UNPKG

@nestia/core

Version:

Super-fast validation decorators of NestJS

nestia.io

samchon/nestia

86 lines 4.05 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
"use strict"; var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) { function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); } return new (P || (P = Promise))(function (resolve, reject) { function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } } function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } } function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); } step((generator = generator.apply(thisArg, _arguments || [])).next()); }); }; Object.defineProperty(exports, "__esModule", { value: true }); exports.EncryptedBody = EncryptedBody; const AesPkcs5_1 = require("@nestia/fetcher/lib/AesPkcs5"); const common_1 = require("@nestjs/common"); const Singleton_1 = require("../utils/Singleton"); const EncryptedConstant_1 = require("./internal/EncryptedConstant"); const get_text_body_1 = require("./internal/get_text_body"); const headers_to_object_1 = require("./internal/headers_to_object"); const validate_request_body_1 = require("./internal/validate_request_body"); /** * Encrypted body decorator. * * `EncryptedBody` is a decorator function getting `application/json` typed data * from request body which has been encrypted by AES-128/256 algorithm. Also, * `EncryptedBody` validates the request body data type through * [typia](https://github.com/samchon/typia) ad the validation speed is maximum * 15,000x times faster than `class-validator`. * * For reference, when the request body data is not following the promised type * `T`, `BadRequestException` error (status code: 400) would be thrown. Also, * `EncryptedRoute` decrypts request body using those options. * * - AES-128/256 * - CBC mode * - PKCS #5 Padding * - Base64 Encoding * * @author Jeongho Nam - https://github.com/samchon * @returns Parameter decorator */ function EncryptedBody(validator) { const checker = (0, validate_request_body_1.validate_request_body)("EncryptedBody")(validator); return (0, common_1.createParamDecorator)(function EncryptedBody(_unknown, context) { return __awaiter(this, void 0, void 0, function* () { const request = context .switchToHttp() .getRequest(); if (isTextPlain(request.headers["content-type"]) === false) throw new common_1.BadRequestException(`Request body type is not "text/plain".`); const param = Reflect.getMetadata(EncryptedConstant_1.ENCRYPTION_METADATA_KEY, context.getClass()); if (!param) throw new Error("Error on nestia.core.EncryptedBody(): no encryption password is given."); // GET BODY DATA const headers = new Singleton_1.Singleton(() => (0, headers_to_object_1.headers_to_object)(request.headers)); const body = yield (0, get_text_body_1.get_text_body)(request); const password = typeof param === "function" ? param({ headers: headers.get(), body, direction: "decode" }) : param; // PARSE AND VALIDATE DATA const data = JSON.parse(decrypt(body, password.key, password.iv)); const error = checker(data); if (error !== null) throw error; return data; }); })(); } /** @internal */ const decrypt = (body, key, iv) => { try { return AesPkcs5_1.AesPkcs5.decrypt(body, key, iv); } catch (exp) { if (exp instanceof Error) throw new common_1.BadRequestException("Failed to decrypt the request body. Check your body content or encryption password."); else throw exp; } }; /** @internal */ const isTextPlain = (text) => text !== undefined && text .split(";") .map((str) => str.trim()) .some((str) => str === "text/plain"); //# sourceMappingURL=EncryptedBody.js.map