermissionKind.ContainerReadAny;
}
if (sasTokenProperties.dataPlaneReaderScope === 0 && sasTokenProperties.dataPlaneWriterScope === 0) {
sasTokenProperties.dataPlaneReaderScope = import_common.SasTokenPermissionKind.ContainerFullAccess;
sasTokenProperties.dataPlaneWriterScope = import_common.SasTokenPermissionKind.ContainerFullAccess;
}
if (typeof sasTokenProperties.keyType !== "number" || typeof sasTokenProperties.keyType === "undefined") {
switch (sasTokenProperties.keyType) {
case import_common.CosmosKeyType.PrimaryMaster:
sasTokenProperties.keyType = 1;
break;
case import_common.CosmosKeyType.SecondaryMaster:
sasTokenProperties.keyType = 2;
break;
case import_common.CosmosKeyType.PrimaryReadOnly:
sasTokenProperties.keyType = 3;
break;
case import_common.CosmosKeyType.SecondaryReadOnly:
sasTokenProperties.keyType = 4;
break;
default:
throw new Error(`illegalArgumentException : ${sasTokenProperties.keyType} is an invalid key type`);
break;
}
}
const payload = sasTokenProperties.user + "\n" + sasTokenProperties.userTag + "\n" + sasTokenProperties.resourcePath + "\n" + partitionRanges + "\n" + utcsecondsSinceEpoch(sasTokenProperties.startTime).toString(16) + "\n" + utcsecondsSinceEpoch(sasTokenProperties.expiryTime).toString(16) + "\n" + sasTokenProperties.keyType + "\n" + sasTokenProperties.controlPlaneReaderScope.toString(16) + "\n" + sasTokenProperties.controlPlaneWriterScope.toString(16) + "\n" + sasTokenProperties.dataPlaneReaderScope.toString(16) + "\n" + sasTokenProperties.dataPlaneWriterScope.toString(16) + "\n";
const signedPayload = await (0, import_hmac.hmac)(masterKey, Buffer.from(payload).toString("base64"));
return "type=sas&ver=1.0&sig=" + signedPayload + ";" + Buffer.from(payload).toString("base64");
}
function utcsecondsSinceEpoch(date) {
return Math.round(date.getTime() / 1e3);
}
// Annotate the CommonJS export names for ESM import in node:
0 && (module.exports = {
createAuthorizationSasToken,
utcsecondsSinceEpoch
});