UNPKG

manifest

Version:

Self-hosted Manifest LLM router with embedded server, SQLite database, and dashboard

143 lines 6.28 kB
"use strict"; var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) { var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d; if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc); else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r; return c > 3 && r && Object.defineProperty(target, key, r), r; }; var __metadata = (this && this.__metadata) || function (k, v) { if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v); }; var __param = (this && this.__param) || function (paramIndex, decorator) { return function (target, key) { decorator(target, key, paramIndex); } }; Object.defineProperty(exports, "__esModule", { value: true }); exports.ApiKeyGeneratorService = void 0; const common_1 = require("@nestjs/common"); const typeorm_1 = require("@nestjs/typeorm"); const typeorm_2 = require("typeorm"); const crypto_1 = require("crypto"); const uuid_1 = require("uuid"); const tenant_entity_1 = require("../../entities/tenant.entity"); const agent_entity_1 = require("../../entities/agent.entity"); const agent_api_key_entity_1 = require("../../entities/agent-api-key.entity"); const hash_util_1 = require("../../common/utils/hash.util"); const crypto_util_1 = require("../../common/utils/crypto.util"); const api_key_constants_1 = require("../../common/constants/api-key.constants"); const agent_key_auth_guard_1 = require("../guards/agent-key-auth.guard"); let ApiKeyGeneratorService = class ApiKeyGeneratorService { tenantRepo; agentRepo; keyRepo; otlpAuthGuard; constructor(tenantRepo, agentRepo, keyRepo, otlpAuthGuard) { this.tenantRepo = tenantRepo; this.agentRepo = agentRepo; this.keyRepo = keyRepo; this.otlpAuthGuard = otlpAuthGuard; } generateKey() { return api_key_constants_1.API_KEY_PREFIX + (0, crypto_1.randomBytes)(32).toString('base64url'); } async onboardAgent(params) { const existing = await this.tenantRepo.findOne({ where: { name: params.tenantName }, }); let tenantId; if (existing) { tenantId = existing.id; } else { tenantId = (0, uuid_1.v4)(); await this.tenantRepo.insert({ id: tenantId, name: params.tenantName, organization_name: params.organizationName ?? null, email: params.email ?? null, is_active: true, }); } const agentId = (0, uuid_1.v4)(); await this.agentRepo.insert({ id: agentId, name: params.agentName, display_name: params.displayName ?? null, description: params.agentDescription ?? null, is_active: true, tenant_id: tenantId, }); const rawKey = this.generateKey(); const keyId = (0, uuid_1.v4)(); await this.keyRepo.insert({ id: keyId, key: (0, crypto_util_1.encrypt)(rawKey, (0, crypto_util_1.getEncryptionSecret)()), key_hash: (0, hash_util_1.hashKey)(rawKey), key_prefix: (0, hash_util_1.keyPrefix)(rawKey), label: `${params.agentName} ingest key`, tenant_id: tenantId, agent_id: agentId, is_active: true, }); return { tenantId, agentId, apiKey: rawKey }; } async getKeyForAgent(userId, agentName) { const keyRecord = await this.keyRepo .createQueryBuilder('k') .leftJoin('k.agent', 'a') .leftJoin('a.tenant', 't') .where('t.name = :userId', { userId }) .andWhere('a.name = :agentName', { agentName }) .andWhere('k.is_active = true') .getOne(); if (!keyRecord) { throw new common_1.NotFoundException('No active API key found for this agent'); } if (keyRecord.key) { try { const fullKey = (0, crypto_util_1.decrypt)(keyRecord.key, (0, crypto_util_1.getEncryptionSecret)()); return { keyPrefix: keyRecord.key_prefix, fullKey }; } catch { return { keyPrefix: keyRecord.key_prefix }; } } return { keyPrefix: keyRecord.key_prefix }; } async rotateKey(userId, agentName) { const agent = await this.agentRepo .createQueryBuilder('a') .leftJoin('a.tenant', 't') .where('a.name = :agentName', { agentName }) .andWhere('t.name = :userId', { userId }) .getOne(); if (!agent) throw new common_1.NotFoundException('Agent not found or access denied'); await this.keyRepo.delete({ agent_id: agent.id }); this.otlpAuthGuard.clearCache(); const rawKey = this.generateKey(); const keyId = (0, uuid_1.v4)(); await this.keyRepo.insert({ id: keyId, key: (0, crypto_util_1.encrypt)(rawKey, (0, crypto_util_1.getEncryptionSecret)()), key_hash: (0, hash_util_1.hashKey)(rawKey), key_prefix: (0, hash_util_1.keyPrefix)(rawKey), label: `${agent.name} ingest key (rotated)`, tenant_id: agent.tenant_id, agent_id: agent.id, is_active: true, }); return { apiKey: rawKey }; } }; exports.ApiKeyGeneratorService = ApiKeyGeneratorService; exports.ApiKeyGeneratorService = ApiKeyGeneratorService = __decorate([ (0, common_1.Injectable)(), __param(0, (0, typeorm_1.InjectRepository)(tenant_entity_1.Tenant)), __param(1, (0, typeorm_1.InjectRepository)(agent_entity_1.Agent)), __param(2, (0, typeorm_1.InjectRepository)(agent_api_key_entity_1.AgentApiKey)), __metadata("design:paramtypes", [typeorm_2.Repository, typeorm_2.Repository, typeorm_2.Repository, agent_key_auth_guard_1.AgentKeyAuthGuard]) ], ApiKeyGeneratorService); //# sourceMappingURL=api-key.service.js.map