UNPKG

@confluentinc/schemaregistry

Version:

Node.js client for Confluent Schema Registry

github.com/confluentinc/confluent-kafka-javascript

confluentinc/confluent-kafka-javascript

152 lines (151 loc) 6.73 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
"use strict"; var __importDefault = (this && this.__importDefault) || function (mod) { return (mod && mod.__esModule) ? mod : { "default": mod }; }; Object.defineProperty(exports, "__esModule", { value: true }); exports.DekRegistryClient = void 0; const lru_cache_1 = require("lru-cache"); const async_mutex_1 = require("async-mutex"); const rest_service_1 = require("../../../rest-service"); const json_stringify_deterministic_1 = __importDefault(require("json-stringify-deterministic")); const mock_dekregistry_client_1 = require("./mock-dekregistry-client"); class DekRegistryClient { constructor(config) { const cacheOptions = { max: config.cacheCapacity !== undefined ? config.cacheCapacity : 1000, ...(config.cacheLatestTtlSecs !== undefined && { ttl: config.cacheLatestTtlSecs * 1000 }), }; this.restService = new rest_service_1.RestService(config.baseURLs, config.isForward, config.createAxiosDefaults, config.basicAuthCredentials, config.bearerAuthCredentials, config.maxRetries, config.retriesWaitMs, config.retriesMaxWaitMs); this.kekCache = new lru_cache_1.LRUCache(cacheOptions); this.dekCache = new lru_cache_1.LRUCache(cacheOptions); this.kekMutex = new async_mutex_1.Mutex(); this.dekMutex = new async_mutex_1.Mutex(); } static newClient(config) { const url = config.baseURLs[0]; if (url.startsWith("mock://")) { return new mock_dekregistry_client_1.MockDekRegistryClient(); } return new DekRegistryClient(config); } static getEncryptedKeyMaterialBytes(dek) { if (!dek.encryptedKeyMaterial) { return null; } if (!dek.encryptedKeyMaterialBytes) { try { const bytes = Buffer.from(dek.encryptedKeyMaterial, 'base64'); dek.encryptedKeyMaterialBytes = bytes; } catch (err) { if (err instanceof Error) { throw new Error(`Failed to decode base64 string: ${err.message}`); } throw new Error(`Unknown error: ${err}`); } } return dek.encryptedKeyMaterialBytes; } static getKeyMaterialBytes(dek) { if (!dek.keyMaterial) { return null; } if (!dek.keyMaterialBytes) { try { const bytes = Buffer.from(dek.keyMaterial, 'base64'); dek.keyMaterialBytes = bytes; } catch (err) { if (err instanceof Error) { throw new Error(`Failed to decode base64 string: ${err.message}`); } throw new Error(`Unknown error: ${err}`); } } return dek.keyMaterialBytes; } static setKeyMaterial(dek, keyMaterialBytes) { if (keyMaterialBytes) { const str = keyMaterialBytes.toString('base64'); dek.keyMaterial = str; } } async registerKek(name, kmsType, kmsKeyId, shared, kmsProps, doc) { const cacheKey = (0, json_stringify_deterministic_1.default)({ name, deleted: false }); return await this.kekMutex.runExclusive(async () => { const kek = this.kekCache.get(cacheKey); if (kek) { return kek; } const request = { name, kmsType, kmsKeyId, ...kmsProps && { kmsProps }, ...doc && { doc }, shared, }; const response = await this.restService.handleRequest('/dek-registry/v1/keks', 'POST', request); this.kekCache.set(cacheKey, response.data); return response.data; }); } async getKek(name, deleted = false) { const cacheKey = (0, json_stringify_deterministic_1.default)({ name, deleted }); return await this.kekMutex.runExclusive(async () => { const kek = this.kekCache.get(cacheKey); if (kek) { return kek; } name = encodeURIComponent(name); const response = await this.restService.handleRequest(`/dek-registry/v1/keks/${name}?deleted=${deleted}`, 'GET'); this.kekCache.set(cacheKey, response.data); return response.data; }); } async registerDek(kekName, subject, algorithm, version = 1, encryptedKeyMaterial) { const cacheKey = (0, json_stringify_deterministic_1.default)({ kekName, subject, version, algorithm, deleted: false }); return await this.dekMutex.runExclusive(async () => { const dek = this.dekCache.get(cacheKey); if (dek) { return dek; } const request = { subject, version, algorithm, ...encryptedKeyMaterial && { encryptedKeyMaterial }, }; kekName = encodeURIComponent(kekName); const response = await this.restService.handleRequest(`/dek-registry/v1/keks/${kekName}/deks`, 'POST', request); this.dekCache.set(cacheKey, response.data); this.dekCache.delete((0, json_stringify_deterministic_1.default)({ kekName, subject, version: -1, algorithm, deleted: false })); this.dekCache.delete((0, json_stringify_deterministic_1.default)({ kekName, subject, version: -1, algorithm, deleted: true })); return response.data; }); } async getDek(kekName, subject, algorithm, version = 1, deleted = false) { const cacheKey = (0, json_stringify_deterministic_1.default)({ kekName, subject, version, algorithm, deleted }); return await this.dekMutex.runExclusive(async () => { const dek = this.dekCache.get(cacheKey); if (dek) { return dek; } kekName = encodeURIComponent(kekName); subject = encodeURIComponent(subject); const response = await this.restService.handleRequest(`/dek-registry/v1/keks/${kekName}/deks/${subject}/versions/${version}?algorithm=${algorithm}&deleted=${deleted}`, 'GET'); this.dekCache.set(cacheKey, response.data); return response.data; }); } async close() { return; } //Cache methods for testing async checkLatestDekInCache(kekName, subject, algorithm) { const cacheKey = (0, json_stringify_deterministic_1.default)({ kekName, subject, version: -1, algorithm, deleted: false }); const cachedDek = this.dekCache.get(cacheKey); return cachedDek !== undefined; } } exports.DekRegistryClient = DekRegistryClient;