@adobe/helix-config-storage 2.2.4 → 2.2.6
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +14 -0
- package/package.json +2 -2
- package/src/config-store.js +3 -4
- package/src/schemas/sidekick.schema.json +11 -0
- package/src/utils.js +14 -3
package/CHANGELOG.md
CHANGED
|
@@ -1,3 +1,17 @@
|
|
|
1
|
+
## [2.2.6](https://github.com/adobe/helix-config-storage/compare/v2.2.5...v2.2.6) (2025-05-13)
|
|
2
|
+
|
|
3
|
+
|
|
4
|
+
### Bug Fixes
|
|
5
|
+
|
|
6
|
+
* escape jti correctly ([#125](https://github.com/adobe/helix-config-storage/issues/125)) ([906c4ba](https://github.com/adobe/helix-config-storage/commit/906c4ba771cea525de5985b76a2556fc901a2206))
|
|
7
|
+
|
|
8
|
+
## [2.2.5](https://github.com/adobe/helix-config-storage/compare/v2.2.4...v2.2.5) (2025-05-12)
|
|
9
|
+
|
|
10
|
+
|
|
11
|
+
### Bug Fixes
|
|
12
|
+
|
|
13
|
+
* Add missing properties to the sidekick schema ([#122](https://github.com/adobe/helix-config-storage/issues/122)) ([2df49fa](https://github.com/adobe/helix-config-storage/commit/2df49fa110b7148a267e81a8c9e4318d86cb20b1))
|
|
14
|
+
|
|
1
15
|
## [2.2.4](https://github.com/adobe/helix-config-storage/compare/v2.2.3...v2.2.4) (2025-05-08)
|
|
2
16
|
|
|
3
17
|
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@adobe/helix-config-storage",
|
|
3
|
-
"version": "2.2.
|
|
3
|
+
"version": "2.2.6",
|
|
4
4
|
"description": "Helix Config Storage",
|
|
5
5
|
"main": "src/index.js",
|
|
6
6
|
"types": "src/index.d.ts",
|
|
@@ -46,7 +46,7 @@
|
|
|
46
46
|
"husky": "9.1.7",
|
|
47
47
|
"json-schema-to-typescript": "15.0.4",
|
|
48
48
|
"junit-report-builder": "5.1.1",
|
|
49
|
-
"lint-staged": "
|
|
49
|
+
"lint-staged": "16.0.0",
|
|
50
50
|
"mocha": "11.2.2",
|
|
51
51
|
"mocha-multi-reporters": "1.5.1",
|
|
52
52
|
"mocha-suppress-logs": "0.5.1",
|
package/src/config-store.js
CHANGED
|
@@ -13,14 +13,13 @@
|
|
|
13
13
|
import crypto from 'crypto';
|
|
14
14
|
import { decodeJwt } from 'jose';
|
|
15
15
|
import { HelixStorage } from '@adobe/helix-shared-storage';
|
|
16
|
-
import { sanitizeName } from '@adobe/helix-shared-string';
|
|
17
16
|
import { StatusCodeError } from './status-code-error.js';
|
|
18
17
|
import {
|
|
19
18
|
createToken, createUser,
|
|
20
19
|
migrateToken,
|
|
21
20
|
updateCodeSource,
|
|
22
21
|
updateContentSource,
|
|
23
|
-
deepGetOrCreate, deepPut, prune, createSecret, migrateSecret, isDeepEqual,
|
|
22
|
+
deepGetOrCreate, deepPut, prune, createSecret, migrateSecret, isDeepEqual, base64ToBase64Url,
|
|
24
23
|
} from './utils.js';
|
|
25
24
|
import { validate as validateSchema } from './config-validator.js';
|
|
26
25
|
import { getMergedConfig } from './config-merge.js';
|
|
@@ -607,7 +606,7 @@ export class ConfigStore {
|
|
|
607
606
|
throw new StatusCodeError(400, e.message);
|
|
608
607
|
}
|
|
609
608
|
}
|
|
610
|
-
frag.name =
|
|
609
|
+
frag.name = base64ToBase64Url(data.id);
|
|
611
610
|
frag.type = 'apiKey';
|
|
612
611
|
frag.relPath.push(frag.name);
|
|
613
612
|
}
|
|
@@ -618,7 +617,7 @@ export class ConfigStore {
|
|
|
618
617
|
const oldData = deepGetOrCreate(old, frag.relPath, true);
|
|
619
618
|
data.created = oldData.created || new Date().toISOString();
|
|
620
619
|
// ensure that the name is equal to the sanitized id
|
|
621
|
-
if (frag.name !==
|
|
620
|
+
if (frag.name !== base64ToBase64Url(data.id)) {
|
|
622
621
|
throw new StatusCodeError(400, 'apiKey id mismatch');
|
|
623
622
|
}
|
|
624
623
|
}
|
|
@@ -177,6 +177,10 @@
|
|
|
177
177
|
"/foo/**.json"
|
|
178
178
|
]
|
|
179
179
|
},
|
|
180
|
+
"title": {
|
|
181
|
+
"type": "string",
|
|
182
|
+
"description": "Title of the special view"
|
|
183
|
+
},
|
|
180
184
|
"viewer": {
|
|
181
185
|
"type": "string",
|
|
182
186
|
"description": "The URL of the special view. The resource path will be passed to it via 'path' parameter",
|
|
@@ -239,6 +243,13 @@
|
|
|
239
243
|
"items": {
|
|
240
244
|
"$ref": "#/definitions/sidekickSpecialView"
|
|
241
245
|
}
|
|
246
|
+
},
|
|
247
|
+
"trustedHosts": {
|
|
248
|
+
"type": "array",
|
|
249
|
+
"items": {
|
|
250
|
+
"type": "string"
|
|
251
|
+
},
|
|
252
|
+
"description": "Additional hosts that are trusted to use the sidekick authentication"
|
|
242
253
|
}
|
|
243
254
|
},
|
|
244
255
|
"additionalProperties": false
|
package/src/utils.js
CHANGED
|
@@ -194,6 +194,19 @@ export function createUser() {
|
|
|
194
194
|
};
|
|
195
195
|
}
|
|
196
196
|
|
|
197
|
+
/**
|
|
198
|
+
* converts a base64 to a base64url string.
|
|
199
|
+
*/
|
|
200
|
+
export function base64ToBase64Url(str) {
|
|
201
|
+
if (!str) {
|
|
202
|
+
return str;
|
|
203
|
+
}
|
|
204
|
+
return str
|
|
205
|
+
.replaceAll('+', '-')
|
|
206
|
+
.replaceAll('/', '_')
|
|
207
|
+
.replaceAll('=', '');
|
|
208
|
+
}
|
|
209
|
+
|
|
197
210
|
/**
|
|
198
211
|
* migrates an existing jwt token
|
|
199
212
|
* @param key
|
|
@@ -211,9 +224,7 @@ export async function migrateToken(key, jwt) {
|
|
|
211
224
|
if (!jti) {
|
|
212
225
|
throw new StatusCodeError(400, 'unable to migrate jwt: missing jti claim.');
|
|
213
226
|
}
|
|
214
|
-
const id = jti
|
|
215
|
-
.replaceAll('/', '_')
|
|
216
|
-
.replaceAll('+', '-');
|
|
227
|
+
const id = base64ToBase64Url(jti);
|
|
217
228
|
const hash = crypto
|
|
218
229
|
.createHmac('sha512', key)
|
|
219
230
|
.update(jwt, 'utf-8')
|