@dgac/nmb2b-client
Version:
EUROCONTROL Network Manager B2B SOAP client
108 lines (106 loc) • 4 kB
JavaScript
import { assert } from "./utils/assert.mjs";
import { createDebugLogger } from "./utils/debug.mjs";
import { BasicAuthSecurity, ClientSSLSecurity, ClientSSLSecurityPFX } from "soap";
import fs from "node:fs";
//#region src/security.ts
const debug = createDebugLogger("security");
/**
* Asserts that the provided object is a valid {@link Security} configuration.
* Checks for the presence and validity of required fields for each security type.
*
* @param obj - The object to validate.
* @throws {AssertionError} If the object is not a valid `Security` configuration.
*/
function assertValidSecurity(obj) {
assert(!!obj && typeof obj === "object", "Must be an object");
if ("apiKeyId" in obj) {
assert(!!obj.apiKeyId && typeof obj.apiKeyId === "string" && obj.apiKeyId.length > 0, "security.apiKeyId must be a string with a length > 0");
assert("apiSecretKey" in obj && typeof obj.apiSecretKey === "string" && obj.apiSecretKey.length > 0, "security.apiSecretKey must be defined when using security.apiKeyId");
return;
}
assert("pfx" in obj && Buffer.isBuffer(obj.pfx) || "cert" in obj && Buffer.isBuffer(obj.cert), "security.pfx or security.cert must be buffers");
if ("cert" in obj && obj.cert) assert("key" in obj && obj.key && Buffer.isBuffer(obj.key), "security.key must be a buffer if security.pem is defined");
}
/**
* @deprecated Use {@link assertValidSecurity} instead.
*/
function isValidSecurity(obj) {
assertValidSecurity(obj);
return true;
}
/**
* @internal
*/
function prepareSecurity(config) {
const { security } = config;
if ("apiKeyId" in security) {
const { apiKeyId, apiSecretKey } = security;
debug("Using ApiGateway security");
return new BasicAuthSecurity(apiKeyId, apiSecretKey);
} else if ("pfx" in security) {
const { pfx, passphrase } = security;
debug("Using PFX certificates");
return new ClientSSLSecurityPFX(pfx, passphrase);
} else if ("cert" in security) {
debug("Using PEM certificates");
const { key, cert, passphrase } = security;
return new ClientSSLSecurity(key, cert, void 0, passphrase ? { passphrase } : null);
}
throw new Error("Invalid security object");
}
let envSecurity;
/**
* Create a security objet from environment variables
*
* Will cache data for future use.
*
* @returns Security configuration
*/
function fromEnv() {
if (envSecurity) return envSecurity;
envSecurity = fromValues(process.env);
return envSecurity;
}
/**
* Convenience function to clear the cached security objet
*/
function clearCache() {
envSecurity = void 0;
}
/**
* Create a security objet from an environment-like object
*
* @param env Environment variables
* @returns Security configuration
*/
function fromValues(env) {
const { B2B_CERT, B2B_API_KEY_ID, B2B_API_SECRET_KEY } = env;
if (!B2B_CERT && !B2B_API_KEY_ID) throw new Error("Please define a B2B_CERT or a B2B_API_KEY_ID environment variable");
if (B2B_API_KEY_ID) {
if (!B2B_API_SECRET_KEY) throw new Error(`When using B2B_API_KEY_ID, a B2B_API_SECRET_KEY must be defined`);
return {
apiKeyId: B2B_API_KEY_ID,
apiSecretKey: B2B_API_SECRET_KEY
};
}
if (!B2B_CERT) throw new Error("Should never happen");
if (!fs.existsSync(B2B_CERT)) throw new Error(`${B2B_CERT} is not a valid certificate file`);
const pfxOrPem = fs.readFileSync(B2B_CERT);
if (!env.B2B_CERT_FORMAT || env.B2B_CERT_FORMAT === "pfx") return {
pfx: pfxOrPem,
passphrase: env.B2B_CERT_PASSPHRASE ?? ""
};
else if (env.B2B_CERT_FORMAT === "pem") {
if (!env.B2B_CERT_KEY || !fs.existsSync(env.B2B_CERT_KEY)) throw new Error("Please define a valid B2B_CERT_KEY environment variable");
const security = {
cert: pfxOrPem,
key: fs.readFileSync(env.B2B_CERT_KEY)
};
if (env.B2B_CERT_PASSPHRASE) security.passphrase = env.B2B_CERT_PASSPHRASE;
return security;
}
throw new Error("Unsupported B2B_CERT_FORMAT, must be pfx or pem");
}
//#endregion
export { assertValidSecurity, clearCache, fromEnv, fromValues, isValidSecurity, prepareSecurity };
//# sourceMappingURL=security.mjs.map