@adobe/helix-config-storage 1.7.2 → 1.7.3

package/CHANGELOG.md

@@ -1,3 +1,10 @@
+## [1.7.3](https://github.com/adobe/helix-config-storage/compare/v1.7.2...v1.7.3) (2024-09-13)
+
+
+### Bug Fixes
+
+* remove transient site token store ([#27](https://github.com/adobe/helix-config-storage/issues/27)) ([adb1543](https://github.com/adobe/helix-config-storage/commit/adb15437ba334ea3fe7276d4c9f4c0b785b736a3))
+
 ## [1.7.2](https://github.com/adobe/helix-config-storage/compare/v1.7.1...v1.7.2) (2024-09-07)
 
 

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@adobe/helix-config-storage",
-  "version": "1.7.2",
+  "version": "1.7.3",
   "description": "Helix Config Storage",
   "main": "src/index.js",
   "types": "src/index.d.ts",

package/src/index.js

@@ -13,4 +13,3 @@ export { ConfigStore } from './config-store.js';
 export { SCHEMAS } from './config-validator.js';
 export * from './ValidationError.js';
 export * from './config-merge.js';
-export * from './transient-token-store.js';

package/src/transient-token-store.js

@@ -1,181 +0,0 @@
-/*
- * Copyright 2024 Adobe. All rights reserved.
- * This file is licensed to you under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License. You may obtain a copy
- * of the License at http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software distributed under
- * the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR REPRESENTATIONS
- * OF ANY KIND, either express or implied. See the License for the specific language
- * governing permissions and limitations under the License.
- */
-
-/**
- * @typedef Token
- * @property {string} id
- * @property {string} value
- * @property {Date} created
- */
-
-/**
- * @typedef SiteTokens
- * @property {Token} preview
- * @property {Token} live
- */
-
-import crypto from 'crypto';
-import { HelixStorage } from '@adobe/helix-shared-storage';
-
-/**
- * Store to manage transient site tokens.
- * - the tokens have a fixed expiration time (default 24h) which can be verified on the edge
- * - the transient site tokens are managed and delivered independent of the fixed site tokens
- */
-export class TransientTokenStore {
-  /**
-   * Org name
-   */
-  org;
-
-  /**
-   * Site name
-   */
-  site;
-
-  /**
-   * S3/R2 Key for the transient site tokens
-   */
-  #key;
-
-  /**
-   * loaded tokens
-   */
-  #tokens;
-
-  /**
-   * modified flag
-   */
-  #modified;
-
-  /**
-   * flag indicating that the store was modified
-   */
-  wasModified = false;
-
-  /**
-   * consistent "now"
-   */
-  #now;
-
-  constructor(org, site) {
-    this.org = org;
-    this.site = site;
-    this.#key = `orgs/${this.org}/sites/${this.site}/transient-site-tokens.json`;
-    this.#now = new Date();
-  }
-
-  /**
-   * Returns the current time (mainly used for tests)
-   * @returns {Date}
-   */
-  now() {
-    return this.#now;
-  }
-
-  /**
-   * Loads the transient site tokens from the storage
-   * @param ctx
-   * @returns {Promise<SiteTokens>}
-   */
-  async #load(ctx) {
-    if (!this.#tokens) {
-      this.#tokens = {
-        preview: undefined,
-        live: undefined,
-      };
-      this.#modified = false;
-      const storage = HelixStorage.fromContext(ctx).configBus();
-      const buf = await storage.get(this.#key);
-      if (buf) {
-        const data = JSON.parse(buf.toString('utf-8'));
-        this.#tokens.preview = data.tokens.preview;
-        this.#tokens.live = data.tokens.live;
-      }
-    }
-    return this.#tokens;
-  }
-
-  /**
-   * Saves the transient site tokens to the storage if modified
-   * @param ctx
-   * @returns {Promise<void>}
-   */
-  async #save(ctx) {
-    if (this.#modified) {
-      const storage = HelixStorage.fromContext(ctx).configBus();
-      await storage.put(this.#key, JSON.stringify({
-        tokens: this.#tokens,
-      }));
-      this.#modified = false;
-      this.wasModified = true;
-    }
-  }
-
-  /**
-   * Returns the transient site token for the given partition. If the token does not exist or is
-   * expired, it will be created.
-   * @param ctx
-   * @param partition
-   * @returns {Promise<Token>}
-   */
-  async getOrCreateToken(ctx, partition) {
-    if (partition !== 'preview' && partition !== 'live') {
-      throw new Error(`Invalid partition: ${partition}`);
-    }
-    const tokens = await this.#load(ctx);
-    let token = tokens[partition];
-    if (!token) {
-      const value = crypto.randomBytes(32).toString('base64url');
-      const id = crypto.createHash('sha256').update(value).digest().toString('base64url');
-      const created = this.#now.toUTCString();
-      token = {
-        id,
-        value,
-        created,
-      };
-      tokens[partition] = token;
-      this.#modified = true;
-    }
-    await this.#save(ctx);
-    return token;
-  }
-
-  /**
-   * Returns the token header values for the given user id.
-   * @param ctx
-   * @param partition
-   * @param userid
-   * @returns {Promise<string>}
-   */
-  async getTokenHeader(ctx, partition, userid) {
-    const token = await this.getOrCreateToken(ctx, partition);
-    const user64 = Buffer.from(userid)
-      .toString('base64url');
-    const key = `${user64};${this.#now.toISOString().split('T')[0]}`;
-    const hash = crypto
-      .createHmac('sha512', key)
-      .update(token.value, 'utf-8')
-      .digest()
-      .toString('base64url');
-    return `hlxtst_${hash};${user64}`;
-  }
-
-  /**
-   * Returns the transient site tokens
-   * @param ctx
-   * @returns {Promise<SiteTokens>}
-   */
-  async getSiteTokens(ctx) {
-    return this.#load(ctx);
-  }
-}