@confluentinc/schemaregistry
Version:
Node.js client for Confluent Schema Registry
44 lines (43 loc) • 1.79 kB
JavaScript
;
var __importDefault = (this && this.__importDefault) || function (mod) {
return (mod && mod.__esModule) ? mod : { "default": mod };
};
Object.defineProperty(exports, "__esModule", { value: true });
exports.HcVaultClient = void 0;
const hcvault_driver_1 = require("./hcvault-driver");
const node_vault_1 = __importDefault(require("node-vault"));
class HcVaultClient {
constructor(keyUri, namespace, token) {
if (!keyUri.startsWith(hcvault_driver_1.HcVaultDriver.PREFIX)) {
throw new Error(`key uri must start with ${hcvault_driver_1.HcVaultDriver.PREFIX}`);
}
this.keyUri = keyUri;
this.keyId = keyUri.substring(hcvault_driver_1.HcVaultDriver.PREFIX.length);
let url = new URL(this.keyId);
let parts = url.pathname.split('/');
if (parts.length === 0) {
throw new Error('key uri must contain a key name');
}
this.keyName = parts.pop();
this.kmsClient = (0, node_vault_1.default)({
endpoint: url.protocol + '//' + url.host,
...namespace && { namespace },
...token && { token },
apiVersion: 'v1',
});
}
supported(keyUri) {
return this.keyUri === keyUri;
}
async encrypt(plaintext) {
const response = await this.kmsClient.encryptData({ name: this.keyName, plaintext: plaintext.toString('base64') });
let data = response.data.ciphertext;
return Buffer.from(data, 'utf8');
}
async decrypt(ciphertext) {
const response = await this.kmsClient.decryptData({ name: this.keyName, ciphertext: ciphertext.toString('utf8') });
let data = response.data.plaintext;
return Buffer.from(data, 'base64');
}
}
exports.HcVaultClient = HcVaultClient;