@adobe/helix-config 4.11.2 → 4.12.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +14 -0
- package/package.json +3 -3
- package/src/config-view.js +13 -11
package/CHANGELOG.md
CHANGED
|
@@ -1,3 +1,17 @@
|
|
|
1
|
+
## [4.12.1](https://github.com/adobe/helix-config/compare/v4.12.0...v4.12.1) (2025-01-21)
|
|
2
|
+
|
|
3
|
+
|
|
4
|
+
### Bug Fixes
|
|
5
|
+
|
|
6
|
+
* **deps:** update dependency @adobe/helix-shared-config to v11.0.15 ([#236](https://github.com/adobe/helix-config/issues/236)) ([92c5305](https://github.com/adobe/helix-config/commit/92c530559c34e881c53053de524886e90379c9da))
|
|
7
|
+
|
|
8
|
+
# [4.12.0](https://github.com/adobe/helix-config/compare/v4.11.2...v4.12.0) (2025-01-16)
|
|
9
|
+
|
|
10
|
+
|
|
11
|
+
### Features
|
|
12
|
+
|
|
13
|
+
* respect secretId for site config ([#233](https://github.com/adobe/helix-config/issues/233)) ([00e252c](https://github.com/adobe/helix-config/commit/00e252c25720676259d3d093862db692004e6ecc))
|
|
14
|
+
|
|
1
15
|
## [4.11.2](https://github.com/adobe/helix-config/compare/v4.11.1...v4.11.2) (2025-01-14)
|
|
2
16
|
|
|
3
17
|
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@adobe/helix-config",
|
|
3
|
-
"version": "4.
|
|
3
|
+
"version": "4.12.1",
|
|
4
4
|
"description": "Helix Config",
|
|
5
5
|
"main": "src/index.js",
|
|
6
6
|
"types": "src/index.d.ts",
|
|
@@ -43,7 +43,7 @@
|
|
|
43
43
|
"eslint": "8.57.1",
|
|
44
44
|
"husky": "9.1.7",
|
|
45
45
|
"junit-report-builder": "5.1.1",
|
|
46
|
-
"lint-staged": "15.
|
|
46
|
+
"lint-staged": "15.4.1",
|
|
47
47
|
"mocha": "11.0.1",
|
|
48
48
|
"mocha-multi-reporters": "1.5.1",
|
|
49
49
|
"mocha-suppress-logs": "0.5.1",
|
|
@@ -56,7 +56,7 @@
|
|
|
56
56
|
},
|
|
57
57
|
"dependencies": {
|
|
58
58
|
"@adobe/fetch": "4.1.11",
|
|
59
|
-
"@adobe/helix-shared-config": "11.0.
|
|
59
|
+
"@adobe/helix-shared-config": "11.0.15",
|
|
60
60
|
"@adobe/helix-shared-utils": "3.0.2"
|
|
61
61
|
}
|
|
62
62
|
}
|
package/src/config-view.js
CHANGED
|
@@ -162,31 +162,33 @@ function resolveSecret(object, idProp, dstProp, siteConfig, orgConfig) {
|
|
|
162
162
|
export async function getAccessConfig(ctx, config, orgConfig, partition, rso) {
|
|
163
163
|
const { access } = config;
|
|
164
164
|
const pAccess = access[partition] ?? {};
|
|
165
|
-
const
|
|
165
|
+
const secretId = toArray(
|
|
166
|
+
pAccess.apiKeyId ?? pAccess.secretId ?? access.site?.apiKeyId ?? access.site?.secretId,
|
|
167
|
+
);
|
|
166
168
|
const allow = toArray(pAccess.allow ?? access.site?.allow);
|
|
167
169
|
const cfg = {
|
|
168
|
-
|
|
170
|
+
secretId,
|
|
169
171
|
allow,
|
|
170
|
-
tokenHash:
|
|
172
|
+
tokenHash: secretId
|
|
171
173
|
// token ids are always stored in base64url format, but legacy apiKeyIds are not
|
|
172
174
|
.map((jti) => jti.replaceAll('/', '_').replaceAll('+', '-'))
|
|
173
175
|
.map((id) => lookupSecret(config, orgConfig, id, true))
|
|
174
176
|
.filter((hash) => !!hash),
|
|
175
177
|
};
|
|
176
|
-
// if an allow is defined but no
|
|
177
|
-
if (allow.length && !cfg.
|
|
178
|
-
cfg.
|
|
178
|
+
// if an allow is defined but no secretId, create a fake one so that auth is still enforced.
|
|
179
|
+
if (allow.length && !cfg.secretId.length) {
|
|
180
|
+
cfg.secretId.push('dummy');
|
|
179
181
|
}
|
|
180
182
|
|
|
181
|
-
// if an
|
|
182
|
-
if (cfg.
|
|
183
|
+
// if an secretId is defined but no tokenHash, create a fake one so that auth is still enforced.
|
|
184
|
+
if (cfg.secretId.length) {
|
|
183
185
|
// add global token hash if defined and needed
|
|
184
186
|
const globalTokenHash = await getGlobalTokenHash(ctx, rso);
|
|
185
187
|
if (cfg.tokenHash.length && globalTokenHash) {
|
|
186
188
|
// augment the list of hashes with the global one if exists
|
|
187
189
|
cfg.tokenHash.push(globalTokenHash);
|
|
188
190
|
} else if (!cfg.tokenHash.length) {
|
|
189
|
-
// add a dummy or global hash if no tokens match the
|
|
191
|
+
// add a dummy or global hash if no tokens match the secretIds.
|
|
190
192
|
if (!config.legacy || allow.length) {
|
|
191
193
|
// but only add for non-legacy sites or legacy with allows
|
|
192
194
|
cfg.tokenHash.push(globalTokenHash || 'n/a');
|
|
@@ -525,8 +527,8 @@ export async function getConfigResponse(ctx, opts) {
|
|
|
525
527
|
delete config.access?.preview?.tokenHash;
|
|
526
528
|
delete config.access?.live?.tokenHash;
|
|
527
529
|
} else {
|
|
528
|
-
delete config.access?.preview?.
|
|
529
|
-
delete config.access?.live?.
|
|
530
|
+
delete config.access?.preview?.secretId;
|
|
531
|
+
delete config.access?.live?.secretId;
|
|
530
532
|
delete config.access?.preview?.allow;
|
|
531
533
|
delete config.access?.live?.allow;
|
|
532
534
|
}
|