@sap/xssec
Version:
XS Advanced Container Security API for node.js
56 lines (47 loc) • 2.01 kB
JavaScript
const { X509Certificate } = require("crypto");
const InvalidClientCertificateError = require("../error/validation/InvalidClientCertificateError");
const { PEM_HEADER, PEM_FOOTER, CLIENT_CERTIFICATE_HEADER } = require("./constants");
module.exports = {
/**
* Escapes Regex special characters in the given string, so that the string can be used for a literal match inside a Regex.
* Regex.escape is only a proposal at the time of writing.
* The source of this code is https://github.com/tc39/proposal-regex-escaping/blob/main/polyfill.js
*/
escapeStringForRegex(s) {
return String(s).replace(/[\\^$*+?.()|[\]{}]/g, '\\$&');
},
/**
* Creates a string cache key from the given key-value pairs, ignoring keys with null or undefined values.
* @param {object} parts
* @returns a cache key in string format, e.g. app_tid:foo:client_id:bar:azp:baz
*/
createCacheKey(parts = {}) {
return Object.entries(parts)
.filter(([value]) => value != null)
.map(([key, value]) => `${key}=${value}`)
.join("|");
},
parsePemCertificate(pem) {
// restore new lines
pem = pem.replaceAll("\\n", "\n");
// add PEM header and footer
if (!pem.startsWith(PEM_HEADER)) pem = `${PEM_HEADER}\n${pem}`;
if (!pem.endsWith(PEM_FOOTER)) pem = `${pem}\n${PEM_FOOTER}`;
try {
return new X509Certificate(pem);
} catch (error) {
throw new InvalidClientCertificateError(pem, error);
}
},
shrinkRequestOptionsForLog(request) {
const maskedRequest = {...request};
maskedRequest.headers = {...request.headers};
if(maskedRequest.agent) {
maskedRequest.agent = "<agent>";
}
if(maskedRequest.headers?.[CLIENT_CERTIFICATE_HEADER]) {
maskedRequest.headers[CLIENT_CERTIFICATE_HEADER] = "<clientCertificatePem>"
}
return maskedRequest;
}
};