connect-sdk-nodejs
Version:
SDK to communicate with the Worldline Global Collect platform using the Worldline Connect Server API
129 lines • 6.1 kB
JavaScript
;
Object.defineProperty(exports, "__esModule", { value: true });
exports.getObfuscated = exports.withFixedLength = exports.allButFirst = exports.all = exports.allButLast = void 0;
const _ = require("lodash");
const REPLACECHAR = "*";
const INDENT = 2;
const ALL = value => {
const l = value.length;
return _.padStart("", l, REPLACECHAR);
};
/**
* @returns An obfuscation rule that will keep a fixed number of characters at the end, then replaces all other characters with *.
*/
function allButLast(count) {
const rule = value => {
const l = value.length;
const end = value.substring(l - count);
return _.padStart(end, l, REPLACECHAR);
};
return rule;
}
exports.allButLast = allButLast;
/**
* @returns An obfuscation rule that will replace all characters with *.
*/
function all() {
return ALL;
}
exports.all = all;
/**
* @returns An obfuscation rule that will keep a fixed number of characters at the start, then replaces all other characters with *.
*/
function allButFirst(count) {
const rule = value => {
const l = value.length;
const start = value.substring(0, count);
return _.padEnd(start, l, REPLACECHAR);
};
return rule;
}
exports.allButFirst = allButFirst;
/**
* @returns An obfuscation rule that will replace values with a fixed length string containing only *.
*/
function withFixedLength(count) {
// eslint-disable-next-line @typescript-eslint/no-unused-vars
const rule = _value => {
return _.padEnd("", count, REPLACECHAR);
};
return rule;
}
exports.withFixedLength = withFixedLength;
function obfuscationRuleKey(name, toLowerCase) {
return toLowerCase ? name.toLowerCase() : name;
}
function applyObfuscationRule(value, obfuscationRule) {
return obfuscationRule ? obfuscationRule("" + value) : value;
}
function applyObfuscationRules(json, obfuscationRules, toLowerCase) {
if (json === null || typeof json !== "object") {
return json;
}
if (Array.isArray(json)) {
return json.map(value => applyObfuscationRules(value, obfuscationRules, toLowerCase));
}
// Cannot use Object.fromEntries with the current compiler target
// Therefore don't map to entries but directly add to this new object
const result = {};
Object.entries(json).forEach(([key, value]) => {
const newValue = value !== null && typeof value === "object"
? applyObfuscationRules(value, obfuscationRules, toLowerCase)
: applyObfuscationRule(value, obfuscationRules[obfuscationRuleKey(key, toLowerCase)]);
result[key] = newValue;
});
return result;
}
// eslint-disable-next-line @typescript-eslint/no-explicit-any
function getObfuscated(input, context, caseInsensitive = false) {
if (!input) {
return "";
}
if (typeof input === "string") {
try {
input = JSON.parse(input);
}
catch (e) {
const logger = context.getLogger();
if (context.isLoggingEnabled()) {
logger("warn", "Cannot parse input to JSON: " + input);
}
return input;
}
}
const obfuscationRules = {};
obfuscationRules[obfuscationRuleKey("cardNumber", caseInsensitive)] = allButLast(4);
obfuscationRules[obfuscationRuleKey("expiryDate", caseInsensitive)] = allButLast(2);
obfuscationRules[obfuscationRuleKey("cvv", caseInsensitive)] = all();
obfuscationRules[obfuscationRuleKey("iban", caseInsensitive)] = allButLast(4);
obfuscationRules[obfuscationRuleKey("accountNumber", caseInsensitive)] = allButLast(4);
obfuscationRules[obfuscationRuleKey("reformattedAccountNumber", caseInsensitive)] = allButLast(4);
obfuscationRules[obfuscationRuleKey("bin", caseInsensitive)] = allButFirst(6);
// key-value pairs can contain any value, like credit card numbers or other private data; mask all values
obfuscationRules[obfuscationRuleKey("value", caseInsensitive)] = all();
obfuscationRules[obfuscationRuleKey("keyId", caseInsensitive)] = withFixedLength(8);
obfuscationRules[obfuscationRuleKey("secretKey", caseInsensitive)] = withFixedLength(8);
obfuscationRules[obfuscationRuleKey("publicKey", caseInsensitive)] = withFixedLength(8);
obfuscationRules[obfuscationRuleKey("userAuthenticationToken", caseInsensitive)] = withFixedLength(8);
// encrypted payload is a base64 string that contains an encrypted value; to make decrypting even harder, just mask the entire thing
obfuscationRules[obfuscationRuleKey("encryptedPayload", caseInsensitive)] = withFixedLength(8);
// decrypted payload is a simple base64 string that may contain credit card numbers or other private data; just mask the entire thing
obfuscationRules[obfuscationRuleKey("decryptedPayload", caseInsensitive)] = withFixedLength(8);
// encrypted customer input is similar to encrypted payload
obfuscationRules[obfuscationRuleKey("encryptedCustomerInput", caseInsensitive)] = withFixedLength(8);
// headers
obfuscationRules[obfuscationRuleKey("Authorization", caseInsensitive)] = withFixedLength(8);
obfuscationRules[obfuscationRuleKey("WWW-Authenticate", caseInsensitive)] = withFixedLength(8);
obfuscationRules[obfuscationRuleKey("Proxy-Authenticate", caseInsensitive)] = withFixedLength(8);
obfuscationRules[obfuscationRuleKey("Proxy-Authorization", caseInsensitive)] = withFixedLength(8);
obfuscationRules[obfuscationRuleKey("X-GCS-Authentication-Token", caseInsensitive)] = withFixedLength(8);
obfuscationRules[obfuscationRuleKey("X-GCS-CallerPassword", caseInsensitive)] = withFixedLength(8);
const customObfuscationRules = context.getObfuscationRules();
for (const key in customObfuscationRules) {
obfuscationRules[obfuscationRuleKey(key, caseInsensitive)] = customObfuscationRules[key];
}
const obfuscated = applyObfuscationRules(input, obfuscationRules, caseInsensitive);
return JSON.stringify(obfuscated, null, INDENT);
}
exports.getObfuscated = getObfuscated;
//# sourceMappingURL=obfuscate.js.map