UNPKG

@confluentinc/schemaregistry

Version:

Node.js client for Confluent Schema Registry

github.com/confluentinc/confluent-kafka-javascript

confluentinc/confluent-kafka-javascript

78 lines (77 loc) 3.38 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
"use strict"; var __importDefault = (this && this.__importDefault) || function (mod) { return (mod && mod.__esModule) ? mod : { "default": mod }; }; Object.defineProperty(exports, "__esModule", { value: true }); exports._AzureIMDSBearerToken = exports._AzureIMDSOAuthClient = exports._AzureIMDSOAuthClientBuilder = void 0; const abstract_oauth_client_1 = require("./abstract-oauth-client"); const wreck_1 = __importDefault(require("@hapi/wreck")); const TOKEN_EXPIRATION_THRESHOLD_PERCENTAGE = 0.8; class AzureIMDSBearerToken { constructor() { this.access_token = undefined; this.expires_in = undefined; this.expires_on = undefined; } } exports._AzureIMDSBearerToken = AzureIMDSBearerToken; class AzureIMDSOAuthClientBuilder extends abstract_oauth_client_1._AbstractBearerTokenProviderBuilder { constructor(bearerAuthCredentials) { super(bearerAuthCredentials); } validate() { super.validate(); if (!this.bearerAuthCredentials.issuerEndpointUrl && !this.bearerAuthCredentials.issuerEndpointQuery) throw new Error(`Missing required configuration property: issuerEndpointQuery`); } build(maxRetries, retriesWaitMs, retriesMaxWaitMs) { this.validate(); return new AzureIMDSOAuthClient(this.bearerAuthCredentials, maxRetries, retriesWaitMs, retriesMaxWaitMs); } } exports._AzureIMDSOAuthClientBuilder = AzureIMDSOAuthClientBuilder; class AzureIMDSOAuthClient extends abstract_oauth_client_1._AbstractOAuthClient { constructor(bearerAuthCredentials, maxRetries, retriesWaitMs, retriesMaxWaitMs) { super(bearerAuthCredentials, maxRetries, retriesWaitMs, retriesMaxWaitMs); this.tokenEndpoint = bearerAuthCredentials.issuerEndpointUrl || AzureIMDSOAuthClient.DEFAULT_AZURE_IMDS_TOKEN_ENDPOINT; if (bearerAuthCredentials.issuerEndpointQuery) { const url = new URL(this.tokenEndpoint); url.search = bearerAuthCredentials.issuerEndpointQuery; url.hash = ''; this.tokenEndpoint = url.toString(); } } async fetchToken() { const { payload } = await wreck_1.default.get(this.tokenEndpoint, { headers: { Metadata: 'true' }, json: 'force', timeout: 30000 // 30 seconds limit for each request }); this.tokenObject = payload; return this.getAccessTokenString(); } tokenExpired() { if (!this.tokenObject?.expires_in || !this.tokenObject?.expires_on) return true; const expiresIn = +this.tokenObject.expires_in; let expiresOn = +this.tokenObject.expires_on; if (isNaN(expiresIn) || isNaN(expiresOn)) return true; const expiryWindow = expiresIn * 1000 * TOKEN_EXPIRATION_THRESHOLD_PERCENTAGE; expiresOn = expiresOn * 1000; return expiresOn < Date.now() + expiryWindow; } getAccessTokenString() { const accessToken = this.tokenObject?.access_token; if (typeof accessToken !== 'string') { throw new Error('Access token is not available'); } return accessToken; } } exports._AzureIMDSOAuthClient = AzureIMDSOAuthClient; AzureIMDSOAuthClient.DEFAULT_AZURE_IMDS_TOKEN_ENDPOINT = 'http://169.254.169.254/metadata/identity/oauth2/token';