UNPKG

@cipherstash/jseql

Version:

Encrypted Query Language JavaScript Library

github.com/cipherstash/jseql

cipherstash/jseql

104 lines (102 loc) 2.79 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
// ../utils/logger/index.ts function getLevelValue(level) { switch (level) { case "debug": return 10; case "info": return 20; case "error": return 30; default: return 30; } } var envLogLevel = process.env.JSEQL_LOG_LEVEL || "info"; var currentLevel = getLevelValue(envLogLevel); function debug(...args) { if (currentLevel <= getLevelValue("debug")) { console.debug("[jseql] DEBUG", ...args); } } function info(...args) { if (currentLevel <= getLevelValue("info")) { console.info("[jseql] INFO", ...args); } } function error(...args) { if (currentLevel <= getLevelValue("error")) { console.error("[jseql] ERROR", ...args); } } var logger = { debug, info, error }; // src/identify/index.ts var LockContext = class { ctsToken; workspaceId; context; constructor({ context = { identityClaim: ["sub"] }, ctsToken } = {}) { if (!process.env.CS_WORKSPACE_ID) { const errorMessage = "CS_WORKSPACE_ID environment variable is not set, and is required to initialize a LockContext."; logger.error(errorMessage); throw new Error(`[jseql]: ${errorMessage}`); } if (ctsToken) { this.ctsToken = ctsToken; } this.workspaceId = process.env.CS_WORKSPACE_ID; this.context = context; logger.debug("Successfully initialized the EQL lock context."); } async identify(jwtToken) { const workspaceId = this.workspaceId; const ctsEndoint = process.env.CS_CTS_ENDPOINT || "https://ap-southeast-2.aws.auth.viturhosted.net"; const ctsResponse = await fetch(`${ctsEndoint}/api/authorize`, { method: "POST", headers: { "Content-Type": "application/json" }, body: JSON.stringify({ workspaceId, oidcToken: jwtToken }) }); if (!ctsResponse.ok) { throw new Error( `[jseql]: Failed to fetch CTS token: ${ctsResponse.statusText}` ); } const ctsToken = await ctsResponse.json(); if (!ctsToken.accessToken) { const errorMessage = "The response from the CipherStash API did not contain an access token. Please contact support."; logger.error(errorMessage); throw new Error(errorMessage); } this.ctsToken = ctsToken; return this; } getLockContext() { if (!this.ctsToken?.accessToken && !this.ctsToken?.expiry) { return { success: false, error: "The CTS token is not set. Please call identify() with a users JWT token, or pass an existing CTS token to the LockContext constructor before calling getLockContext()." }; } return { success: true, context: this.context, ctsToken: this.ctsToken }; } }; export { logger, LockContext }; //# sourceMappingURL=chunk-2GFWYC6S.js.map