skyflow-node
Version:
Skyflow SDK for Node.js
310 lines • 17.9 kB
JavaScript
"use strict";
var __importDefault = (this && this.__importDefault) || function (mod) {
return (mod && mod.__esModule) ? mod : { "default": mod };
};
Object.defineProperty(exports, "__esModule", { value: true });
exports.__testing = exports.generateSignedDataTokensFromCreds = exports.generateSignedDataTokens = exports.generateBearerTokenFromCreds = exports.generateToken = exports.generateBearerToken = exports.getRolesForScopedToken = void 0;
const fs_1 = __importDefault(require("fs"));
const axios_1 = __importDefault(require("axios"));
const jsonwebtoken_1 = __importDefault(require("jsonwebtoken"));
const Messages_1 = require("../errors/Messages");
const logs_helper_1 = require("../../vault-api/utils/logs-helper");
const logs_1 = __importDefault(require("../../vault-api/utils/logs"));
const common_1 = require("../../vault-api/utils/common");
const SkyflowError_1 = __importDefault(require("../../vault-api/libs/SkyflowError"));
const helpers_1 = require("../../vault-api/utils/helpers");
function generateBearerToken(credentialsFilePath, options) {
return new Promise((resolve, reject) => {
let credentials;
if (!fs_1.default.existsSync(credentialsFilePath)) {
(0, logs_helper_1.printLog)(Messages_1.errorMessages.FileNotFound, common_1.MessageType.ERROR);
reject(new SkyflowError_1.default({ code: 400, description: Messages_1.errorMessages.FileNotFound }));
}
credentials = fs_1.default.readFileSync(credentialsFilePath, "utf8");
if (credentials === '') {
(0, logs_helper_1.printLog)(Messages_1.errorMessages.EmptyFile, common_1.MessageType.ERROR);
reject(new SkyflowError_1.default({ code: 400, description: Messages_1.errorMessages.EmptyFile }));
}
try {
JSON.parse(credentials);
}
catch (e) {
(0, logs_helper_1.printLog)(Messages_1.errorMessages.NotAValidJSON, common_1.MessageType.ERROR);
reject(new SkyflowError_1.default({ code: 400, description: Messages_1.errorMessages.NotAValidJSON }));
}
getToken(credentials, options).then((res) => {
resolve(res);
}).catch((err) => { reject(err); });
});
}
exports.generateBearerToken = generateBearerToken;
function getToken(credentials, options) {
return new Promise((resolve, reject) => {
var _a;
(0, logs_helper_1.printLog)(logs_1.default.infoLogs.GENERATE_BEARER_TOKEN_TRIGGERED, common_1.MessageType.LOG);
try {
if (!credentials && credentials == "") {
(0, logs_helper_1.printLog)(Messages_1.errorMessages.CredentialsContentEmpty, common_1.MessageType.ERROR);
reject(new SkyflowError_1.default({ code: 400, description: Messages_1.errorMessages.CredentialsContentEmpty }));
}
if (typeof (credentials) !== "string") {
(0, logs_helper_1.printLog)(Messages_1.errorMessages.ExpectedStringParameter, common_1.MessageType.ERROR);
reject(new SkyflowError_1.default({ code: 400, description: Messages_1.errorMessages.ExpectedStringParameter }));
}
if ((options === null || options === void 0 ? void 0 : options.roleIDs) && ((_a = options.roleIDs) === null || _a === void 0 ? void 0 : _a.length) == 0) {
(0, logs_helper_1.printLog)(Messages_1.errorMessages.ScopedRolesEmpty, common_1.MessageType.ERROR);
reject(new SkyflowError_1.default({ code: 400, description: Messages_1.errorMessages.ScopedRolesEmpty }));
}
if ((options === null || options === void 0 ? void 0 : options.roleIDs) && !Array.isArray(options.roleIDs)) {
(0, logs_helper_1.printLog)(Messages_1.errorMessages.ExpectedRoleIDParameter, common_1.MessageType.ERROR);
reject(new SkyflowError_1.default({ code: 400, description: Messages_1.errorMessages.ExpectedRoleIDParameter }));
}
let credentialsObj = JSON.parse("{}");
try {
credentialsObj = JSON.parse(credentials);
}
catch (e) {
(0, logs_helper_1.printLog)(Messages_1.errorMessages.NotAValidJSON, common_1.MessageType.ERROR);
throw new SkyflowError_1.default({ code: 400, description: Messages_1.errorMessages.NotAValidJSON });
}
const expiryTime = Math.floor(Date.now() / 1000) + 3600;
const claims = Object.assign({ iss: credentialsObj.clientID, key: credentialsObj.keyID, aud: credentialsObj.tokenURI, exp: expiryTime, sub: credentialsObj.clientID }, (options && options.ctx ? { ctx: options.ctx } : {}));
if (claims.iss == null) {
(0, logs_helper_1.printLog)(Messages_1.errorMessages.ClientIDNotFound, common_1.MessageType.ERROR);
reject(new SkyflowError_1.default({ code: 400, description: Messages_1.errorMessages.ClientIDNotFound }));
}
else if (claims.key == null) {
(0, logs_helper_1.printLog)(Messages_1.errorMessages.KeyIDNotFound, common_1.MessageType.ERROR);
reject(new SkyflowError_1.default({ code: 400, description: Messages_1.errorMessages.KeyIDNotFound }));
}
else if (claims.aud == null) {
(0, logs_helper_1.printLog)(Messages_1.errorMessages.TokenURINotFound, common_1.MessageType.ERROR);
reject(new SkyflowError_1.default({ code: 400, description: Messages_1.errorMessages.TokenURINotFound }));
}
else if (credentialsObj.privateKey == null) {
(0, logs_helper_1.printLog)(Messages_1.errorMessages.PrivateKeyNotFound, common_1.MessageType.ERROR);
reject(new SkyflowError_1.default({ code: 400, description: Messages_1.errorMessages.PrivateKeyNotFound }));
}
else {
const privateKey = credentialsObj.privateKey.toString("utf8");
const signedJwt = jsonwebtoken_1.default.sign(claims, privateKey, { algorithm: "RS256" });
const scopedRoles = (options === null || options === void 0 ? void 0 : options.roleIDs) && getRolesForScopedToken(options.roleIDs);
(0, axios_1.default)(`${credentialsObj.tokenURI}`, {
method: "POST",
headers: {
"Content-Type": "application/json",
[common_1.SDK_METRICS_HEADER_KEY]: JSON.stringify((0, helpers_1.generateSDKMetrics)()),
},
data: {
grant_type: "urn:ietf:params:oauth:grant-type:jwt-bearer",
assertion: signedJwt,
scope: scopedRoles,
},
})
.then((res) => {
successResponse(res).then((response) => resolve(response)).catch(err => reject(err));
})
.catch((err) => {
failureResponse(err).catch(err => reject(err));
});
}
}
catch (e) {
reject(e);
}
});
}
function getRolesForScopedToken(roleIDs) {
let str = '';
roleIDs.forEach((role) => {
str = str + "role:" + role + " ";
});
return str;
}
exports.getRolesForScopedToken = getRolesForScopedToken;
function successResponse(res) {
(0, logs_helper_1.printLog)(logs_1.default.infoLogs.GENERATE_BEARER_TOKEN_SUCCESS, common_1.MessageType.LOG);
return new Promise((resolve, _) => {
resolve({
accessToken: res.data.accessToken,
tokenType: res.data.tokenType,
});
});
}
function getSignedDataTokenResponseObject(signedToken, actualToken) {
let responseObject = {
token: actualToken,
signedToken: signedToken,
};
return responseObject;
}
function signedDataTokenSuccessResponse(res) {
(0, logs_helper_1.printLog)(logs_1.default.infoLogs.GENERATE_SIGNED_DATA_TOKEN_SUCCESS, common_1.MessageType.LOG);
return new Promise((resolve, _) => {
resolve(res);
});
}
function failureResponse(err) {
return new Promise((_, reject) => {
var _a, _b, _c;
if (err.response) {
let data = err.response.data;
const headerMap = err.response.headers;
const requestId = headerMap['x-request-id'];
const contentType = headerMap["content-type"];
if (contentType && contentType.includes('application/json')) {
let description = data;
if ((_a = description === null || description === void 0 ? void 0 : description.error) === null || _a === void 0 ? void 0 : _a.message) {
description = requestId ? `${(_b = description === null || description === void 0 ? void 0 : description.error) === null || _b === void 0 ? void 0 : _b.message} - requestId: ${requestId}` : (_c = description === null || description === void 0 ? void 0 : description.error) === null || _c === void 0 ? void 0 : _c.message;
}
(0, logs_helper_1.printLog)(description, common_1.MessageType.ERROR);
reject(new SkyflowError_1.default({
code: err.response.status,
description: description,
}, [], true));
}
else if (contentType && contentType.includes('text/plain')) {
let description = requestId ? `${data} - requestId: ${requestId}` : data;
(0, logs_helper_1.printLog)(description, common_1.MessageType.ERROR);
reject(new SkyflowError_1.default({
code: err.response.status,
description,
}, [], true));
}
else {
let description = requestId ? `${logs_1.default.errorLogs.ERROR_OCCURED} - requestId: ${requestId}` : logs_1.default.errorLogs.ERROR_OCCURED;
(0, logs_helper_1.printLog)(description, common_1.MessageType.ERROR);
reject(new SkyflowError_1.default({
code: err.response.status,
description,
}, [], true));
}
}
else {
(0, logs_helper_1.printLog)(err.message, common_1.MessageType.ERROR);
reject(new SkyflowError_1.default({
code: "500",
description: err.message,
}));
}
});
}
function generateToken(credentialsFilePath) {
(0, logs_helper_1.printLog)(logs_1.default.warnLogs.GENERATE_BEARER_DEPRECATED, common_1.MessageType.WARN);
return generateBearerToken(credentialsFilePath);
}
exports.generateToken = generateToken;
function generateBearerTokenFromCreds(credentials, options) {
return getToken(credentials, options);
}
exports.generateBearerTokenFromCreds = generateBearerTokenFromCreds;
function generateSignedDataTokens(credentialsFilePath, options) {
return new Promise((resolve, reject) => {
let credentials;
if (!fs_1.default.existsSync(credentialsFilePath)) {
(0, logs_helper_1.printLog)(Messages_1.errorMessages.FileNotFound, common_1.MessageType.ERROR);
reject(new SkyflowError_1.default({ code: 400, description: Messages_1.errorMessages.FileNotFound }));
}
credentials = fs_1.default.readFileSync(credentialsFilePath, "utf8");
if (credentials === '') {
(0, logs_helper_1.printLog)(Messages_1.errorMessages.EmptyFile, common_1.MessageType.ERROR);
reject(new SkyflowError_1.default({ code: 400, description: Messages_1.errorMessages.EmptyFile }));
}
try {
JSON.parse(credentials);
}
catch (e) {
(0, logs_helper_1.printLog)(Messages_1.errorMessages.NotAValidJSON, common_1.MessageType.ERROR);
reject(new SkyflowError_1.default({ code: 400, description: Messages_1.errorMessages.NotAValidJSON }));
}
getSignedTokens(credentials, options).then((res) => {
resolve(res);
}).catch((err) => { reject(err); });
});
}
exports.generateSignedDataTokens = generateSignedDataTokens;
function getSignedTokens(credentials, options) {
return new Promise((resolve, reject) => {
var _a;
(0, logs_helper_1.printLog)(logs_1.default.infoLogs.GENERATE_SIGNED_DATA_TOKENS_TRIGGERED, common_1.MessageType.LOG);
try {
if (!credentials && credentials == "") {
(0, logs_helper_1.printLog)(Messages_1.errorMessages.CredentialsContentEmpty, common_1.MessageType.ERROR);
reject(new SkyflowError_1.default({ code: 400, description: Messages_1.errorMessages.CredentialsContentEmpty }));
}
if (typeof (credentials) !== "string") {
(0, logs_helper_1.printLog)(Messages_1.errorMessages.ExpectedStringParameter, common_1.MessageType.ERROR);
reject(new SkyflowError_1.default({ code: 400, description: Messages_1.errorMessages.ExpectedStringParameter }));
}
if ((options === null || options === void 0 ? void 0 : options.dataTokens) && ((_a = options.dataTokens) === null || _a === void 0 ? void 0 : _a.length) == 0) {
(0, logs_helper_1.printLog)(Messages_1.errorMessages.DataTokensEmpty, common_1.MessageType.ERROR);
reject(new SkyflowError_1.default({ code: 400, description: Messages_1.errorMessages.DataTokensEmpty }));
}
if (options && options.dataTokens == null || undefined) {
(0, logs_helper_1.printLog)(Messages_1.errorMessages.DataTokensNotFound, common_1.MessageType.ERROR);
reject(new SkyflowError_1.default({ code: 400, description: Messages_1.errorMessages.DataTokensNotFound }));
}
if ((options === null || options === void 0 ? void 0 : options.dataTokens) && !Array.isArray(options.dataTokens)) {
(0, logs_helper_1.printLog)(Messages_1.errorMessages.ExpectedDataTokensParameter, common_1.MessageType.ERROR);
reject(new SkyflowError_1.default({ code: 400, description: Messages_1.errorMessages.ExpectedDataTokensParameter }));
}
if ((options === null || options === void 0 ? void 0 : options.timeToLive) && typeof (options.timeToLive) !== "number") {
(0, logs_helper_1.printLog)(Messages_1.errorMessages.ExpectedTimeToLiveParameter, common_1.MessageType.ERROR);
reject(new SkyflowError_1.default({ code: 400, description: Messages_1.errorMessages.ExpectedTimeToLiveParameter }));
}
let credentialsObj = JSON.parse("{}");
try {
credentialsObj = JSON.parse(credentials);
}
catch (e) {
(0, logs_helper_1.printLog)(Messages_1.errorMessages.NotAValidJSON, common_1.MessageType.ERROR);
throw new SkyflowError_1.default({ code: 400, description: Messages_1.errorMessages.NotAValidJSON });
}
let expiryTime;
if ((options === null || options === void 0 ? void 0 : options.timeToLive) && (options === null || options === void 0 ? void 0 : options.timeToLive) !== null) {
expiryTime = Math.floor(Date.now() / 1000) + (options === null || options === void 0 ? void 0 : options.timeToLive);
}
else {
expiryTime = Math.floor(Date.now() / 1000) + 60;
}
const prefix = "signed_token_";
let responseArray = [];
if (options && (options === null || options === void 0 ? void 0 : options.dataTokens)) {
options.dataTokens.forEach((token) => {
const claims = Object.assign({ iss: "sdk", key: credentialsObj.keyID, aud: credentialsObj.tokenURI, exp: expiryTime, sub: credentialsObj.clientID, tok: token }, (options && options.ctx ? { ctx: options.ctx } : {}));
if (claims.key == null) {
(0, logs_helper_1.printLog)(Messages_1.errorMessages.KeyIDNotFound, common_1.MessageType.ERROR);
reject(new SkyflowError_1.default({ code: 400, description: Messages_1.errorMessages.KeyIDNotFound }));
}
else if (claims.aud == null) {
(0, logs_helper_1.printLog)(Messages_1.errorMessages.TokenURINotFound, common_1.MessageType.ERROR);
reject(new SkyflowError_1.default({ code: 400, description: Messages_1.errorMessages.TokenURINotFound }));
}
else if (credentialsObj.privateKey == null) {
(0, logs_helper_1.printLog)(Messages_1.errorMessages.PrivateKeyNotFound, common_1.MessageType.ERROR);
reject(new SkyflowError_1.default({ code: 400, description: Messages_1.errorMessages.PrivateKeyNotFound }));
}
else {
const privateKey = credentialsObj.privateKey.toString("utf8");
const signedJwt = jsonwebtoken_1.default.sign(claims, privateKey, { algorithm: "RS256" });
const responseObject = getSignedDataTokenResponseObject(prefix + signedJwt, token);
responseArray.push(responseObject);
}
});
}
signedDataTokenSuccessResponse(responseArray).then((response) => resolve(response)).catch(err => reject(err));
}
catch (e) {
reject(e);
}
});
}
function generateSignedDataTokensFromCreds(credentials, options) {
return getSignedTokens(credentials, options);
}
exports.generateSignedDataTokensFromCreds = generateSignedDataTokensFromCreds;
exports.__testing = {
successResponse,
failureResponse
};
//# sourceMappingURL=Token.js.map