@nordicsemiconductor/asset-tracker-cloud-aws
Version:
A reference implementation of a serverless backend for an IoT product developed using AWS CDK in TypeScript.
338 lines (337 loc) • 13.4 kB
JavaScript
function asyncGeneratorStep(gen, resolve, reject, _next, _throw, key, arg) {
try {
var info = gen[key](arg);
var value = info.value;
} catch (error) {
reject(error);
return;
}
if (info.done) {
resolve(value);
} else {
Promise.resolve(value).then(_next, _throw);
}
}
function _async_to_generator(fn) {
return function() {
var self = this, args = arguments;
return new Promise(function(resolve, reject) {
var gen = fn.apply(self, args);
function _next(value) {
asyncGeneratorStep(gen, resolve, reject, _next, _throw, "next", value);
}
function _throw(err) {
asyncGeneratorStep(gen, resolve, reject, _next, _throw, "throw", err);
}
_next(undefined);
});
};
}
function _define_property(obj, key, value) {
if (key in obj) {
Object.defineProperty(obj, key, {
value: value,
enumerable: true,
configurable: true,
writable: true
});
} else {
obj[key] = value;
}
return obj;
}
function _object_spread(target) {
for(var i = 1; i < arguments.length; i++){
var source = arguments[i] != null ? arguments[i] : {};
var ownKeys = Object.keys(source);
if (typeof Object.getOwnPropertySymbols === "function") {
ownKeys = ownKeys.concat(Object.getOwnPropertySymbols(source).filter(function(sym) {
return Object.getOwnPropertyDescriptor(source, sym).enumerable;
}));
}
ownKeys.forEach(function(key) {
_define_property(target, key, source[key]);
});
}
return target;
}
function _ts_generator(thisArg, body) {
var f, y, t, g, _ = {
label: 0,
sent: function() {
if (t[0] & 1) throw t[1];
return t[1];
},
trys: [],
ops: []
};
return g = {
next: verb(0),
"throw": verb(1),
"return": verb(2)
}, typeof Symbol === "function" && (g[Symbol.iterator] = function() {
return this;
}), g;
function verb(n) {
return function(v) {
return step([
n,
v
]);
};
}
function step(op) {
if (f) throw new TypeError("Generator is already executing.");
while(_)try {
if (f = 1, y && (t = op[0] & 2 ? y["return"] : op[0] ? y["throw"] || ((t = y["return"]) && t.call(y), 0) : y.next) && !(t = t.call(y, op[1])).done) return t;
if (y = 0, t) op = [
op[0] & 2,
t.value
];
switch(op[0]){
case 0:
case 1:
t = op;
break;
case 4:
_.label++;
return {
value: op[1],
done: false
};
case 5:
_.label++;
y = op[1];
op = [
0
];
continue;
case 7:
op = _.ops.pop();
_.trys.pop();
continue;
default:
if (!(t = _.trys, t = t.length > 0 && t[t.length - 1]) && (op[0] === 6 || op[0] === 2)) {
_ = 0;
continue;
}
if (op[0] === 3 && (!t || op[1] > t[0] && op[1] < t[3])) {
_.label = op[1];
break;
}
if (op[0] === 6 && _.label < t[1]) {
_.label = t[1];
t = op;
break;
}
if (t && _.label < t[2]) {
_.label = t[2];
_.ops.push(op);
break;
}
if (t[2]) _.ops.pop();
_.trys.pop();
continue;
}
op = body.call(thisArg, _);
} catch (e) {
op = [
6,
e
];
y = 0;
} finally{
f = t = 0;
}
if (op[0] & 5) throw op[1];
return {
value: op[0] ? op[1] : void 0,
done: true
};
}
}
import { CloudFormationClient } from '@aws-sdk/client-cloudformation';
import { DeleteCACertificateCommand, DescribeCACertificateCommand, IoTClient, UpdateCACertificateCommand } from '@aws-sdk/client-iot';
import { stackOutput } from '@nordicsemiconductor/cloudformation-helpers';
import chalk from 'chalk';
import { CORE_STACK_NAME } from '../../cdk/stacks/stackName.js';
import { getCurrentCA } from '../jitp/currentCA.js';
import { listRegisteredCAs } from '../jitp/listRegisteredCAs.js';
var purgeCACertificate = function(param) {
var iot = param.iot, thingGroupName = param.thingGroupName;
return function() {
var _ref = _async_to_generator(function(certificateId) {
var _cert_registrationConfig, _config_Resources_thing_Properties, _config_Resources_thing, _config_Resources, cert, _cert_registrationConfig_templateBody, config, _config_Resources_thing_Properties_ThingGroups;
return _ts_generator(this, function(_state) {
switch(_state.label){
case 0:
return [
4,
iot.send(new DescribeCACertificateCommand({
certificateId: certificateId
}))
];
case 1:
cert = _state.sent();
config = JSON.parse((_cert_registrationConfig_templateBody = (_cert_registrationConfig = cert.registrationConfig) === null || _cert_registrationConfig === void 0 ? void 0 : _cert_registrationConfig.templateBody) !== null && _cert_registrationConfig_templateBody !== void 0 ? _cert_registrationConfig_templateBody : '{}');
if (!((_config_Resources_thing_Properties_ThingGroups = config === null || config === void 0 ? void 0 : (_config_Resources = config.Resources) === null || _config_Resources === void 0 ? void 0 : (_config_Resources_thing = _config_Resources.thing) === null || _config_Resources_thing === void 0 ? void 0 : (_config_Resources_thing_Properties = _config_Resources_thing.Properties) === null || _config_Resources_thing_Properties === void 0 ? void 0 : _config_Resources_thing_Properties.ThingGroups) !== null && _config_Resources_thing_Properties_ThingGroups !== void 0 ? _config_Resources_thing_Properties_ThingGroups : []).includes(thingGroupName)) return [
3,
4
];
console.log("Marking CA certificate ".concat(certificateId, " as INACTIVE ..."));
return [
4,
iot.send(new UpdateCACertificateCommand({
certificateId: certificateId,
newStatus: 'INACTIVE'
}))
];
case 2:
_state.sent();
console.log("Deleting CA certificate ".concat(certificateId, "..."));
return [
4,
iot.send(new DeleteCACertificateCommand({
certificateId: certificateId
}))
];
case 3:
_state.sent();
return [
3,
5
];
case 4:
console.error(chalk.yellow.dim("Not a nRF Asset Tracker CA: ".concat(certificateId)));
_state.label = 5;
case 5:
return [
2
];
}
});
});
return function(certificateId) {
return _ref.apply(this, arguments);
};
}();
};
export var purgeCAsCommand = function(param) {
var certsDir = param.certsDir;
return {
command: 'purge-cas',
options: [
{
flags: '-i, --caId <caId>',
description: 'CA ID, if left blank all CAs will be purged'
},
{
flags: '-c, --current',
description: 'Purge current CA'
}
],
action: function() {
var _ref = _async_to_generator(function(param) {
var caId, current, iot, thingGroupName, _tmp, purge, _iteratorNormalCompletion, _didIteratorError, _iteratorError, _iterator, _step, id, err;
return _ts_generator(this, function(_state) {
switch(_state.label){
case 0:
caId = param.caId, current = param.current;
iot = new IoTClient({});
_tmp = [
{}
];
return [
4,
stackOutput(new CloudFormationClient({}))(CORE_STACK_NAME)
];
case 1:
thingGroupName = _object_spread.apply(void 0, _tmp.concat([
_state.sent()
])).thingGroupName;
purge = purgeCACertificate({
iot: iot,
thingGroupName: thingGroupName
});
if (caId !== undefined) return [
2,
purge(caId)
];
if (current === true) return [
2,
purge(getCurrentCA({
certsDir: certsDir
}))
];
_iteratorNormalCompletion = true, _didIteratorError = false, _iteratorError = undefined;
_state.label = 2;
case 2:
_state.trys.push([
2,
7,
8,
9
]);
_iterator = Object.values(listRegisteredCAs({
iot: iot
}))[Symbol.iterator]();
_state.label = 3;
case 3:
if (!!(_iteratorNormalCompletion = (_step = _iterator.next()).done)) return [
3,
6
];
id = _step.value;
return [
4,
purge(id)
];
case 4:
_state.sent();
_state.label = 5;
case 5:
_iteratorNormalCompletion = true;
return [
3,
3
];
case 6:
return [
3,
9
];
case 7:
err = _state.sent();
_didIteratorError = true;
_iteratorError = err;
return [
3,
9
];
case 8:
try {
if (!_iteratorNormalCompletion && _iterator.return != null) {
_iterator.return();
}
} finally{
if (_didIteratorError) {
throw _iteratorError;
}
}
return [
7
];
case 9:
return [
2
];
}
});
});
return function(_) {
return _ref.apply(this, arguments);
};
}(),
help: 'Purges all nRF Asset Tracker CAs'
};
};