k2hr3-api
Version:
K2HR3 REST API is K2hdkc based Resource and Roles and policy Rules
720 lines (719 loc) • 30 kB
JavaScript
"use strict";
/*
* K2HR3 REST API
*
* Copyright 2017 Yahoo Japan Corporation.
*
* K2HR3 is K2hdkc based Resource and Roles and policy Rules, gathers
* common management information for the cloud.
* K2HR3 can dynamically manage information as "who", "what", "operate".
* These are stored as roles, resources, policies in K2hdkc, and the
* client system can dynamically read and modify these information.
*
* For the full copyright and license information, please view
* the license file that was distributed with this source code.
*
* AUTHOR: Takeshi Nakatani
* CREATE: Mon Dec 25 2017
* REVISION:
*
*/
var __importDefault = (this && this.__importDefault) || function (mod) {
return (mod && mod.__esModule) ? mod : { "default": mod };
};
Object.defineProperty(exports, "__esModule", { value: true });
exports.dummyuserapi = void 0;
const k2hr3apiutil_1 = __importDefault(require("./k2hr3apiutil"));
const k2hr3dkc_1 = __importDefault(require("./k2hr3dkc"));
const dbglogging_1 = __importDefault(require("./dbglogging"));
const k2hr3keys_1 = require("./k2hr3keys");
//
// Dummy endpoint and etc
//
const dummy_region_name = 'dummy_endpoint';
const dummy_endpoint_url = 'https://dummyep.k2hr3api.yahoo.co.jp/';
//
// Endpoint for user's server group(tenant) information for dummy
//
let dummy_ep = null;
const dummyapi_ep = () => {
if (k2hr3apiutil_1.default.isSafeEntity(dummy_ep)) {
return dummy_ep;
}
const keys = (0, k2hr3keys_1.getK2hr3Keys)();
let res_ep = k2hr3dkc_1.default.getKeystoneEndpoint(dummy_region_name);
if (res_ep.result && k2hr3apiutil_1.default.isPlainObject(res_ep.keystones)) {
const tmpRegion = res_ep.keystones[dummy_region_name];
if (k2hr3apiutil_1.default.isPlainObject(tmpRegion) &&
k2hr3apiutil_1.default.isSafeString(tmpRegion.url) &&
k2hr3apiutil_1.default.isSafeString(tmpRegion.type) &&
keys.VALUE_KEYSTONE_SUB === tmpRegion.type) {
// already has endpoint
dummy_ep = k2hr3apiutil_1.default.urlParse(tmpRegion.url);
dummy_ep.region = dummy_region_name;
// for debug
dbglogging_1.default.dlog('dummy get group information for user : end point = ' + JSON.stringify(dummy_ep));
return dummy_ep;
}
}
// not register yet, then register it.
res_ep = k2hr3dkc_1.default.setKeystoneEndpointAll(dummy_region_name, dummy_endpoint_url, keys.VALUE_KEYSTONE_SUB, 0);
if (res_ep.result) {
// succeed, retry to get
res_ep = k2hr3dkc_1.default.getKeystoneEndpoint(dummy_region_name);
if (res_ep.result && k2hr3apiutil_1.default.isSafeEntity(res_ep.keystones)) {
const tmpRegion = res_ep.keystones[dummy_region_name];
if (k2hr3apiutil_1.default.isSafeEntity(tmpRegion) &&
k2hr3apiutil_1.default.isSafeString(tmpRegion.url) &&
k2hr3apiutil_1.default.isSafeString(tmpRegion.type) &&
keys.VALUE_KEYSTONE_SUB === tmpRegion.type) {
dummy_ep = k2hr3apiutil_1.default.urlParse(tmpRegion.url);
dummy_ep.region = dummy_region_name;
// for debug
dbglogging_1.default.dlog('dummy get group information for user : end point = ' + JSON.stringify(dummy_ep));
return dummy_ep;
}
}
// failed to re-get
dbglogging_1.default.elog('could not set and re-get dummy endpoint into k2hdkc, then build endpoint url object in local. but create it locally.');
dummy_ep = k2hr3apiutil_1.default.urlParse(dummy_endpoint_url);
dummy_ep.region = dummy_region_name;
}
else {
// failed to set
dbglogging_1.default.elog('could not set dummy endpoint into k2hdkc, then build endpoint url object in local. but create it locally.');
dummy_ep = k2hr3apiutil_1.default.urlParse(dummy_endpoint_url);
dummy_ep.region = dummy_region_name;
}
// for debug
dbglogging_1.default.dlog('dummy get group information for user : end point = ' + JSON.stringify(dummy_ep));
return dummy_ep;
};
//---------------------------------------------------------
// [User Token for case of dummy]
//---------------------------------------------------------
//
// Token: Token Id(################)
// X-Auth-Token: U=Token Id
// Token Id: The "Token Id" is a unique hex number string for 128bit.
// "Token Id" = "(<base id(64bit:8byte)> ^ <crypt id(64bit:8byte)>)" + "(<userex id(64bit:8byte)> ^ <crypt id(64bit:8byte)>)"
// User Token Key: "yrn:yahoo::::token:user/<Token Id>"
// User Token Seed: {
// publisher: "DUMMYUSERAPI"
// userexid: "user extra id(user generated extra id)"
// date: "UTC time at create"
// expire: "UTC time at expire"
// creator: "User full yrn"
// base: "generated 64bit random binary"
// user: "user name"
// ip: always null
// hostname: always null
// port: always 0
// cuk: always null
// extra: always null
// tenant: if scoped token, this is "tenant name". if not, this is null
// verify: "random 64bit id for verify token"
// }
//
// [NOTE]
// "user id from dummy" which is in "Token Id" is included from dummy user.
// This Seed value is secret, any API could not get this value directly.
//
// Keys in K2hdkc has the following relationship. "seed" is special key/value for dummy and like it.
// Token key: "yrn:yahoo::::token:user/<token>"
// value => "yrn:yahoo::::user:dummy:tenant/{<tenant>}/token/<token>"
// User token key: "yrn:yahoo::::user:dummy:tenant/{<tenant>}/token/<token>"
// value => "region name"
// subkeys => "yrn:yahoo::::user:dummy:tenant/{<tenant>}/token/<token>/seed"
// User token seed key: "yrn:yahoo::::user:dummy:tenant/{<tenant>}/token/<token>/seed"
// value => JSON seed information(token value)
//
//---------------------------------------------------------
// Create User Token For dummy user
//---------------------------------------------------------
// user : user name which is allowed any name
// result : {
// result: true/false
// message: null or error message string
// token: undefined(error) or user token string
// expire_at: expire date(UTC ISO 8601)
// token_seed: JSON token seed data
// userid: set userid
// }
//
// [NOTE]
// user token seed value is following
// {
// publisher: "DUMMYUSERAPI"
// userexid: "user extra id(a part of seed uuid4)"
// date: "UTC ISO 8601 time at create"
// expire: "UTC ISO 8601 time at expire"
// creator: "User full yrn"
// base: "32byte hex string"
// user: "user name"
// ip: always null
// hostname: always null
// port: always 0
// cuk: always null
// extra: always null
// tenant: if scoped token, this is "tenant name". if not, this is null
// }
//
const rawCreateUserTokenByDummyUser = (user, tenant) => {
const resobj = { result: true, message: null };
if (!k2hr3apiutil_1.default.isSafeString(user)) { // allow another parameter is null
resobj.result = false;
resobj.message = 'parameter is wrong : user=' + JSON.stringify(user);
dbglogging_1.default.elog(resobj.message);
return resobj;
}
if (!k2hr3apiutil_1.default.isSafeString(tenant)) {
tenant = null;
}
const dkcobj = k2hr3dkc_1.default.getK2hdkc(true, false); // use permanent object(need to clean)
user = user.toLowerCase();
const keys = (0, k2hr3keys_1.getK2hr3Keys)(user, null);
if (!k2hr3apiutil_1.default.isSafeEntity(dkcobj)) {
resobj.result = false;
resobj.message = 'Not initialize yet.';
dbglogging_1.default.elog(resobj.message);
return resobj;
}
// check user id exists.
let userid = dkcobj.getValue(keys.USER_ID_KEY, null, true, null); // yrn:yahoo::::user:<user>:id
if (!k2hr3apiutil_1.default.isSafeString(userid)) {
// make dummy user id
userid = k2hr3apiutil_1.default.getStrUuid4(); // Dummy user id(uuid4)
}
// user seed id(generated every time)
const user_ex_id = k2hr3apiutil_1.default.getStrUuid4(); // seed(uuid4)
// make token seed value
const expire_limit = 24 * 60 * 60; // default 24H expire for dummy user
const now_unixtime = k2hr3apiutil_1.default.getUnixtime();
// create key
for (let is_loop = true; is_loop;) { // for eslint
// make user token
const token_elements = k2hr3apiutil_1.default.makeStringToken256(user_ex_id, userid);
if (!k2hr3apiutil_1.default.isSafeEntity(token_elements)) {
resobj.result = false;
resobj.message = 'could not make token from ' + JSON.stringify(user_ex_id) + ' and ' + JSON.stringify(userid);
dbglogging_1.default.elog(resobj.message);
dkcobj.clean();
return resobj;
}
const token_seed = {
publisher: 'DUMMYUSERAPI', // "DUMMYUSERAPI"
userexid: user_ex_id, // seed(uuid4)
date: (new Date(now_unixtime * 1000)).toISOString(), // now date(UTC ISO 8601)
expire: (new Date((now_unixtime + expire_limit) * 1000)).toISOString(), // expire date(UTC ISO 8601)
creator: keys.USER_KEY, // "yrn:yahoo::::user:<user>"
user: user, // user(creator)
hostname: null, // hostname(creator)
ip: null, // ip(creator)
port: 0, // port(creator)
cuk: null, // cuk(creator)
extra: null, // extra(creator)
tenant: tenant, // tenant(if scope, not null)
base: token_elements.str_base // token base
};
const user_token = token_elements.str_token;
// user token key
const token_user_key = keys.TOKEN_USER_TOP_KEY + '/' + user_token; // "yrn:yahoo::::token:user/<user token>"
// get user token for existing check
const value = dkcobj.getValue(token_user_key, null, true, null);
if (!k2hr3apiutil_1.default.isSafeEntity(value)) {
// Add user token/expire/seed into result object.
resobj.token = user_token;
resobj.expire_at = token_seed.expire;
resobj.token_seed = JSON.stringify(token_seed);
resobj.userid = userid;
break;
}
dbglogging_1.default.dlog('conflict user token(' + user_token + ') which already is used, so remake token for uniq.');
}
dkcobj.clean();
return resobj;
};
//---------------------------------------------------------
// Verify User Token Publisher For dummy user
//---------------------------------------------------------
//
// token_seed : token seed data
//
// result : {
// result: true/false
// message: null or error message string
// }
//
const rawVerifyUserTokenPublisherByDummyUser = (token_seed) => {
const resobj = { result: true, message: null };
if (!k2hr3apiutil_1.default.isSafeString(token_seed)) {
resobj.result = false;
resobj.message = 'token_seed(not printable) is not safe entity.';
dbglogging_1.default.elog(resobj.message);
return resobj;
}
// parse seed
if (!k2hr3apiutil_1.default.checkSimpleJSON(token_seed)) {
resobj.result = false;
resobj.message = 'token_seed(not printable) is not safe entity.';
dbglogging_1.default.elog(resobj.message);
return resobj;
}
const tmpseed = k2hr3apiutil_1.default.parseJSON(token_seed);
if (!k2hr3apiutil_1.default.isValTypeTokenSeed(tmpseed)) {
resobj.result = false;
resobj.message = 'token_seed(not printable) is not safe entity.';
dbglogging_1.default.elog(resobj.message);
return resobj;
}
const seed = tmpseed;
if (!k2hr3apiutil_1.default.isSafeString(seed.publisher) ||
(seed.publisher != 'DUMMYUSERAPI')) // publisher must be 'DUMMYUSERAPI'
{
resobj.result = false;
resobj.message = 'token_seed(not printable) is not safe entity.';
dbglogging_1.default.elog(resobj.message);
return resobj;
}
return resobj;
};
//---------------------------------------------------------
// Verify User Token From dummy user
//---------------------------------------------------------
//
// dkcobj_permanent : dkcobj object
// user : target user name for token
// tenant : target tenant name for token(if token is scoped)
// token : check token
// token_seed : token seed data
//
// result : {
// result: true/false
// message: null or error message string
// }
//
const rawVerifyUserTokenByDummyUser = (dkcobj_permanent, user, tenant, token, token_seed) => {
const resobj = { result: true, message: null };
if (!k2hr3apiutil_1.default.isSafeString(token) || !k2hr3apiutil_1.default.isSafeString(token_seed) || !k2hr3apiutil_1.default.isSafeString(user)) {
resobj.result = false;
resobj.message = 'some parameters are wrong : token=' + JSON.stringify(token) + ', token_seed=<not printable>, user=' + JSON.stringify(user);
dbglogging_1.default.elog(resobj.message);
return resobj;
}
// parse seed
if (!k2hr3apiutil_1.default.checkSimpleJSON(token_seed)) {
resobj.result = false;
resobj.message = 'token_seed(not printable) is not safe entity.';
dbglogging_1.default.elog(resobj.message);
return resobj;
}
const tmpseed = k2hr3apiutil_1.default.parseJSON(token_seed);
if (!k2hr3apiutil_1.default.isValTypeTokenSeed(tmpseed)) {
resobj.result = false;
resobj.message = 'token_seed(not printable) is not safe entity.';
dbglogging_1.default.elog(resobj.message);
return resobj;
}
const seed = tmpseed;
if (!k2hr3apiutil_1.default.isSafeString(seed.publisher) ||
(seed.publisher != 'DUMMYUSERAPI') || // publisher must be 'DUMMYUSERAPI'
!k2hr3apiutil_1.default.isSafeString(seed.userexid) ||
!k2hr3apiutil_1.default.isSafeString(seed.date) ||
!k2hr3apiutil_1.default.isSafeString(seed.expire) ||
!k2hr3apiutil_1.default.isSafeString(seed.creator) ||
!k2hr3apiutil_1.default.isSafeString(seed.base) ||
!k2hr3apiutil_1.default.isSafeString(seed.user) ||
!k2hr3apiutil_1.default.compareCaseString(seed.user, user)) {
resobj.result = false;
resobj.message = 'token_seed(not printable) is not safe entity.';
dbglogging_1.default.elog(resobj.message);
return resobj;
}
// check expire
if (k2hr3apiutil_1.default.isExpired(seed.expire)) {
resobj.result = false;
resobj.message = 'token is expired by expire date(' + seed.expire + ') in token_seed.';
dbglogging_1.default.elog(resobj.message);
return resobj;
}
// check tenant name(if tenant is specified, seed must have same tenant name)
if (k2hr3apiutil_1.default.isSafeString(seed.tenant) !== k2hr3apiutil_1.default.isSafeString(tenant) || (k2hr3apiutil_1.default.isSafeString(seed.tenant) && !k2hr3apiutil_1.default.compareCaseString(seed.tenant, tenant))) {
resobj.result = false;
resobj.message = 'token_seed(not printable) is (un)scoped, but tenant name is (not) specified. Then unmatched.';
dbglogging_1.default.elog(resobj.message);
return resobj;
}
// k2hdkc
const keys = (0, k2hr3keys_1.getK2hr3Keys)(seed.user, seed.tenant);
let dkcobj;
if (!k2hr3apiutil_1.default.isSafeEntity(dkcobj_permanent)) {
const tmpobj = k2hr3dkc_1.default.getK2hdkc(true, false); // use permanent object(need to clean)
if (!k2hr3apiutil_1.default.isSafeEntity(tmpobj)) {
resobj.result = false;
resobj.message = 'Not initialize yet.';
dbglogging_1.default.elog(resobj.message);
return resobj;
}
dkcobj = tmpobj;
}
else {
dkcobj = dkcobj_permanent;
}
// get user id
const userid = dkcobj.getValue(keys.USER_ID_KEY, null, true, null); // get user id from "yrn:yahoo::::user:<user>:id"
if (!k2hr3apiutil_1.default.isSafeEntity(dkcobj_permanent)) {
dkcobj.clean();
}
if (!k2hr3apiutil_1.default.isSafeString(userid)) {
resobj.result = false;
resobj.message = 'could not get user id for user(' + seed.user + ').';
dbglogging_1.default.elog(resobj.message);
return resobj;
}
// make verify token
const token_elements = k2hr3apiutil_1.default.makeStringToken256(seed.userexid, userid, seed.base);
if (!k2hr3apiutil_1.default.isSafeEntity(token_elements)) {
resobj.result = false;
resobj.message = 'could not make verify token from ' + JSON.stringify(seed.userexid) + ' and ' + JSON.stringify(userid) + ' and ' + JSON.stringify(seed.base);
dbglogging_1.default.elog(resobj.message);
return resobj;
}
if (token !== token_elements.str_token) {
resobj.result = false;
resobj.message = 'token(' + token + ') verify is failure, verify token is ' + token_elements.str_token + '.';
dbglogging_1.default.elog(resobj.message);
return resobj;
}
return resobj;
};
//---------------------------------------------------------
// Get User/Tenant information from User Token
//---------------------------------------------------------
//
// Result: {
// result: true/false
// message: null or error message string
// user: user name
// userid: user id
// tenant: if token is scoped token, this value is set tenant name.
// }
//
const rawGetUserTenantInfoFromToken = (token) => {
const resobj = { result: true, message: null };
if (!k2hr3apiutil_1.default.isSafeString(token)) {
resobj.result = false;
resobj.message = 'parameter is wrong : token=' + JSON.stringify(token);
dbglogging_1.default.elog(resobj.message);
return resobj;
}
const dkcobj = k2hr3dkc_1.default.getK2hdkc(true, false); // use permanent object(need to clean)
let keys = (0, k2hr3keys_1.getK2hr3Keys)();
if (!k2hr3apiutil_1.default.isSafeEntity(dkcobj)) {
resobj.result = false;
resobj.message = 'Not initialize yet.';
dbglogging_1.default.elog(resobj.message);
return resobj;
}
// get token key under user key
const token_value_key = keys.TOKEN_USER_TOP_KEY + '/' + token; // "yrn:yahoo::::token:user/<token>"
const user_token_key = dkcobj.getValue(token_value_key, null, true, null); // "yrn:yahoo::::user:<user>:tenant/{<tenant>}/token/<token>"
if (!k2hr3apiutil_1.default.isSafeString(user_token_key)) {
resobj.result = false;
resobj.message = 'token key(' + token_value_key + ') for token(' + token + ') is not existed.';
dbglogging_1.default.elog(resobj.message);
dkcobj.clean();
return resobj;
}
// get user name and tenant name from token key yrn path
const pattern = new RegExp('^' + keys.MATCH_ANY_USER_TOKEN); // regex = /^yrn:yahoo::::user:(.*):tenant\/(.*)\/token\/(.*)/
const matches = user_token_key.match(pattern); // reverse to user/tenant names
if (!k2hr3apiutil_1.default.isNotEmptyArray(matches) || matches.length < 4 || '' === k2hr3apiutil_1.default.getSafeString(matches[1])) {
resobj.result = false;
resobj.message = 'token key(' + token_value_key + ') for token(' + token + ') has wrong format value(' + user_token_key + ')';
dbglogging_1.default.elog(resobj.message);
dkcobj.clean();
return resobj;
}
const token_user = k2hr3apiutil_1.default.getSafeString(matches[1]);
let token_tenant = k2hr3apiutil_1.default.getSafeString(matches[2]);
if ('' === token_tenant) {
token_tenant = null;
}
// get token seed
const user_token_seed_key = user_token_key + '/' + keys.SEED_KW; // "yrn:yahoo::::user:<user>:tenant/{<tenant>}/token/<token>/seed"
const token_seed = dkcobj.getValue(user_token_seed_key, null, true, null);
if (!k2hr3apiutil_1.default.isSafeString(token_seed)) {
resobj.result = false;
resobj.message = 'token key(' + token_value_key + ') for token(' + token + ') does not have token seed data.';
dbglogging_1.default.elog(resobj.message);
dkcobj.clean();
return resobj;
}
// verify token
const vres = rawVerifyUserTokenByDummyUser(dkcobj, token_user, token_tenant, token, token_seed);
if (!vres.result) {
resobj.result = false;
resobj.message = 'failed to verify token(' + token + ') with seed by ' + vres.message;
dbglogging_1.default.elog(resobj.message);
dkcobj.clean();
return resobj;
}
// get user id
keys = (0, k2hr3keys_1.getK2hr3Keys)(token_user, null); // remake keys
const userid = dkcobj.getValue(keys.USER_ID_KEY, null, true, null); // get user id from "yrn:yahoo::::user:<user>:id"
if (!k2hr3apiutil_1.default.isSafeString(userid)) {
resobj.result = false;
resobj.message = 'could not get user id for user(' + token_user + ').';
dbglogging_1.default.elog(resobj.message);
dkcobj.clean();
return resobj;
}
dkcobj.clean();
// make result
resobj.user = token_user;
resobj.userid = userid;
resobj.tenant = token_tenant;
return resobj;
};
//---------------------------------------------------------
// Get Unscoped token by user name for dummy
//---------------------------------------------------------
//
// callback(error, result):
// result = {
// user: user name
// userid: user id
// scoped: always false
// token: token string(id)
// expire: expire string(UTC ISO 8601)
// region: region string
// token_seed: JSON token seed data
// }
//
const rawGetUserUnscopedTokenDummy = (uname, callback) => {
// [NOTE]
// user name is allowed any
//
if (!k2hr3apiutil_1.default.isSafeString(uname)) {
const error = new Error('parameter is wrong : uname=' + JSON.stringify(uname));
dbglogging_1.default.elog(error.message);
callback(error, null);
return;
}
//
// Create unscoped user token
//
const resobj = rawCreateUserTokenByDummyUser(uname, null); // not specify expire limit now(using default).
if (!resobj.result) {
const error = new Error('could not create user token for uname(' + uname + ') or something wrong result : ' + resobj.message);
dbglogging_1.default.elog(error.message);
callback(error, null);
return;
}
// make result
const dummyapiep = dummyapi_ep();
let dummyregion = '';
if (k2hr3apiutil_1.default.isPlainObject(dummyapiep) && k2hr3apiutil_1.default.isString(dummyapiep.region)) {
dummyregion = dummyapiep.region;
}
const result = {
user: uname,
userid: k2hr3apiutil_1.default.getSafeString(resobj.userid),
scoped: false,
token: k2hr3apiutil_1.default.getSafeString(resobj.token),
expire: k2hr3apiutil_1.default.isSafeString(resobj.expire_at) ? resobj.expire_at : null,
region: dummyregion,
token_seed: k2hr3apiutil_1.default.getSafeString(resobj.token_seed)
};
callback(null, result);
};
//---------------------------------------------------------
// Get Scoped token by user name for dummy
//---------------------------------------------------------
//
// callback(error, result):
// result = {
// user: user name
// userid: user id
// scoped: always true
// token: token string
// expire: expire string(UTC ISO 8601)
// region: region string
// token_seed: JSON token seed data
// }
//
// [NOTE]
// The token is allowed scoped token, but it must be same tenant token.
//
const rawGetUserScopedTokenDummy = (token, tenant, callback) => {
if (!k2hr3apiutil_1.default.isSafeString(token) || !k2hr3apiutil_1.default.isSafeString(tenant)) {
const error = new Error('some parameters are wrong : token=' + JSON.stringify(token) + ', tenant=' + JSON.stringify(tenant));
dbglogging_1.default.elog(error.message);
callback(error, null);
return;
}
// verify and get user/tenant information
const token_info = rawGetUserTenantInfoFromToken(token);
if (!token_info.result) {
const error = new Error('could not get any information from token(' + token + '), result : ' + token_info.message);
dbglogging_1.default.elog(error.message);
callback(error, null);
return;
}
// check tenant name
if (k2hr3apiutil_1.default.isSafeString(token_info.tenant) && token_info.tenant !== tenant) {
const error = new Error('token(' + token + ') has scoped(' + token_info.tenant + '), but it is not as same as the request tenant(' + tenant + ').');
dbglogging_1.default.elog(error.message);
callback(error, null);
return;
}
// create scoped token
const resobj = rawCreateUserTokenByDummyUser(k2hr3apiutil_1.default.isSafeString(token_info.user) ? token_info.user : null, tenant); // not specify expire limit now(using default).
if (!resobj.result) {
const error = new Error('could not create user scoped token for uname(' + token_info.user + ')/user id(' + token_info.userid + ') for tenant(' + tenant + ').');
dbglogging_1.default.elog(error.message);
callback(error, null);
return;
}
// make result
const dummyapiep = dummyapi_ep();
let dummyregion = '';
if (k2hr3apiutil_1.default.isPlainObject(dummyapiep) && k2hr3apiutil_1.default.isString(dummyapiep.region)) {
dummyregion = dummyapiep.region;
}
const result = {
user: k2hr3apiutil_1.default.getSafeString(token_info.user),
userid: k2hr3apiutil_1.default.getSafeString(token_info.userid),
scoped: true,
token: k2hr3apiutil_1.default.getSafeString(resobj.token),
expire: k2hr3apiutil_1.default.isSafeString(resobj.expire_at) ? resobj.expire_at : null,
region: dummyregion,
token_seed: k2hr3apiutil_1.default.getSafeString(resobj.token_seed)
};
callback(null, result);
};
//
// Get tenant list from username(not used) for dummy
//
// callback(error, result):
// result = [
// {
// name: project(tenant) name (*2 : string)
// id: project(tenant) id (*2)
// description: project(tenant) description (*4)
// display: display name (*3)
// },
// ...
// ]
//
const rawGetUserTenantListDummyByUsername = (username, callback) => {
// [NOTE]
// username is not used in this function, but check it.
//
if (!k2hr3apiutil_1.default.isSafeString(username)) {
const error = new Error('parameter is wrong : username=' + JSON.stringify(username));
dbglogging_1.default.elog(error.message);
callback(error, null);
return;
}
const _callback = callback;
//
// returns static tenant list
//
const dummyResult = [
{
name: 'tenant0',
id: '1000',
description: 'dummy tenant no.0',
display: 'dummy_tenant_0'
},
{
name: 'tenant1',
id: '1001',
description: 'dummy tenant no.1',
display: 'dummy_tenant_1'
},
{
name: 'tenant2',
id: '1002',
description: 'dummy tenant no.2',
display: 'dummy_tenant_2'
},
{
name: 'tenant3',
id: '1003',
description: 'dummy tenant no.3',
display: 'dummy_tenant_3'
},
{
name: 'tenant4',
id: '1004',
description: 'dummy tenant no.4',
display: 'dummy_tenant_4'
}
];
_callback(null, dummyResult);
};
//
// Get tenant list from unscoped token for dummy
//
const rawGetUserTenantListDummy = (unscopedtoken, callback) => {
// get user/tenant information from token
const token_info = rawGetUserTenantInfoFromToken(unscopedtoken);
if (!token_info.result) {
const error = new Error('could not get any information from token(' + unscopedtoken + '), result : ' + token_info.message);
dbglogging_1.default.elog(error.message);
callback(error, null);
return;
}
return rawGetUserTenantListDummyByUsername(k2hr3apiutil_1.default.isSafeString(token_info.user) ? token_info.user : null, callback);
};
//---------------------------------------------------------
// Exports
//---------------------------------------------------------
exports.dummyuserapi = {
//
// passwd : not used
//
getUserUnscopedToken: (uname, passwd, callback) => {
rawGetUserUnscopedTokenDummy(uname, callback);
},
//
// update token : not implemented
//
getUserUnscopedTokenByToken: (token, callback) => {
const error = new Error('getUserUnscopedTokenByToken is not implemented');
dbglogging_1.default.elog(error.message);
callback(error, null);
},
//
// tenantid : not used
//
// [NOTE]
// This function is not asynchronous.
// And allowed unscopedtoken value is scoped token specially.
//
getUserScopedToken: rawGetUserScopedTokenDummy,
//
// Verify seed publisher type
//
verifyUserTokenPublisher: rawVerifyUserTokenPublisherByDummyUser,
verifyUserToken: (dkcobj_permanent, user, tenant, token, token_seed) => {
return rawVerifyUserTokenByDummyUser(dkcobj_permanent, user, tenant, token, token_seed);
},
//
// userid : not used
//
getUserTenantList: (unscopedtoken, userid, callback) => {
rawGetUserTenantListDummy(unscopedtoken, callback);
}
};
/*
* Local variables:
* tab-width: 4
* c-basic-offset: 4
* End:
* vim600: noexpandtab sw=4 ts=4 fdm=marker
* vim<600: noexpandtab sw=4 ts=4
*/