@axinom/mosaic-message-bus 0.32.0-rc.7 → 0.32.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/broker.js +5 -2
- package/dist/broker.js.map +1 -1
- package/dist/common/constants.d.ts +27 -0
- package/dist/common/constants.d.ts.map +1 -1
- package/dist/common/constants.js +28 -1
- package/dist/common/constants.js.map +1 -1
- package/dist/generated/key-service.d.ts +438 -0
- package/dist/generated/key-service.d.ts.map +1 -0
- package/dist/generated/key-service.js +162 -0
- package/dist/generated/key-service.js.map +1 -0
- package/dist/index.d.ts +1 -0
- package/dist/index.d.ts.map +1 -1
- package/dist/index.js +1 -0
- package/dist/index.js.map +1 -1
- package/dist/middleware/index.d.ts +1 -0
- package/dist/middleware/index.d.ts.map +1 -1
- package/dist/middleware/index.js +1 -0
- package/dist/middleware/index.js.map +1 -1
- package/dist/middleware/validate-signed-event-middleware.d.ts +36 -0
- package/dist/middleware/validate-signed-event-middleware.d.ts.map +1 -0
- package/dist/middleware/validate-signed-event-middleware.js +57 -0
- package/dist/middleware/validate-signed-event-middleware.js.map +1 -0
- package/dist/publication.d.ts.map +1 -1
- package/dist/publication.js +3 -2
- package/dist/publication.js.map +1 -1
- package/dist/rascal-config-builder.d.ts +9 -1
- package/dist/rascal-config-builder.d.ts.map +1 -1
- package/dist/rascal-config-builder.js +1 -0
- package/dist/rascal-config-builder.js.map +1 -1
- package/dist/signing/cache-public-signing-keys.d.ts +37 -0
- package/dist/signing/cache-public-signing-keys.d.ts.map +1 -0
- package/dist/signing/cache-public-signing-keys.js +81 -0
- package/dist/signing/cache-public-signing-keys.js.map +1 -0
- package/dist/signing/event-signing-errors.d.ts +30 -0
- package/dist/signing/event-signing-errors.d.ts.map +1 -0
- package/dist/signing/event-signing-errors.js +33 -0
- package/dist/signing/event-signing-errors.js.map +1 -0
- package/dist/signing/index.d.ts +4 -0
- package/dist/signing/index.d.ts.map +1 -0
- package/dist/signing/index.js +20 -0
- package/dist/signing/index.js.map +1 -0
- package/dist/signing/register-public-signing-key.d.ts +16 -0
- package/dist/signing/register-public-signing-key.d.ts.map +1 -0
- package/dist/signing/register-public-signing-key.js +44 -0
- package/dist/signing/register-public-signing-key.js.map +1 -0
- package/dist/signing/signing-cache.d.ts +25 -0
- package/dist/signing/signing-cache.d.ts.map +1 -0
- package/dist/signing/signing-cache.js +46 -0
- package/dist/signing/signing-cache.js.map +1 -0
- package/dist/types/index.d.ts +1 -1
- package/dist/types/index.d.ts.map +1 -1
- package/dist/types/index.js +1 -1
- package/dist/types/index.js.map +1 -1
- package/dist/types/signing.d.ts +30 -0
- package/dist/types/signing.d.ts.map +1 -0
- package/dist/types/{signing-details.js → signing.js} +1 -1
- package/dist/types/signing.js.map +1 -0
- package/package.json +16 -5
- package/src/common/constants.ts +32 -0
- package/src/generated/key-service.ts +459 -0
- package/src/index.ts +1 -0
- package/src/middleware/index.ts +1 -0
- package/src/middleware/validate-signed-event-middleware.spec.ts +679 -0
- package/src/middleware/validate-signed-event-middleware.ts +136 -0
- package/src/publication.ts +9 -5
- package/src/rascal-config-builder.spec.ts +1 -33
- package/src/rascal-config-builder.ts +11 -1
- package/src/signing/cache-public-signing-keys.graphql +10 -0
- package/src/signing/cache-public-signing-keys.ts +115 -0
- package/src/signing/event-signing-errors.ts +35 -0
- package/src/signing/index.ts +3 -0
- package/src/signing/register-public-signing-key.graphql +10 -0
- package/src/signing/register-public-signing-key.spec.ts +95 -0
- package/src/signing/register-public-signing-key.ts +59 -0
- package/src/signing/signing-cache.ts +49 -0
- package/src/tests/utils/create-builder.ts +34 -0
- package/src/tests/utils/index.ts +1 -0
- package/src/types/index.ts +1 -1
- package/src/types/signing.ts +50 -0
- package/dist/types/signing-details.d.ts +0 -3
- package/dist/types/signing-details.d.ts.map +0 -1
- package/dist/types/signing-details.js.map +0 -1
- package/src/types/signing-details.ts +0 -8
|
@@ -0,0 +1,162 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
var __importDefault = (this && this.__importDefault) || function (mod) {
|
|
3
|
+
return (mod && mod.__esModule) ? mod : { "default": mod };
|
|
4
|
+
};
|
|
5
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
6
|
+
exports.getSdk = exports.RegisterPublicSigningKeyDocument = exports.GetPublicSigningKeysDocument = exports.PublicKeysOrderBy = exports.ErrorCodesEnum = void 0;
|
|
7
|
+
const graphql_1 = require("graphql");
|
|
8
|
+
const graphql_tag_1 = __importDefault(require("graphql-tag"));
|
|
9
|
+
/** Exposes all error codes and messages for errors that a service requests can throw. In some cases, messages that are actually thrown can be different, since they can include more details or a single code can used for different errors of the same type. */
|
|
10
|
+
var ErrorCodesEnum;
|
|
11
|
+
(function (ErrorCodesEnum) {
|
|
12
|
+
/** Access Token has expired. */
|
|
13
|
+
ErrorCodesEnum["AccessTokenExpired"] = "ACCESS_TOKEN_EXPIRED";
|
|
14
|
+
/** Access Token is invalid */
|
|
15
|
+
ErrorCodesEnum["AccessTokenInvalid"] = "ACCESS_TOKEN_INVALID";
|
|
16
|
+
/** Access Token is not provided */
|
|
17
|
+
ErrorCodesEnum["AccessTokenRequired"] = "ACCESS_TOKEN_REQUIRED";
|
|
18
|
+
/** Access token verification failed */
|
|
19
|
+
ErrorCodesEnum["AccessTokenVerificationFailed"] = "ACCESS_TOKEN_VERIFICATION_FAILED";
|
|
20
|
+
/** Failed to register the public key, as it has the same version as the currently active key, but a different key value. Please try again with a version higher than %s. */
|
|
21
|
+
ErrorCodesEnum["ActiveKeyUpdateForbidden"] = "ACTIVE_KEY_UPDATE_FORBIDDEN";
|
|
22
|
+
/** Failed to register the public key, as it is a legacy key and the active key does not exist. Please try again with a version higher than %s. */
|
|
23
|
+
ErrorCodesEnum["ActivePublicKeyNotFound"] = "ACTIVE_PUBLIC_KEY_NOT_FOUND";
|
|
24
|
+
/** The assertion check for the identifier %s failed. */
|
|
25
|
+
ErrorCodesEnum["AssertionFailed"] = "ASSERTION_FAILED";
|
|
26
|
+
/** Auth config is invalid. */
|
|
27
|
+
ErrorCodesEnum["AuthConfigInvalid"] = "AUTH_CONFIG_INVALID";
|
|
28
|
+
/** Authenticated End User not found. */
|
|
29
|
+
ErrorCodesEnum["AuthenticatedEndUserNotFound"] = "AUTHENTICATED_END_USER_NOT_FOUND";
|
|
30
|
+
/** Authenticated Management Subject not found. */
|
|
31
|
+
ErrorCodesEnum["AuthenticatedManagementSubjectNotFound"] = "AUTHENTICATED_MANAGEMENT_SUBJECT_NOT_FOUND";
|
|
32
|
+
/** A Permission Definition or an EndUserAuthorizationConfig was not found to be passed into Postgraphile build options. This is a development time issue. */
|
|
33
|
+
ErrorCodesEnum["AuthorizationOptionsMisconfigured"] = "AUTHORIZATION_OPTIONS_MISCONFIGURED";
|
|
34
|
+
/** A database operation has failed because of a lock timeout. */
|
|
35
|
+
ErrorCodesEnum["DatabaseLockTimeoutError"] = "DATABASE_LOCK_TIMEOUT_ERROR";
|
|
36
|
+
/** An authorization database error has occurred. The user might not have enough permissions. */
|
|
37
|
+
ErrorCodesEnum["DatabasePermissionsCheckFailed"] = "DATABASE_PERMISSIONS_CHECK_FAILED";
|
|
38
|
+
/** An expected and handled database constraint error has occurred. The actual message will have more information. */
|
|
39
|
+
ErrorCodesEnum["DatabaseValidationFailed"] = "DATABASE_VALIDATION_FAILED";
|
|
40
|
+
/** This is a wrapper error for the original unhandled error of unsupported type. */
|
|
41
|
+
ErrorCodesEnum["ErrorWrapper"] = "ERROR_WRAPPER";
|
|
42
|
+
/** A GraphQL validation error has occurred. Please make sure that the GraphQL request is made with correct syntax or parameters. */
|
|
43
|
+
ErrorCodesEnum["GraphqlValidationFailed"] = "GRAPHQL_VALIDATION_FAILED";
|
|
44
|
+
/** The Identity service is not accessible. Please contact Axinom support. */
|
|
45
|
+
ErrorCodesEnum["IdentityServiceNotAccessible"] = "IDENTITY_SERVICE_NOT_ACCESSIBLE";
|
|
46
|
+
/** An unhandled and unexpected error has occurred. Please contact the service support. */
|
|
47
|
+
ErrorCodesEnum["InternalServerError"] = "INTERNAL_SERVER_ERROR";
|
|
48
|
+
/** Error occurred while trying to fetch signing keys from the JWKS endpoint for the Tenant/Environment/Application. */
|
|
49
|
+
ErrorCodesEnum["JwksError"] = "JWKS_ERROR";
|
|
50
|
+
/** Passed JWT is not a Mosaic End-User Token. Cannot be verified. */
|
|
51
|
+
ErrorCodesEnum["JwtIsNotMosaicToken"] = "JWT_IS_NOT_MOSAIC_TOKEN";
|
|
52
|
+
/** Malformed access token received */
|
|
53
|
+
ErrorCodesEnum["MalformedToken"] = "MALFORMED_TOKEN";
|
|
54
|
+
/** The token is not an Authenticated End-User */
|
|
55
|
+
ErrorCodesEnum["NotAuthenticatedEndUser"] = "NOT_AUTHENTICATED_END_USER";
|
|
56
|
+
/** The object is not a AuthenticatedManagementSubject */
|
|
57
|
+
ErrorCodesEnum["NotAuthenticatedManagementSubject"] = "NOT_AUTHENTICATED_MANAGEMENT_SUBJECT";
|
|
58
|
+
/** The object is not a AuthenticatedRequest */
|
|
59
|
+
ErrorCodesEnum["NotAuthenticatedRequest"] = "NOT_AUTHENTICATED_REQUEST";
|
|
60
|
+
/** The token is not an End-User Application */
|
|
61
|
+
ErrorCodesEnum["NotEndUserApplication"] = "NOT_END_USER_APPLICATION";
|
|
62
|
+
/** The object is not an EndUserAuthenticationContext */
|
|
63
|
+
ErrorCodesEnum["NotEndUserAuthenticationContext"] = "NOT_END_USER_AUTHENTICATION_CONTEXT";
|
|
64
|
+
/** The object is not a GenericAuthenticatedSubject */
|
|
65
|
+
ErrorCodesEnum["NotGenericAuthenticatedSubject"] = "NOT_GENERIC_AUTHENTICATED_SUBJECT";
|
|
66
|
+
/** The object is not a ManagementAuthenticationContext */
|
|
67
|
+
ErrorCodesEnum["NotManagementAuthenticationContext"] = "NOT_MANAGEMENT_AUTHENTICATION_CONTEXT";
|
|
68
|
+
/** The %s is missing required properties: %s. */
|
|
69
|
+
ErrorCodesEnum["ObjectIsMissingProperties"] = "OBJECT_IS_MISSING_PROPERTIES";
|
|
70
|
+
/** Failed to register the public key, as it is a key with an outdated version that was already deleted. Please try again with a version higher than %s. */
|
|
71
|
+
ErrorCodesEnum["OutdatedRegistrationFailed"] = "OUTDATED_REGISTRATION_FAILED";
|
|
72
|
+
/** Failed to register the public key. A Managed Service Account token is required. */
|
|
73
|
+
ErrorCodesEnum["RegisterKeyAuthorizationFailed"] = "REGISTER_KEY_AUTHORIZATION_FAILED";
|
|
74
|
+
/** Could not find a matching signing key to verify the access token. The signing key used to create the token may have been revoked or the Tenant/Environment/Application configuration is erroneous. */
|
|
75
|
+
ErrorCodesEnum["SigningKeyNotFound"] = "SIGNING_KEY_NOT_FOUND";
|
|
76
|
+
/** An application startup error has occurred. The actual message will have more information. */
|
|
77
|
+
ErrorCodesEnum["StartupError"] = "STARTUP_ERROR";
|
|
78
|
+
/** User is authenticated, but subject information was not found. Please contact Axinom Support. */
|
|
79
|
+
ErrorCodesEnum["SubjectNotFound"] = "SUBJECT_NOT_FOUND";
|
|
80
|
+
/** The subject has no permissions. */
|
|
81
|
+
ErrorCodesEnum["Unauthorized"] = "UNAUTHORIZED";
|
|
82
|
+
/** Unexpected null or undefined value received. */
|
|
83
|
+
ErrorCodesEnum["UnexpectedNullUndefined"] = "UNEXPECTED_NULL_UNDEFINED";
|
|
84
|
+
/** An unhandled database-related error has occurred. Please contact the service support. */
|
|
85
|
+
ErrorCodesEnum["UnhandledDatabaseError"] = "UNHANDLED_DATABASE_ERROR";
|
|
86
|
+
/** An unhandled error has occurred. Please contact the service support. */
|
|
87
|
+
ErrorCodesEnum["UnhandledError"] = "UNHANDLED_ERROR";
|
|
88
|
+
/** Attempt to create or update an element failed, as it would have resulted in a duplicate element. */
|
|
89
|
+
ErrorCodesEnum["UniqueConstraintError"] = "UNIQUE_CONSTRAINT_ERROR";
|
|
90
|
+
/** User is not authorized to access the operation. */
|
|
91
|
+
ErrorCodesEnum["UserNotAuthorized"] = "USER_NOT_AUTHORIZED";
|
|
92
|
+
/** The User service is not accessible. Please contact Axinom support. */
|
|
93
|
+
ErrorCodesEnum["UserServiceNotAccessible"] = "USER_SERVICE_NOT_ACCESSIBLE";
|
|
94
|
+
/** The %s is not an object. */
|
|
95
|
+
ErrorCodesEnum["ValueIsNotObject"] = "VALUE_IS_NOT_OBJECT";
|
|
96
|
+
/** Websocket not found in ExtendedGraphQLContext. This is a development time issue. A reference to the websocket must be included in Postgraphile build options. */
|
|
97
|
+
ErrorCodesEnum["WebsocketNotFound"] = "WEBSOCKET_NOT_FOUND";
|
|
98
|
+
})(ErrorCodesEnum = exports.ErrorCodesEnum || (exports.ErrorCodesEnum = {}));
|
|
99
|
+
/** Methods to use when ordering `PublicKey`. */
|
|
100
|
+
var PublicKeysOrderBy;
|
|
101
|
+
(function (PublicKeysOrderBy) {
|
|
102
|
+
PublicKeysOrderBy["CreatedDateAsc"] = "CREATED_DATE_ASC";
|
|
103
|
+
PublicKeysOrderBy["CreatedDateDesc"] = "CREATED_DATE_DESC";
|
|
104
|
+
PublicKeysOrderBy["CreatedUserAsc"] = "CREATED_USER_ASC";
|
|
105
|
+
PublicKeysOrderBy["CreatedUserDesc"] = "CREATED_USER_DESC";
|
|
106
|
+
PublicKeysOrderBy["IdAsc"] = "ID_ASC";
|
|
107
|
+
PublicKeysOrderBy["IdDesc"] = "ID_DESC";
|
|
108
|
+
PublicKeysOrderBy["IsActiveAsc"] = "IS_ACTIVE_ASC";
|
|
109
|
+
PublicKeysOrderBy["IsActiveDesc"] = "IS_ACTIVE_DESC";
|
|
110
|
+
PublicKeysOrderBy["KeyAsc"] = "KEY_ASC";
|
|
111
|
+
PublicKeysOrderBy["KeyDesc"] = "KEY_DESC";
|
|
112
|
+
PublicKeysOrderBy["Natural"] = "NATURAL";
|
|
113
|
+
PublicKeysOrderBy["PrimaryKeyAsc"] = "PRIMARY_KEY_ASC";
|
|
114
|
+
PublicKeysOrderBy["PrimaryKeyDesc"] = "PRIMARY_KEY_DESC";
|
|
115
|
+
PublicKeysOrderBy["ServiceIdAsc"] = "SERVICE_ID_ASC";
|
|
116
|
+
PublicKeysOrderBy["ServiceIdDesc"] = "SERVICE_ID_DESC";
|
|
117
|
+
PublicKeysOrderBy["UpdatedDateAsc"] = "UPDATED_DATE_ASC";
|
|
118
|
+
PublicKeysOrderBy["UpdatedDateDesc"] = "UPDATED_DATE_DESC";
|
|
119
|
+
PublicKeysOrderBy["UpdatedUserAsc"] = "UPDATED_USER_ASC";
|
|
120
|
+
PublicKeysOrderBy["UpdatedUserDesc"] = "UPDATED_USER_DESC";
|
|
121
|
+
PublicKeysOrderBy["VersionAsc"] = "VERSION_ASC";
|
|
122
|
+
PublicKeysOrderBy["VersionDesc"] = "VERSION_DESC";
|
|
123
|
+
})(PublicKeysOrderBy = exports.PublicKeysOrderBy || (exports.PublicKeysOrderBy = {}));
|
|
124
|
+
exports.GetPublicSigningKeysDocument = (0, graphql_tag_1.default) `
|
|
125
|
+
query GetPublicSigningKeys($filter: PublicKeyFilter!) {
|
|
126
|
+
publicKeys(filter: $filter) {
|
|
127
|
+
nodes {
|
|
128
|
+
serviceId
|
|
129
|
+
key
|
|
130
|
+
version
|
|
131
|
+
isActive
|
|
132
|
+
}
|
|
133
|
+
}
|
|
134
|
+
}
|
|
135
|
+
`;
|
|
136
|
+
exports.RegisterPublicSigningKeyDocument = (0, graphql_tag_1.default) `
|
|
137
|
+
mutation RegisterPublicSigningKey($input: RegisterPublicKeyInput!) {
|
|
138
|
+
registerPublicKey(input: $input) {
|
|
139
|
+
publicKey {
|
|
140
|
+
version
|
|
141
|
+
serviceId
|
|
142
|
+
key
|
|
143
|
+
isActive
|
|
144
|
+
}
|
|
145
|
+
}
|
|
146
|
+
}
|
|
147
|
+
`;
|
|
148
|
+
const defaultWrapper = (action, _operationName, _operationType) => action();
|
|
149
|
+
const GetPublicSigningKeysDocumentString = (0, graphql_1.print)(exports.GetPublicSigningKeysDocument);
|
|
150
|
+
const RegisterPublicSigningKeyDocumentString = (0, graphql_1.print)(exports.RegisterPublicSigningKeyDocument);
|
|
151
|
+
function getSdk(client, withWrapper = defaultWrapper) {
|
|
152
|
+
return {
|
|
153
|
+
GetPublicSigningKeys(variables, requestHeaders) {
|
|
154
|
+
return withWrapper((wrappedRequestHeaders) => client.rawRequest(GetPublicSigningKeysDocumentString, variables, Object.assign(Object.assign({}, requestHeaders), wrappedRequestHeaders)), 'GetPublicSigningKeys', 'query');
|
|
155
|
+
},
|
|
156
|
+
RegisterPublicSigningKey(variables, requestHeaders) {
|
|
157
|
+
return withWrapper((wrappedRequestHeaders) => client.rawRequest(RegisterPublicSigningKeyDocumentString, variables, Object.assign(Object.assign({}, requestHeaders), wrappedRequestHeaders)), 'RegisterPublicSigningKey', 'mutation');
|
|
158
|
+
}
|
|
159
|
+
};
|
|
160
|
+
}
|
|
161
|
+
exports.getSdk = getSdk;
|
|
162
|
+
//# sourceMappingURL=key-service.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"key-service.js","sourceRoot":"","sources":["../../src/generated/key-service.ts"],"names":[],"mappings":";;;;;;AAEA,qCAA+B;AAC/B,8DAA8B;AA8D9B,iQAAiQ;AACjQ,IAAY,cAuFX;AAvFD,WAAY,cAAc;IACxB,gCAAgC;IAChC,6DAA2C,CAAA;IAC3C,8BAA8B;IAC9B,6DAA2C,CAAA;IAC3C,mCAAmC;IACnC,+DAA6C,CAAA;IAC7C,uCAAuC;IACvC,oFAAkE,CAAA;IAClE,4KAA4K;IAC5K,0EAAwD,CAAA;IACxD,kJAAkJ;IAClJ,yEAAuD,CAAA;IACvD,wDAAwD;IACxD,sDAAoC,CAAA;IACpC,8BAA8B;IAC9B,2DAAyC,CAAA;IACzC,wCAAwC;IACxC,mFAAiE,CAAA;IACjE,kDAAkD;IAClD,uGAAqF,CAAA;IACrF,6JAA6J;IAC7J,2FAAyE,CAAA;IACzE,iEAAiE;IACjE,0EAAwD,CAAA;IACxD,gGAAgG;IAChG,sFAAoE,CAAA;IACpE,qHAAqH;IACrH,yEAAuD,CAAA;IACvD,oFAAoF;IACpF,gDAA8B,CAAA;IAC9B,oIAAoI;IACpI,uEAAqD,CAAA;IACrD,6EAA6E;IAC7E,kFAAgE,CAAA;IAChE,0FAA0F;IAC1F,+DAA6C,CAAA;IAC7C,uHAAuH;IACvH,0CAAwB,CAAA;IACxB,qEAAqE;IACrE,iEAA+C,CAAA;IAC/C,sCAAsC;IACtC,oDAAkC,CAAA;IAClC,iDAAiD;IACjD,wEAAsD,CAAA;IACtD,yDAAyD;IACzD,4FAA0E,CAAA;IAC1E,+CAA+C;IAC/C,uEAAqD,CAAA;IACrD,+CAA+C;IAC/C,oEAAkD,CAAA;IAClD,wDAAwD;IACxD,yFAAuE,CAAA;IACvE,sDAAsD;IACtD,sFAAoE,CAAA;IACpE,0DAA0D;IAC1D,8FAA4E,CAAA;IAC5E,iDAAiD;IACjD,4EAA0D,CAAA;IAC1D,2JAA2J;IAC3J,6EAA2D,CAAA;IAC3D,sFAAsF;IACtF,sFAAoE,CAAA;IACpE,yMAAyM;IACzM,8DAA4C,CAAA;IAC5C,gGAAgG;IAChG,gDAA8B,CAAA;IAC9B,mGAAmG;IACnG,uDAAqC,CAAA;IACrC,sCAAsC;IACtC,+CAA6B,CAAA;IAC7B,mDAAmD;IACnD,uEAAqD,CAAA;IACrD,4FAA4F;IAC5F,qEAAmD,CAAA;IACnD,2EAA2E;IAC3E,oDAAkC,CAAA;IAClC,uGAAuG;IACvG,mEAAiD,CAAA;IACjD,sDAAsD;IACtD,2DAAyC,CAAA;IACzC,yEAAyE;IACzE,0EAAwD,CAAA;IACxD,+BAA+B;IAC/B,0DAAwC,CAAA;IACxC,oKAAoK;IACpK,2DAAyC,CAAA;AAC3C,CAAC,EAvFW,cAAc,GAAd,sBAAc,KAAd,sBAAc,QAuFzB;AAgHD,gDAAgD;AAChD,IAAY,iBAsBX;AAtBD,WAAY,iBAAiB;IAC3B,wDAAmC,CAAA;IACnC,0DAAqC,CAAA;IACrC,wDAAmC,CAAA;IACnC,0DAAqC,CAAA;IACrC,qCAAgB,CAAA;IAChB,uCAAkB,CAAA;IAClB,kDAA6B,CAAA;IAC7B,oDAA+B,CAAA;IAC/B,uCAAkB,CAAA;IAClB,yCAAoB,CAAA;IACpB,wCAAmB,CAAA;IACnB,sDAAiC,CAAA;IACjC,wDAAmC,CAAA;IACnC,oDAA+B,CAAA;IAC/B,sDAAiC,CAAA;IACjC,wDAAmC,CAAA;IACnC,0DAAqC,CAAA;IACrC,wDAAmC,CAAA;IACnC,0DAAqC,CAAA;IACrC,+CAA0B,CAAA;IAC1B,iDAA4B,CAAA;AAC9B,CAAC,EAtBW,iBAAiB,GAAjB,yBAAiB,KAAjB,yBAAiB,QAsB5B;AAiIY,QAAA,4BAA4B,GAAG,IAAA,qBAAG,EAAA;;;;;;;;;;;KAW1C,CAAC;AACO,QAAA,gCAAgC,GAAG,IAAA,qBAAG,EAAA;;;;;;;;;;;KAW9C,CAAC;AAKN,MAAM,cAAc,GAAuB,CAAC,MAAM,EAAE,cAAc,EAAE,cAAc,EAAE,EAAE,CAAC,MAAM,EAAE,CAAC;AAChG,MAAM,kCAAkC,GAAG,IAAA,eAAK,EAAC,oCAA4B,CAAC,CAAC;AAC/E,MAAM,sCAAsC,GAAG,IAAA,eAAK,EAAC,wCAAgC,CAAC,CAAC;AACvF,SAAgB,MAAM,CAAC,MAAqB,EAAE,cAAkC,cAAc;IAC5F,OAAO;QACL,oBAAoB,CAAC,SAA6C,EAAE,cAA2C;YAC3G,OAAO,WAAW,CAAC,CAAC,qBAAqB,EAAE,EAAE,CAAC,MAAM,CAAC,UAAU,CAA4B,kCAAkC,EAAE,SAAS,kCAAM,cAAc,GAAK,qBAAqB,EAAE,EAAE,sBAAsB,EAAE,OAAO,CAAC,CAAC;QAC/N,CAAC;QACD,wBAAwB,CAAC,SAAoD,EAAE,cAA2C;YACtH,OAAO,WAAW,CAAC,CAAC,qBAAqB,EAAE,EAAE,CAAC,MAAM,CAAC,UAAU,CAAmC,sCAAsC,EAAE,SAAS,kCAAM,cAAc,GAAK,qBAAqB,EAAE,EAAE,0BAA0B,EAAE,UAAU,CAAC,CAAC;QACjP,CAAC;KACF,CAAC;AACJ,CAAC;AATD,wBASC"}
|
package/dist/index.d.ts
CHANGED
|
@@ -6,6 +6,7 @@ export * from './monitoring';
|
|
|
6
6
|
export * from './publication';
|
|
7
7
|
export * from './rascal-config-builder';
|
|
8
8
|
export * from './setup-messaging-broker';
|
|
9
|
+
export * from './signing';
|
|
9
10
|
export * from './subscription';
|
|
10
11
|
export * from './types';
|
|
11
12
|
//# sourceMappingURL=index.d.ts.map
|
package/dist/index.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,WAAW,IAAI,MAAM,EAAE,MAAM,UAAU,CAAC;AACjD,cAAc,UAAU,CAAC;AACzB,cAAc,mBAAmB,CAAC;AAClC,cAAc,cAAc,CAAC;AAC7B,cAAc,cAAc,CAAC;AAC7B,cAAc,eAAe,CAAC;AAC9B,cAAc,yBAAyB,CAAC;AACxC,cAAc,0BAA0B,CAAC;AACzC,cAAc,gBAAgB,CAAC;AAC/B,cAAc,SAAS,CAAC"}
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,WAAW,IAAI,MAAM,EAAE,MAAM,UAAU,CAAC;AACjD,cAAc,UAAU,CAAC;AACzB,cAAc,mBAAmB,CAAC;AAClC,cAAc,cAAc,CAAC;AAC7B,cAAc,cAAc,CAAC;AAC7B,cAAc,eAAe,CAAC;AAC9B,cAAc,yBAAyB,CAAC;AACxC,cAAc,0BAA0B,CAAC;AACzC,cAAc,WAAW,CAAC;AAC1B,cAAc,gBAAgB,CAAC;AAC/B,cAAc,SAAS,CAAC"}
|
package/dist/index.js
CHANGED
|
@@ -24,6 +24,7 @@ __exportStar(require("./monitoring"), exports);
|
|
|
24
24
|
__exportStar(require("./publication"), exports);
|
|
25
25
|
__exportStar(require("./rascal-config-builder"), exports);
|
|
26
26
|
__exportStar(require("./setup-messaging-broker"), exports);
|
|
27
|
+
__exportStar(require("./signing"), exports);
|
|
27
28
|
__exportStar(require("./subscription"), exports);
|
|
28
29
|
__exportStar(require("./types"), exports);
|
|
29
30
|
//# sourceMappingURL=index.js.map
|
package/dist/index.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;AAAA,mCAAiD;AAAxC,gGAAA,WAAW,OAAU;AAC9B,2CAAyB;AACzB,oDAAkC;AAClC,+CAA6B;AAC7B,+CAA6B;AAC7B,gDAA8B;AAC9B,0DAAwC;AACxC,2DAAyC;AACzC,iDAA+B;AAC/B,0CAAwB"}
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;AAAA,mCAAiD;AAAxC,gGAAA,WAAW,OAAU;AAC9B,2CAAyB;AACzB,oDAAkC;AAClC,+CAA6B;AAC7B,+CAA6B;AAC7B,gDAA8B;AAC9B,0DAAwC;AACxC,2DAAyC;AACzC,4CAA0B;AAC1B,iDAA+B;AAC/B,0CAAwB"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/middleware/index.ts"],"names":[],"mappings":"AAAA,cAAc,+BAA+B,CAAC;AAC9C,cAAc,2BAA2B,CAAC;AAC1C,cAAc,2BAA2B,CAAC"}
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/middleware/index.ts"],"names":[],"mappings":"AAAA,cAAc,+BAA+B,CAAC;AAC9C,cAAc,2BAA2B,CAAC;AAC1C,cAAc,2BAA2B,CAAC;AAC1C,cAAc,oCAAoC,CAAC"}
|
package/dist/middleware/index.js
CHANGED
|
@@ -17,4 +17,5 @@ Object.defineProperty(exports, "__esModule", { value: true });
|
|
|
17
17
|
__exportStar(require("./envelope-logging-middleware"), exports);
|
|
18
18
|
__exportStar(require("./random-delay-middleware"), exports);
|
|
19
19
|
__exportStar(require("./random-error-middleware"), exports);
|
|
20
|
+
__exportStar(require("./validate-signed-event-middleware"), exports);
|
|
20
21
|
//# sourceMappingURL=index.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/middleware/index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;AAAA,gEAA8C;AAC9C,4DAA0C;AAC1C,4DAA0C"}
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/middleware/index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;AAAA,gEAA8C;AAC9C,4DAA0C;AAC1C,4DAA0C;AAC1C,qEAAmD"}
|
|
@@ -0,0 +1,36 @@
|
|
|
1
|
+
import { RascalConfigBuilder } from '../rascal-config-builder';
|
|
2
|
+
import { GetEventSigningTokenFunc, OnMessageMiddleware, PublicSigningKey } from '../types';
|
|
3
|
+
/**
|
|
4
|
+
* Parameters object expected by the `validateSignedEventMiddleware`
|
|
5
|
+
*/
|
|
6
|
+
export interface ValidateSignedEventParams {
|
|
7
|
+
/**
|
|
8
|
+
* Used to determine which events the service is expecting to
|
|
9
|
+
* receive. Passing a list of all builders used by `setupMessagingBroker` is recommended.
|
|
10
|
+
*/
|
|
11
|
+
builders: RascalConfigBuilder[];
|
|
12
|
+
/**
|
|
13
|
+
* Base URL of Mosaic Key Service
|
|
14
|
+
*/
|
|
15
|
+
keyServiceBaseUrl: string;
|
|
16
|
+
/**
|
|
17
|
+
* Function to retrieve authorization token result to make a
|
|
18
|
+
* request to the Key Service
|
|
19
|
+
*/
|
|
20
|
+
getTokenCallback: GetEventSigningTokenFunc;
|
|
21
|
+
/**
|
|
22
|
+
* An optional array of trusted public keys that are not registered with the
|
|
23
|
+
* Key service. Could be used by customizable services if event signing is
|
|
24
|
+
* enabled for customizable services. If not specified - validation of events
|
|
25
|
+
* originating from customizable services will be skipped, assuming that event
|
|
26
|
+
* signing is not enabled for them. Alternatively, might useful for specifying
|
|
27
|
+
* services own key, if registration is delayed.
|
|
28
|
+
*/
|
|
29
|
+
extraTrustedPublicKeys?: PublicSigningKey[];
|
|
30
|
+
}
|
|
31
|
+
/**
|
|
32
|
+
* Messaging middleware to validate signed events, making sure they originated
|
|
33
|
+
* from a trustworthy source.
|
|
34
|
+
*/
|
|
35
|
+
export declare const validateSignedEventMiddleware: ({ builders, keyServiceBaseUrl, getTokenCallback, extraTrustedPublicKeys, }: ValidateSignedEventParams) => OnMessageMiddleware;
|
|
36
|
+
//# sourceMappingURL=validate-signed-event-middleware.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"validate-signed-event-middleware.d.ts","sourceRoot":"","sources":["../../src/middleware/validate-signed-event-middleware.ts"],"names":[],"mappings":"AAMA,OAAO,EAAE,mBAAmB,EAAE,MAAM,0BAA0B,CAAC;AAE/D,OAAO,EACL,wBAAwB,EAGxB,mBAAmB,EACnB,gBAAgB,EACjB,MAAM,UAAU,CAAC;AAElB;;GAEG;AACH,MAAM,WAAW,yBAAyB;IACxC;;;OAGG;IACH,QAAQ,EAAE,mBAAmB,EAAE,CAAC;IAChC;;OAEG;IACH,iBAAiB,EAAE,MAAM,CAAC;IAC1B;;;OAGG;IACH,gBAAgB,EAAE,wBAAwB,CAAC;IAC3C;;;;;;;OAOG;IACH,sBAAsB,CAAC,EAAE,gBAAgB,EAAE,CAAC;CAC7C;AAED;;;GAGG;AACH,eAAO,MAAM,6BAA6B,+EAKvC,yBAAyB,KAAG,mBAiF9B,CAAC"}
|
|
@@ -0,0 +1,57 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.validateSignedEventMiddleware = void 0;
|
|
4
|
+
const mosaic_service_common_1 = require("@axinom/mosaic-service-common");
|
|
5
|
+
const common_1 = require("../common");
|
|
6
|
+
const signing_1 = require("../signing");
|
|
7
|
+
/**
|
|
8
|
+
* Messaging middleware to validate signed events, making sure they originated
|
|
9
|
+
* from a trustworthy source.
|
|
10
|
+
*/
|
|
11
|
+
const validateSignedEventMiddleware = ({ builders, keyServiceBaseUrl, getTokenCallback, extraTrustedPublicKeys = [], }) => {
|
|
12
|
+
return async (envelope, message, ackOrNack, next) => {
|
|
13
|
+
var _a, _b, _c;
|
|
14
|
+
const eventBuilder = builders.find((b) => b.info.messageType === envelope.message_type);
|
|
15
|
+
if (!eventBuilder) {
|
|
16
|
+
throw new mosaic_service_common_1.MosaicError(signing_1.EventSigningErrors.UnexpectedMessageType);
|
|
17
|
+
}
|
|
18
|
+
if (eventBuilder.info.action !== 'event') {
|
|
19
|
+
// Commands do not require signature validation
|
|
20
|
+
await (next === null || next === void 0 ? void 0 : next(envelope, message, ackOrNack));
|
|
21
|
+
return;
|
|
22
|
+
}
|
|
23
|
+
const serviceId = (_a = eventBuilder.info.serviceId) !== null && _a !== void 0 ? _a : (_b = message.fields.routingKey) === null || _b === void 0 ? void 0 : _b.split('.')[0];
|
|
24
|
+
if (!serviceId) {
|
|
25
|
+
throw new mosaic_service_common_1.MosaicError(signing_1.EventSigningErrors.ServiceIdNotFound);
|
|
26
|
+
}
|
|
27
|
+
const customizableTrustedKeys = extraTrustedPublicKeys.filter((x) => !x.serviceId.startsWith('ax-'));
|
|
28
|
+
if (customizableTrustedKeys.length === 0 && !serviceId.startsWith('ax-')) {
|
|
29
|
+
// Event signing not enabled for customizable services, skipping
|
|
30
|
+
// validation of event from customizable service.
|
|
31
|
+
await (next === null || next === void 0 ? void 0 : next(envelope, message, ackOrNack));
|
|
32
|
+
return;
|
|
33
|
+
}
|
|
34
|
+
// Assuming that if at least one custom public key is set for customizable
|
|
35
|
+
// services - then all customizable services per environment should be using
|
|
36
|
+
// message signing
|
|
37
|
+
const signature = message.properties.headers[common_1.MOSAIC_SIGNING_SIGNATURE];
|
|
38
|
+
const version = message.properties.headers[common_1.MOSAIC_SIGNING_SIGNATURE_KEY_VERSION];
|
|
39
|
+
if (!signature || !version) {
|
|
40
|
+
throw new mosaic_service_common_1.MosaicError(Object.assign(Object.assign({}, signing_1.EventSigningErrors.SigningHeadersMissing), { details: { signature, version } }));
|
|
41
|
+
}
|
|
42
|
+
const publicKey = ((_c = extraTrustedPublicKeys.find((x) => x.serviceId === serviceId && x.version === version)) === null || _c === void 0 ? void 0 : _c.key) ||
|
|
43
|
+
(await (0, signing_1.getCachedPublicKey)(serviceId, version, builders, keyServiceBaseUrl, getTokenCallback));
|
|
44
|
+
const isValid = (0, mosaic_service_common_1.validateSignature)(message.unparsedEnvelope.toString(), signature, publicKey);
|
|
45
|
+
if (!isValid) {
|
|
46
|
+
throw new mosaic_service_common_1.MosaicError(Object.assign(Object.assign({}, signing_1.EventSigningErrors.SignatureValidationFailed), { details: {
|
|
47
|
+
serviceId,
|
|
48
|
+
version,
|
|
49
|
+
signature,
|
|
50
|
+
publicKey,
|
|
51
|
+
} }));
|
|
52
|
+
}
|
|
53
|
+
await (next === null || next === void 0 ? void 0 : next(envelope, message, ackOrNack));
|
|
54
|
+
};
|
|
55
|
+
};
|
|
56
|
+
exports.validateSignedEventMiddleware = validateSignedEventMiddleware;
|
|
57
|
+
//# sourceMappingURL=validate-signed-event-middleware.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"validate-signed-event-middleware.js","sourceRoot":"","sources":["../../src/middleware/validate-signed-event-middleware.ts"],"names":[],"mappings":";;;AAAA,yEAA+E;AAE/E,sCAGmB;AAEnB,wCAAoE;AAsCpE;;;GAGG;AACI,MAAM,6BAA6B,GAAG,CAAC,EAC5C,QAAQ,EACR,iBAAiB,EACjB,gBAAgB,EAChB,sBAAsB,GAAG,EAAE,GACD,EAAuB,EAAE;IACnD,OAAO,KAAK,EACV,QAAyB,EACzB,OAAoB,EACpB,SAAoB,EACpB,IAA0B,EACX,EAAE;;QACjB,MAAM,YAAY,GAAG,QAAQ,CAAC,IAAI,CAChC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,WAAW,KAAK,QAAQ,CAAC,YAAY,CACpD,CAAC;QACF,IAAI,CAAC,YAAY,EAAE;YACjB,MAAM,IAAI,mCAAW,CAAC,4BAAkB,CAAC,qBAAqB,CAAC,CAAC;SACjE;QAED,IAAI,YAAY,CAAC,IAAI,CAAC,MAAM,KAAK,OAAO,EAAE;YACxC,+CAA+C;YAC/C,MAAM,CAAA,IAAI,aAAJ,IAAI,uBAAJ,IAAI,CAAG,QAAQ,EAAE,OAAO,EAAE,SAAS,CAAC,CAAA,CAAC;YAC3C,OAAO;SACR;QAED,MAAM,SAAS,GACb,MAAA,YAAY,CAAC,IAAI,CAAC,SAAS,mCAAI,MAAA,OAAO,CAAC,MAAM,CAAC,UAAU,0CAAE,KAAK,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC;QAC1E,IAAI,CAAC,SAAS,EAAE;YACd,MAAM,IAAI,mCAAW,CAAC,4BAAkB,CAAC,iBAAiB,CAAC,CAAC;SAC7D;QAED,MAAM,uBAAuB,GAAG,sBAAsB,CAAC,MAAM,CAC3D,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC,UAAU,CAAC,KAAK,CAAC,CACtC,CAAC;QACF,IAAI,uBAAuB,CAAC,MAAM,KAAK,CAAC,IAAI,CAAC,SAAS,CAAC,UAAU,CAAC,KAAK,CAAC,EAAE;YACxE,gEAAgE;YAChE,iDAAiD;YACjD,MAAM,CAAA,IAAI,aAAJ,IAAI,uBAAJ,IAAI,CAAG,QAAQ,EAAE,OAAO,EAAE,SAAS,CAAC,CAAA,CAAC;YAC3C,OAAO;SACR;QAED,0EAA0E;QAC1E,4EAA4E;QAC5E,kBAAkB;QAElB,MAAM,SAAS,GAAG,OAAO,CAAC,UAAU,CAAC,OAAO,CAAC,iCAAwB,CAAC,CAAC;QACvE,MAAM,OAAO,GACX,OAAO,CAAC,UAAU,CAAC,OAAO,CAAC,6CAAoC,CAAC,CAAC;QACnE,IAAI,CAAC,SAAS,IAAI,CAAC,OAAO,EAAE;YAC1B,MAAM,IAAI,mCAAW,iCAChB,4BAAkB,CAAC,qBAAqB,KAC3C,OAAO,EAAE,EAAE,SAAS,EAAE,OAAO,EAAE,IAC/B,CAAC;SACJ;QAED,MAAM,SAAS,GACb,CAAA,MAAA,sBAAsB,CAAC,IAAI,CACzB,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,SAAS,KAAK,SAAS,IAAI,CAAC,CAAC,OAAO,KAAK,OAAO,CAC1D,0CAAE,GAAG;YACN,CAAC,MAAM,IAAA,4BAAkB,EACvB,SAAS,EACT,OAAO,EACP,QAAQ,EACR,iBAAiB,EACjB,gBAAgB,CACjB,CAAC,CAAC;QAEL,MAAM,OAAO,GAAG,IAAA,yCAAiB,EAC/B,OAAO,CAAC,gBAAgB,CAAC,QAAQ,EAAE,EACnC,SAAS,EACT,SAAS,CACV,CAAC;QACF,IAAI,CAAC,OAAO,EAAE;YACZ,MAAM,IAAI,mCAAW,iCAChB,4BAAkB,CAAC,yBAAyB,KAC/C,OAAO,EAAE;oBACP,SAAS;oBACT,OAAO;oBACP,SAAS;oBACT,SAAS;iBACV,IACD,CAAC;SACJ;QAED,MAAM,CAAA,IAAI,aAAJ,IAAI,uBAAJ,IAAI,CAAG,QAAQ,EAAE,OAAO,EAAE,SAAS,CAAC,CAAA,CAAC;IAC7C,CAAC,CAAC;AACJ,CAAC,CAAC;AAtFW,QAAA,6BAA6B,iCAsFxC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"publication.d.ts","sourceRoot":"","sources":["../src/publication.ts"],"names":[],"mappings":"AAAA,OAAO,EAEL,MAAM,EAEP,MAAM,+BAA+B,CAAC;AAEvC,OAAO,EAAE,gBAAgB,EAAE,kBAAkB,EAAE,MAAM,QAAQ,CAAC;AAE9D,OAAO,
|
|
1
|
+
{"version":3,"file":"publication.d.ts","sourceRoot":"","sources":["../src/publication.ts"],"names":[],"mappings":"AAAA,OAAO,EAEL,MAAM,EAEP,MAAM,+BAA+B,CAAC;AAEvC,OAAO,EAAE,gBAAgB,EAAE,kBAAkB,EAAE,MAAM,QAAQ,CAAC;AAE9D,OAAO,EACL,oBAAoB,EAGrB,MAAM,UAAU,CAAC;AAClB,OAAO,EAEL,wBAAwB,EACxB,wBAAwB,EACxB,cAAc,EACf,MAAM,SAAS,CAAC;AAEjB;;GAEG;AACH,MAAM,CAAC,OAAO,OAAO,WAAW;IAK5B,OAAO,CAAC,QAAQ,CAAC,MAAM;IACvB,OAAO,CAAC,QAAQ,CAAC,MAAM;IALzB,OAAO,CAAC,QAAQ,CAAC,WAAW,CAAS;IACrC,OAAO,CAAC,QAAQ,CAAC,aAAa,CAAS;gBAErC,EAAE,aAAa,EAAE,WAAW,EAAE,EAAE,oBAAoB,EACnC,MAAM,EAAE,gBAAgB,EACxB,MAAM,EAAE,MAAM;IAMjC;;;;;;OAMG;IACU,OAAO,CAClB,WAAW,EAAE,MAAM,EACnB,OAAO,EAAE,OAAO,EAChB,iBAAiB,GAAE,wBAA6B,EAChD,OAAO,GAAE,wBAA6B,EACtC,YAAY,CAAC,EAAE,cAAc,GAC5B,OAAO,CAAC,kBAAkB,CAAC;IAkC9B,OAAO,CAAC,cAAc;IA8BtB,OAAO,CAAC,cAAc;IAmBtB,OAAO,CAAC,mBAAmB;IAOd,SAAS,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAQ3C,OAAO,CAAC,KAAK,EAAE,KAAK,EAAE,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAQvD,QAAQ,CAAC,OAAO,EAAE;QAC7B,UAAU,CAAC,EAAE;YAAE,SAAS,CAAC,EAAE,MAAM,CAAA;SAAE,CAAC;QACpC,MAAM,CAAC,EAAE;YACP,SAAS,CAAC,EAAE,MAAM,CAAC;YACnB,SAAS,CAAC,EAAE,MAAM,CAAC;YACnB,QAAQ,CAAC,EAAE,MAAM,CAAC;YAClB,UAAU,CAAC,EAAE,MAAM,CAAC;SACrB,CAAC;KACH,GAAG,OAAO,CAAC,IAAI,CAAC;IAyBJ,QAAQ,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;CAOxD"}
|
package/dist/publication.js
CHANGED
|
@@ -3,6 +3,7 @@ Object.defineProperty(exports, "__esModule", { value: true });
|
|
|
3
3
|
const mosaic_service_common_1 = require("@axinom/mosaic-service-common");
|
|
4
4
|
const ramda_1 = require("ramda");
|
|
5
5
|
const uuid_1 = require("uuid");
|
|
6
|
+
const common_1 = require("./common");
|
|
6
7
|
/**
|
|
7
8
|
* Handles publication of messages, including the generation of the message envelope object.
|
|
8
9
|
*/
|
|
@@ -41,8 +42,8 @@ class Publication {
|
|
|
41
42
|
const { signature, stringifiedValue } = (0, mosaic_service_common_1.generateSignature)(envelope, eventSigning.rmqEventSigningPrivateKey);
|
|
42
43
|
return {
|
|
43
44
|
headers: {
|
|
44
|
-
[
|
|
45
|
-
[
|
|
45
|
+
[common_1.MOSAIC_SIGNING_SIGNATURE]: signature,
|
|
46
|
+
[common_1.MOSAIC_SIGNING_SIGNATURE_KEY_VERSION]: eventSigning.rmqEventSigningKeyVersion,
|
|
46
47
|
},
|
|
47
48
|
body: stringifiedValue,
|
|
48
49
|
};
|
package/dist/publication.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"publication.js","sourceRoot":"","sources":["../src/publication.ts"],"names":[],"mappings":";;AAAA,yEAIuC;AACvC,iCAAuC;AAEvC,+BAAkC;
|
|
1
|
+
{"version":3,"file":"publication.js","sourceRoot":"","sources":["../src/publication.ts"],"names":[],"mappings":";;AAAA,yEAIuC;AACvC,iCAAuC;AAEvC,+BAAkC;AAClC,qCAIkB;AAQlB;;GAEG;AACH,MAAqB,WAAW;IAG9B,YACE,EAAE,aAAa,EAAE,WAAW,EAAwB,EACnC,MAAwB,EACxB,MAAc;QADd,WAAM,GAAN,MAAM,CAAkB;QACxB,WAAM,GAAN,MAAM,CAAQ;QAE/B,IAAI,CAAC,aAAa,GAAG,aAAa,CAAC;QACnC,IAAI,CAAC,WAAW,GAAG,WAAW,CAAC;IACjC,CAAC;IAED;;;;;;OAMG;IACI,KAAK,CAAC,OAAO,CAClB,WAAmB,EACnB,OAAgB,EAChB,oBAA8C,EAAE,EAChD,UAAoC,EAAE,EACtC,YAA6B;QAE7B,MAAM,SAAS,GAAG,IAAA,SAAI,GAAE,CAAC;QACzB,MAAM,QAAQ,GAAG,IAAI,CAAC,cAAc,CAClC,SAAS,EACT,WAAW,EACX,OAAO,EACP,iBAAiB,CAClB,CAAC;QAEF,MAAM,EAAE,IAAI,EAAE,OAAO,EAAE,GAAG,IAAI,CAAC,cAAc,CAAC,QAAQ,EAAE,YAAY,CAAC,CAAC;QACtE,MAAM,SAAS,GAAG,IAAA,sBAAc,EAAC,OAAO,EAAE;YACxC,OAAO,EAAE,EAAE,SAAS,EAAE,OAAO,EAAE,WAAW,EAAE,kBAAkB,EAAE;SACjE,CAAC,CAAC;QAEH,kGAAkG;QAClG,IACE,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,IAAI,CAAC,CAAC,WAAW,EAAE,EAAE,WAC9B,OAAA,MAAA,SAAS,CAAC,UAAU,0CAAE,QAAQ,CAAC,WAAW,CAAC,CAAA,EAAA,CAC5C,EACD;YACA,MAAM,IAAI,KAAK,CACb,oBAAoB,SAAS,CAAC,UAAU,sBAAsB,IAAI,CAAC,WAAW,+FAA+F,CAC9K,CAAC;SACH;QAED,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,OAAO,CACvC,IAAI,CAAC,WAAW,EAChB,IAAI,EACJ,SAAS,CACV,CAAC;QACF,IAAI,CAAC,mBAAmB,CAAC,OAAO,CAAC,CAAC;QAClC,OAAO,OAAO,CAAC;IACjB,CAAC;IAEO,cAAc,CACpB,QAAkC,EAClC,YAAwC;QAQxC,IACE,CAAA,YAAY,aAAZ,YAAY,uBAAZ,YAAY,CAAE,yBAAyB;aACvC,YAAY,aAAZ,YAAY,uBAAZ,YAAY,CAAE,yBAAyB,CAAA,EACvC;YACA,MAAM,EAAE,SAAS,EAAE,gBAAgB,EAAE,GAAG,IAAA,yCAAiB,EACvD,QAAQ,EACR,YAAY,CAAC,yBAAyB,CACvC,CAAC;YACF,OAAO;gBACL,OAAO,EAAE;oBACP,CAAC,iCAAwB,CAAC,EAAE,SAAS;oBACrC,CAAC,6CAAoC,CAAC,EACpC,YAAY,CAAC,yBAAyB;iBACzC;gBACD,IAAI,EAAE,gBAAgB;aACvB,CAAC;SACH;QACD,OAAO,EAAE,IAAI,EAAE,QAAQ,EAAE,CAAC;IAC5B,CAAC;IAEO,cAAc,CACpB,SAAiB,EACjB,WAAmB,EACnB,OAAgB,EAChB,SAAmC;QAEnC,OAAO;YACL,OAAO;YACP,eAAe,EAAE,SAAS,CAAC,eAAe;YAC1C,UAAU,EAAE,SAAS;YACrB,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;YACnC,YAAY,EAAE,IAAI,CAAC,WAAW;YAC9B,YAAY,EAAE,WAAW;YACzB,cAAc,EAAE,IAAI,CAAC,aAAa;YAClC,eAAe,EAAE,KAAK;YACtB,UAAU,EAAE,SAAS,CAAC,UAAU,EAAE,sJAAsJ;SACzL,CAAC;IACJ,CAAC;IAEO,mBAAmB,CAAC,OAA2B;QACrD,OAAO,CAAC,EAAE,CAAC,SAAS,EAAE,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC;QACjD,OAAO,CAAC,EAAE,CAAC,OAAO,EAAE,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC;QAC7C,OAAO,CAAC,EAAE,CAAC,QAAQ,EAAE,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC;QAC/C,OAAO,CAAC,EAAE,CAAC,QAAqB,EAAE,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,gEAAgE;IAC/H,CAAC;IAEM,KAAK,CAAC,SAAS,CAAC,SAAiB;QACtC,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC;YAChB,OAAO,EAAE,GAAG,IAAI,CAAC,WAAW,0BAA0B;YACtD,OAAO,EAAE,oCAAoC,SAAS,EAAE;YACxD,OAAO,EAAE,EAAE,SAAS,EAAE;SACvB,CAAC,CAAC;IACL,CAAC;IAEM,KAAK,CAAC,OAAO,CAAC,KAAY,EAAE,SAAiB;QAClD,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,KAAK,EAAE;YACvB,OAAO,EAAE,GAAG,IAAI,CAAC,WAAW,wBAAwB;YACpD,OAAO,EAAE,gCAAgC,SAAS,EAAE;YACpD,OAAO,EAAE,EAAE,SAAS,EAAE;SACvB,CAAC,CAAC;IACL,CAAC;IAEM,KAAK,CAAC,QAAQ,CAAC,OAQrB;;QACC,MAAM,SAAS,GAAG,MAAA,MAAA,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,UAAU,0CAAE,SAAS,mCAAI,oBAAoB,CAAC;QACzE,MAAM,UAAU,GAAe;YAC7B,OAAO,EAAE,GAAG,IAAI,CAAC,WAAW,yBAAyB;YACrD,OAAO,EAAE,6BAA6B,SAAS,oCAAoC;YACnF,OAAO,EAAE;gBACP,SAAS;gBACT,MAAM,EAAE,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,MAAM;gBACvB,IAAI,EAAE;;;+FAGiF;aACxF;SACF,CAAC;QACF,IACE,CAAA,MAAA,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,MAAM,0CAAE,QAAQ,MAAK,SAAS;YACvC,CAAC,MAAA,MAAA,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,MAAM,0CAAE,UAAU,mCAAI,EAAE,CAAC,CAAC,QAAQ,CAAC,OAAO,CAAC,EACrD;YACA,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,UAAU,CAAC,CAAC;SAC/B;aAAM;YACL,+DAA+D;YAC/D,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,UAAU,CAAC,CAAC;SAC/B;IACH,CAAC;IAEM,KAAK,CAAC,QAAQ,CAAC,SAAiB;QACrC,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC;YAChB,OAAO,EAAE,GAAG,IAAI,CAAC,WAAW,yBAAyB;YACrD,OAAO,EAAE,iCAAiC,SAAS,EAAE;YACrD,OAAO,EAAE,EAAE,SAAS,EAAE;SACvB,CAAC,CAAC;IACL,CAAC;CACF;AA3KD,8BA2KC"}
|
|
@@ -8,11 +8,19 @@ import { MessagingConfig } from './types';
|
|
|
8
8
|
* Multiple builders are used by `setupMessagingBroker` middleware to generate a complete rascal messaging configuration object.
|
|
9
9
|
*/
|
|
10
10
|
export declare class RascalConfigBuilder {
|
|
11
|
-
|
|
11
|
+
readonly info: MessagingSettings;
|
|
12
12
|
protected readonly config: MessagingConfig;
|
|
13
13
|
private transformers;
|
|
14
14
|
protected currentServiceId: string;
|
|
15
15
|
protected destinationServiceId: string;
|
|
16
|
+
/**
|
|
17
|
+
* Service ID of an event to which the service subscripbes to.
|
|
18
|
+
* Used by the `cachePublicSigningKeys` to request only relevant public keys
|
|
19
|
+
* from the Key Service.
|
|
20
|
+
*
|
|
21
|
+
* Only set if `subscribeForEvent` is called on the builder.
|
|
22
|
+
*/
|
|
23
|
+
subscribedEventServiceId: string | undefined;
|
|
16
24
|
/**
|
|
17
25
|
* @param info an info object that contains general information about message type
|
|
18
26
|
* @param config general RabbitMQ configuration object
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"rascal-config-builder.d.ts","sourceRoot":"","sources":["../src/rascal-config-builder.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,iBAAiB,EAAE,MAAM,yCAAyC,CAAC;AAC5E,OAAO,EAEL,YAAY,EAGb,MAAM,QAAQ,CAAC;AAChB,OAAO,EAAE,WAAW,EAAE,MAAM,UAAU,CAAC;AACvC,OAAO,EAAE,cAAc,EAAE,MAAM,mBAAmB,CAAC;AACnD,OAAO,EAA4B,eAAe,EAAE,MAAM,SAAS,CAAC;AAsBpE;;;GAGG;AACH,qBAAa,mBAAmB;
|
|
1
|
+
{"version":3,"file":"rascal-config-builder.d.ts","sourceRoot":"","sources":["../src/rascal-config-builder.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,iBAAiB,EAAE,MAAM,yCAAyC,CAAC;AAC5E,OAAO,EAEL,YAAY,EAGb,MAAM,QAAQ,CAAC;AAChB,OAAO,EAAE,WAAW,EAAE,MAAM,UAAU,CAAC;AACvC,OAAO,EAAE,cAAc,EAAE,MAAM,mBAAmB,CAAC;AACnD,OAAO,EAA4B,eAAe,EAAE,MAAM,SAAS,CAAC;AAsBpE;;;GAGG;AACH,qBAAa,mBAAmB;aAmBZ,IAAI,EAAE,iBAAiB;IACvC,SAAS,CAAC,QAAQ,CAAC,MAAM,EAAE,eAAe;IAnB5C,OAAO,CAAC,YAAY,CAAyB;IAC7C,SAAS,CAAC,gBAAgB,EAAE,MAAM,CAAC;IACnC,SAAS,CAAC,oBAAoB,EAAE,MAAM,CAAC;IAEvC;;;;;;OAMG;IACI,wBAAwB,EAAE,MAAM,GAAG,SAAS,CAAC;IAEpD;;;OAGG;gBAEe,IAAI,EAAE,iBAAiB,EACpB,MAAM,EAAE,eAAe;IAM5C;;;OAGG;IACI,mBAAmB,CAAC,EAAE,CAAC,MAAM,EAAE,WAAW,KAAK,cAAc,CAAC,OAAO,CAAC,CAAC;IAE9E;;;OAGG;IACI,WAAW,CAAC,GAAG,EAAE,YAAY,GAAG,YAAY;IAOnD;;OAEG;IACI,WAAW,IAAI,mBAAmB;IAUzC;;OAEG;IACI,YAAY,IAAI,mBAAmB;IAK1C;;;;OAIG;IACI,mBAAmB,CAAC,QAAQ,EACjC,mBAAmB,EAAE,CAAC,MAAM,EAAE,WAAW,KAAK,cAAc,CAAC,QAAQ,CAAC,GACrE,mBAAmB;IAItB;;;;OAIG;IACI,iBAAiB,CAAC,QAAQ,EAC/B,mBAAmB,EAAE,CAAC,MAAM,EAAE,WAAW,KAAK,cAAc,CAAC,QAAQ,CAAC,GACrE,mBAAmB;IAKtB,OAAO,CAAC,mBAAmB;IAkB3B,OAAO,CAAC,sBAAsB;IAW9B,OAAO,CAAC,iBAAiB,CA4BvB;IAEF;;;OAGG;WACW,mBAAmB,CAAC,SAAS,EAAE,MAAM,GAAG,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC;IAQ5E,OAAO,CAAC,QAAQ;IAiBhB,OAAO,CAAC,eAAe;IAkBvB,OAAO,CAAC,eAAe;IAwBvB,OAAO,CAAC,qBAAqB;IAoB7B,OAAO,CAAC,kBAAkB;IA2B1B,SAAS,CAAC,qBAAqB,IAAI,MAAM;IAIzC,SAAS,CAAC,uBAAuB,IAAI,MAAM;IAI3C,SAAS,CAAC,kBAAkB,IAAI,MAAM;CAGvC"}
|
|
@@ -77,6 +77,7 @@ class RascalConfigBuilder {
|
|
|
77
77
|
* @param buildMessageHandler Function that creates a MessageHandler instance using an instantiated broker. MessageHandler instance is used to create a rascal subscription, which will be calling the handlers `onMessage` method when receiving a message.
|
|
78
78
|
*/
|
|
79
79
|
subscribeForEvent(buildMessageHandler) {
|
|
80
|
+
this.subscribedEventServiceId = this.info.serviceId;
|
|
80
81
|
return this.subscribeForMessage('event', buildMessageHandler);
|
|
81
82
|
}
|
|
82
83
|
subscribeForMessage(type, buildMessageHandler) {
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"rascal-config-builder.js","sourceRoot":"","sources":["../src/rascal-config-builder.ts"],"names":[],"mappings":";;;AA+BA;;;GAGG;AACH,MAAa,mBAAmB;
|
|
1
|
+
{"version":3,"file":"rascal-config-builder.js","sourceRoot":"","sources":["../src/rascal-config-builder.ts"],"names":[],"mappings":";;;AA+BA;;;GAGG;AACH,MAAa,mBAAmB;IAc9B;;;OAGG;IACH,YACkB,IAAuB,EACpB,MAAuB;;QAD1B,SAAI,GAAJ,IAAI,CAAmB;QACpB,WAAM,GAAN,MAAM,CAAiB;QAnBpC,iBAAY,GAAsB,EAAE,CAAC;QAmHrC,sBAAiB,GAAG,CAAC,GAAiB,EAAuB,EAAE;;YACrE,GAAG,GAAG,GAAG,aAAH,GAAG,cAAH,GAAG,GAAI,EAAE,CAAC;YAChB,GAAG,CAAC,MAAM,GAAG,MAAA,GAAG,CAAC,MAAM,mCAAI,EAAE,CAAC;YAC9B,MAAM,KAAK,GAAG,MAAA,GAAG,CAAC,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,mCAAI,EAAE,CAAC;YAErD,IAAI,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,QAAQ,CAAC,EAAE;gBACjC,MAAM,IAAI,KAAK,CACb,0FAA0F,CAC3F,CAAC;aACH;YAED,IAAI,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,MAAM,CAAC,EAAE;gBAC/B,MAAM,IAAI,KAAK,CACb,wFAAwF,CACzF,CAAC;aACH;YAED,MAAM,aAAa,mCACd,KAAK,KACR,QAAQ,EAAE,MAAA,KAAK,CAAC,QAAQ,mCAAI,EAAE,EAC9B,YAAY,EAAE,MAAA,KAAK,CAAC,YAAY,mCAAI,EAAE,EACtC,MAAM,EAAE,MAAA,KAAK,CAAC,MAAM,mCAAI,EAAE,EAC1B,aAAa,EAAE,MAAA,KAAK,CAAC,aAAa,mCAAI,EAAE,GACzC,CAAC;YAEF,uGAAuG;YACvG,GAAG,CAAC,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,GAAG,aAAa,CAAC;YACjD,OAAO,aAAa,CAAC;QACvB,CAAC,CAAC;QA1HA,IAAI,CAAC,gBAAgB,GAAG,IAAI,CAAC,MAAM,CAAC,SAAS,CAAC;QAC9C,IAAI,CAAC,oBAAoB,GAAG,MAAA,IAAI,CAAC,IAAI,CAAC,SAAS,mCAAI,IAAI,CAAC,MAAM,CAAC,SAAS,CAAC;IAC3E,CAAC;IAQD;;;OAGG;IACI,WAAW,CAAC,GAAiB;QAClC,KAAK,MAAM,SAAS,IAAI,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,YAAY,CAAC,EAAE;YACxD,SAAS,CAAC,GAAG,CAAC,CAAC;SAChB;QACD,OAAO,GAAG,CAAC;IACb,CAAC;IAED;;OAEG;IACI,WAAW;QAChB,4EAA4E;QAC5E,oFAAoF;QACpF,MAAM,SAAS,GAAG,IAAI,CAAC,uBAAuB,EAAE,CAAC;QACjD,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,oBAAoB,EAAE,SAAS,CAAC,CAAC;QACpD,IAAI,CAAC,eAAe,CAAC,SAAS,CAAC,CAAC;QAChC,IAAI,CAAC,qBAAqB,CAAC,SAAS,CAAC,CAAC;QACtC,OAAO,IAAI,CAAC;IACd,CAAC;IAED;;OAEG;IACI,YAAY;QACjB,IAAI,CAAC,qBAAqB,CAAC,OAAO,CAAC,CAAC;QACpC,OAAO,IAAI,CAAC;IACd,CAAC;IAED;;;;OAIG;IACI,mBAAmB,CACxB,mBAAsE;QAEtE,OAAO,IAAI,CAAC,mBAAmB,CAAC,SAAS,EAAE,mBAAmB,CAAC,CAAC;IAClE,CAAC;IAED;;;;OAIG;IACI,iBAAiB,CACtB,mBAAsE;QAEtE,IAAI,CAAC,wBAAwB,GAAG,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC;QACpD,OAAO,IAAI,CAAC,mBAAmB,CAAC,OAAO,EAAE,mBAAmB,CAAC,CAAC;IAChE,CAAC;IAEO,mBAAmB,CACzB,IAAiB,EACjB,mBAAsE;QAEtE,IAAI,CAAC,sBAAsB,CAAC,mBAAmB,CAAC,CAAC;QAEjD,sFAAsF;QACtF,kFAAkF;QAClF,MAAM,UAAU,GAAG,GAAG,IAAI,CAAC,oBAAoB,IAAI,IAAI,CAAC,IAAI,CAAC,UAAU,EAAE,CAAC;QAC1E,MAAM,SAAS,GAAG,IAAI,CAAC,qBAAqB,EAAE,CAAC;QAE/C,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,gBAAgB,EAAE,SAAS,CAAC,CAAC;QAChD,IAAI,CAAC,eAAe,CAAC,SAAS,CAAC,CAAC;QAChC,IAAI,CAAC,eAAe,CAAC,SAAS,CAAC,CAAC;QAChC,IAAI,CAAC,kBAAkB,CAAC,IAAI,EAAE,SAAS,EAAE,UAAU,CAAC,CAAC;QACrD,OAAO,IAAI,CAAC;IACd,CAAC;IAEO,sBAAsB,CAC5B,mBAAsE;QAEtE,IAAI,IAAI,CAAC,mBAAmB,EAAE;YAC5B,MAAM,IAAI,KAAK,CACb,+DAA+D,CAChE,CAAC;SACH;QACD,IAAI,CAAC,mBAAmB,GAAG,mBAAmB,CAAC;IACjD,CAAC;IAgCD;;;OAGG;IACI,MAAM,CAAC,mBAAmB,CAAC,SAAiB;QACjD,OAAO;YACL,wBAAwB,EAAE,aAAa;YACvC,2BAA2B,EAAE,GAAG,SAAS,cAAc;YACvD,cAAc,EAAE,QAAQ;SACzB,CAAC;IACJ,CAAC;IAEO,QAAQ,CAAC,SAAiB,EAAE,SAAiB;QACnD,MAAM,SAAS,GAAG,OAAO,CAAC;QAC1B,IAAI,IAAI,CAAC,YAAY,CAAC,SAAS,CAAC,EAAE;YAChC,OAAO;SACR;QAED,IAAI,CAAC,YAAY,CAAC,SAAS,CAAC,GAAG,CAAC,GAAG,EAAE,EAAE;YACrC,MAAM,KAAK,GAAG,IAAI,CAAC,iBAAiB,CAAC,GAAG,CAAC,CAAC;YAC1C,KAAK,CAAC,MAAM,CAAC,SAAS,CAAC,GAAG;gBACxB,OAAO,EAAE;oBACP,SAAS,EAAE,mBAAmB,CAAC,mBAAmB,CAAC,SAAS,CAAC;iBAC9D;aACF,CAAC;YACF,OAAO,GAAG,CAAC;QACb,CAAC,CAAC;IACJ,CAAC;IAEO,eAAe,CAAC,SAAiB;QACvC,MAAM,SAAS,GAAG,cAAc,CAAC;QACjC,IAAI,IAAI,CAAC,YAAY,CAAC,SAAS,CAAC,EAAE;YAChC,OAAO;SACR;QAED,IAAI,CAAC,YAAY,CAAC,SAAS,CAAC,GAAG,CAAC,GAAG,EAAE,EAAE;YACrC,MAAM,KAAK,GAAG,IAAI,CAAC,iBAAiB,CAAC,GAAG,CAAC,CAAC;YAC1C,KAAK,CAAC,QAAQ,CAAC,SAAS,SAAS,EAAE,CAAC,GAAG;gBACrC,MAAM,EAAE,OAAO;gBACf,0IAA0I;gBAC1I,UAAU,EAAE,GAAG,SAAS,IAAI;gBAC5B,WAAW,EAAE,SAAS;aACvB,CAAC;YACF,OAAO,GAAG,CAAC;QACb,CAAC,CAAC;IACJ,CAAC;IAEO,eAAe,CAAC,SAAiB;QACvC,MAAM,SAAS,GAAG,cAAc,CAAC;QACjC,IAAI,IAAI,CAAC,YAAY,CAAC,SAAS,CAAC,EAAE;YAChC,OAAO;SACR;QAED,IAAI,CAAC,YAAY,CAAC,SAAS,CAAC,GAAG,CAAC,GAAG,EAAE,EAAE;YACrC,MAAM,KAAK,GAAG,IAAI,CAAC,iBAAiB,CAAC,GAAG,CAAC,CAAC;YAE1C,KAAK,CAAC,aAAa,CAAC,IAAI,CAAC,kBAAkB,EAAE,CAAC,GAAG;gBAC/C,KAAK,EAAE,SAAS;gBAChB,QAAQ,EAAE,EAAE;gBACZ,QAAQ,EAAE,gBAAgB;gBAC1B,YAAY,EAAE;oBACZ,KAAK,EAAE,CAAC;oBACR,OAAO,EAAE,QAAQ;oBACjB,OAAO,EAAE,KAAK;iBACf;aACF,CAAC;YAEF,OAAO,GAAG,CAAC;QACb,CAAC,CAAC;IACJ,CAAC;IAEO,qBAAqB,CAAC,IAAiB;QAC7C,MAAM,SAAS,GACb,IAAI,KAAK,SAAS,CAAC,CAAC,CAAC,oBAAoB,CAAC,CAAC,CAAC,kBAAkB,CAAC;QACjE,IAAI,IAAI,CAAC,YAAY,CAAC,SAAS,CAAC,EAAE;YAChC,OAAO;SACR;QAED,MAAM,SAAS,GACb,IAAI,KAAK,SAAS,CAAC,CAAC,CAAC,IAAI,CAAC,oBAAoB,CAAC,CAAC,CAAC,IAAI,CAAC,gBAAgB,CAAC;QAEzE,IAAI,CAAC,YAAY,CAAC,SAAS,CAAC,GAAG,CAAC,GAAG,EAAE,EAAE;YACrC,MAAM,KAAK,GAAG,IAAI,CAAC,iBAAiB,CAAC,GAAG,CAAC,CAAC;YAC1C,KAAK,CAAC,YAAY,CAAC,IAAI,CAAC,IAAI,CAAC,WAAW,CAAC,GAAG;gBAC1C,QAAQ,EAAE,IAAI;gBACd,UAAU,EAAE,GAAG,SAAS,IAAI,IAAI,CAAC,IAAI,CAAC,UAAU,EAAE;aACnD,CAAC;YACF,OAAO,GAAG,CAAC;QACb,CAAC,CAAC;IACJ,CAAC;IAEO,kBAAkB,CACxB,IAAiB,EACjB,SAAiB,EACjB,UAAkB;QAElB,MAAM,SAAS,GACb,IAAI,KAAK,SAAS,CAAC,CAAC,CAAC,wBAAwB,CAAC,CAAC,CAAC,wBAAwB,CAAC;QAC3E,IAAI,IAAI,CAAC,YAAY,CAAC,SAAS,CAAC,EAAE;YAChC,OAAO;SACR;QAED,IAAI,CAAC,YAAY,CAAC,SAAS,CAAC,GAAG,CAAC,GAAG,EAAE,EAAE;YACrC,MAAM,KAAK,GAAG,IAAI,CAAC,iBAAiB,CAAC,GAAG,CAAC,CAAC;YAC1C,IAAI,UAAU,GAAG,UAAU,CAAC;YAC5B,IAAI,KAAK,GAAG,CAAC,CAAC;YACd,OAAO,KAAK,CAAC,QAAQ,CAAC,UAAU,CAAC,EAAE;gBACjC,UAAU,GAAG,GAAG,UAAU,IAAI,KAAK,EAAE,EAAE,CAAC;aACzC;YACD,KAAK,CAAC,QAAQ,CAAC,UAAU,CAAC,GAAG;gBAC3B,MAAM,EAAE,IAAI;gBACZ,UAAU,EAAE,UAAU;gBACtB,WAAW,EAAE,SAAS;aACvB,CAAC;YACF,OAAO,GAAG,CAAC;QACb,CAAC,CAAC;IACJ,CAAC;IAES,qBAAqB;QAC7B,OAAO,GAAG,IAAI,CAAC,gBAAgB,IAAI,IAAI,CAAC,IAAI,CAAC,KAAK,EAAE,CAAC;IACvD,CAAC;IAES,uBAAuB;QAC/B,OAAO,GAAG,IAAI,CAAC,oBAAoB,IAAI,IAAI,CAAC,IAAI,CAAC,KAAK,EAAE,CAAC;IAC3D,CAAC;IAES,kBAAkB;QAC1B,OAAO,IAAI,CAAC,IAAI,CAAC,WAAW,CAAC;IAC/B,CAAC;CACF;AAnRD,kDAmRC"}
|
|
@@ -0,0 +1,37 @@
|
|
|
1
|
+
import { Logger } from '@axinom/mosaic-service-common';
|
|
2
|
+
import { RascalConfigBuilder } from '../rascal-config-builder';
|
|
3
|
+
import { GetEventSigningTokenFunc, PublicSigningKey } from '../types';
|
|
4
|
+
/**
|
|
5
|
+
* Retrieves and caches a list of public keys for services which events the
|
|
6
|
+
* current service is expecting to receive.
|
|
7
|
+
*
|
|
8
|
+
* @param builders - Used to determine which events the service is expecting to
|
|
9
|
+
* receive. Passing a list of all builders used by `setupMessagingBroker` is recommended.
|
|
10
|
+
* @param keyServiceBaseUrl - Base URL of Mosaic Key Service
|
|
11
|
+
* @param getTokenCallback - Function to retrieve authorization token result to make a
|
|
12
|
+
* request to the Key Service
|
|
13
|
+
* @param logger - Optional instance of the Mosaic Logger. If not provided - new
|
|
14
|
+
* instance will be created and used by the function itself.
|
|
15
|
+
*/
|
|
16
|
+
export declare const cachePublicSigningKeys: (builders: RascalConfigBuilder[], keyServiceBaseUrl: string, getTokenCallback: GetEventSigningTokenFunc, logger?: Logger) => Promise<PublicSigningKey[]>;
|
|
17
|
+
/**
|
|
18
|
+
* Retrieves a public key for specific service ID and version. If not available
|
|
19
|
+
* in the cache - cache is updated using `cachePublicSigningKeys` and cache is
|
|
20
|
+
* checked again. If even still there is no matching key - error is thrown,
|
|
21
|
+
* because at this point, if there is a need to validate the received event - it
|
|
22
|
+
* is expected for the service that produced said event to register its own
|
|
23
|
+
* public key with the Key Service.
|
|
24
|
+
*
|
|
25
|
+
*
|
|
26
|
+
* @param serviceId - ID of the service that signed event originated from
|
|
27
|
+
* @param version - Version of the public key of the service that signed event originated from
|
|
28
|
+
* @param builders - Used to determine which events the service is expecting to
|
|
29
|
+
* receive. Passing a list of all builders used by `setupMessagingBroker` is recommended.
|
|
30
|
+
* @param keyServiceBaseUrl - Base URL of Mosaic Key Service
|
|
31
|
+
* @param getTokenCallback - Function to retrieve authorization token result to make a
|
|
32
|
+
* request to the Key Service
|
|
33
|
+
* @param logger - Optional instance of the Mosaic Logger. If not provided - new
|
|
34
|
+
* instance will be created and used by the function itself.
|
|
35
|
+
*/
|
|
36
|
+
export declare const getCachedPublicKey: (serviceId: string, version: number, builders: RascalConfigBuilder[], keyServiceBaseUrl: string, getTokenCallback: GetEventSigningTokenFunc, logger?: Logger) => Promise<string>;
|
|
37
|
+
//# sourceMappingURL=cache-public-signing-keys.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"cache-public-signing-keys.d.ts","sourceRoot":"","sources":["../../src/signing/cache-public-signing-keys.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,EAAe,MAAM,+BAA+B,CAAC;AAGpE,OAAO,EAAE,mBAAmB,EAAE,MAAM,0BAA0B,CAAC;AAC/D,OAAO,EAAE,wBAAwB,EAAE,gBAAgB,EAAE,MAAM,UAAU,CAAC;AAStE;;;;;;;;;;;GAWG;AACH,eAAO,MAAM,sBAAsB,aACvB,mBAAmB,EAAE,qBACZ,MAAM,oBACP,wBAAwB,WACjC,MAAM,KACd,QAAQ,gBAAgB,EAAE,CAiC5B,CAAC;AAEF;;;;;;;;;;;;;;;;;;GAkBG;AACH,eAAO,MAAM,kBAAkB,cAClB,MAAM,WACR,MAAM,YACL,mBAAmB,EAAE,qBACZ,MAAM,oBACP,wBAAwB,WACjC,MAAM,KACd,QAAQ,MAAM,CAuBhB,CAAC"}
|
|
@@ -0,0 +1,81 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.getCachedPublicKey = exports.cachePublicSigningKeys = void 0;
|
|
4
|
+
const mosaic_service_common_1 = require("@axinom/mosaic-service-common");
|
|
5
|
+
const graphql_request_1 = require("graphql-request");
|
|
6
|
+
const key_service_1 = require("../generated/key-service");
|
|
7
|
+
const event_signing_errors_1 = require("./event-signing-errors");
|
|
8
|
+
const signing_cache_1 = require("./signing-cache");
|
|
9
|
+
/**
|
|
10
|
+
* Retrieves and caches a list of public keys for services which events the
|
|
11
|
+
* current service is expecting to receive.
|
|
12
|
+
*
|
|
13
|
+
* @param builders - Used to determine which events the service is expecting to
|
|
14
|
+
* receive. Passing a list of all builders used by `setupMessagingBroker` is recommended.
|
|
15
|
+
* @param keyServiceBaseUrl - Base URL of Mosaic Key Service
|
|
16
|
+
* @param getTokenCallback - Function to retrieve authorization token result to make a
|
|
17
|
+
* request to the Key Service
|
|
18
|
+
* @param logger - Optional instance of the Mosaic Logger. If not provided - new
|
|
19
|
+
* instance will be created and used by the function itself.
|
|
20
|
+
*/
|
|
21
|
+
const cachePublicSigningKeys = async (builders, keyServiceBaseUrl, getTokenCallback, logger) => {
|
|
22
|
+
var _a, _b, _c, _d;
|
|
23
|
+
logger = logger !== null && logger !== void 0 ? logger : new mosaic_service_common_1.Logger({ context: exports.cachePublicSigningKeys.name });
|
|
24
|
+
let token = (0, signing_cache_1.getCachedSigningToken)();
|
|
25
|
+
if (!token) {
|
|
26
|
+
const { accessToken, expiresInSeconds } = await getTokenCallback();
|
|
27
|
+
(0, signing_cache_1.setCachedSigningToken)(accessToken, expiresInSeconds - 60);
|
|
28
|
+
token = accessToken;
|
|
29
|
+
}
|
|
30
|
+
const serviceIds = [
|
|
31
|
+
...new Set(builders
|
|
32
|
+
.map((x) => x.subscribedEventServiceId)
|
|
33
|
+
.filter((id) => !!id)),
|
|
34
|
+
];
|
|
35
|
+
const client = new graphql_request_1.GraphQLClient(new URL('graphql', keyServiceBaseUrl).href);
|
|
36
|
+
const { GetPublicSigningKeys } = (0, key_service_1.getSdk)(client);
|
|
37
|
+
const { data } = await GetPublicSigningKeys({
|
|
38
|
+
filter: {
|
|
39
|
+
serviceId: { in: serviceIds },
|
|
40
|
+
},
|
|
41
|
+
}, { Authorization: `Bearer ${token}` });
|
|
42
|
+
(0, signing_cache_1.setCachedSigningPublicKeys)((_a = data.publicKeys) === null || _a === void 0 ? void 0 : _a.nodes, 60 * 10);
|
|
43
|
+
logger.log({
|
|
44
|
+
message: 'Public signing keys successfully cached.',
|
|
45
|
+
details: { serviceIds, keys: (_b = data.publicKeys) === null || _b === void 0 ? void 0 : _b.nodes },
|
|
46
|
+
});
|
|
47
|
+
return (_d = (_c = data.publicKeys) === null || _c === void 0 ? void 0 : _c.nodes) !== null && _d !== void 0 ? _d : [];
|
|
48
|
+
};
|
|
49
|
+
exports.cachePublicSigningKeys = cachePublicSigningKeys;
|
|
50
|
+
/**
|
|
51
|
+
* Retrieves a public key for specific service ID and version. If not available
|
|
52
|
+
* in the cache - cache is updated using `cachePublicSigningKeys` and cache is
|
|
53
|
+
* checked again. If even still there is no matching key - error is thrown,
|
|
54
|
+
* because at this point, if there is a need to validate the received event - it
|
|
55
|
+
* is expected for the service that produced said event to register its own
|
|
56
|
+
* public key with the Key Service.
|
|
57
|
+
*
|
|
58
|
+
*
|
|
59
|
+
* @param serviceId - ID of the service that signed event originated from
|
|
60
|
+
* @param version - Version of the public key of the service that signed event originated from
|
|
61
|
+
* @param builders - Used to determine which events the service is expecting to
|
|
62
|
+
* receive. Passing a list of all builders used by `setupMessagingBroker` is recommended.
|
|
63
|
+
* @param keyServiceBaseUrl - Base URL of Mosaic Key Service
|
|
64
|
+
* @param getTokenCallback - Function to retrieve authorization token result to make a
|
|
65
|
+
* request to the Key Service
|
|
66
|
+
* @param logger - Optional instance of the Mosaic Logger. If not provided - new
|
|
67
|
+
* instance will be created and used by the function itself.
|
|
68
|
+
*/
|
|
69
|
+
const getCachedPublicKey = async (serviceId, version, builders, keyServiceBaseUrl, getTokenCallback, logger) => {
|
|
70
|
+
var _a;
|
|
71
|
+
let found = ((_a = (0, signing_cache_1.getCachedSigningPublicKeys)()) !== null && _a !== void 0 ? _a : []).find((x) => x.serviceId === serviceId && x.version === version);
|
|
72
|
+
if (!found) {
|
|
73
|
+
found = (await (0, exports.cachePublicSigningKeys)(builders, keyServiceBaseUrl, getTokenCallback, logger)).find((x) => x.serviceId === serviceId && x.version === version);
|
|
74
|
+
}
|
|
75
|
+
if (!found) {
|
|
76
|
+
throw new mosaic_service_common_1.MosaicError(Object.assign(Object.assign({}, event_signing_errors_1.EventSigningErrors.SigningPublicKeyNotFound), { messageParams: [serviceId, version] }));
|
|
77
|
+
}
|
|
78
|
+
return found.key;
|
|
79
|
+
};
|
|
80
|
+
exports.getCachedPublicKey = getCachedPublicKey;
|
|
81
|
+
//# sourceMappingURL=cache-public-signing-keys.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"cache-public-signing-keys.js","sourceRoot":"","sources":["../../src/signing/cache-public-signing-keys.ts"],"names":[],"mappings":";;;AAAA,yEAAoE;AACpE,qDAAgD;AAChD,0DAAkD;AAGlD,iEAA4D;AAC5D,mDAKyB;AAEzB;;;;;;;;;;;GAWG;AACI,MAAM,sBAAsB,GAAG,KAAK,EACzC,QAA+B,EAC/B,iBAAyB,EACzB,gBAA0C,EAC1C,MAAe,EACc,EAAE;;IAC/B,MAAM,GAAG,MAAM,aAAN,MAAM,cAAN,MAAM,GAAI,IAAI,8BAAM,CAAC,EAAE,OAAO,EAAE,8BAAsB,CAAC,IAAI,EAAE,CAAC,CAAC;IAExE,IAAI,KAAK,GAAG,IAAA,qCAAqB,GAAE,CAAC;IACpC,IAAI,CAAC,KAAK,EAAE;QACV,MAAM,EAAE,WAAW,EAAE,gBAAgB,EAAE,GAAG,MAAM,gBAAgB,EAAE,CAAC;QACnE,IAAA,qCAAqB,EAAC,WAAW,EAAE,gBAAgB,GAAG,EAAE,CAAC,CAAC;QAC1D,KAAK,GAAG,WAAW,CAAC;KACrB;IACD,MAAM,UAAU,GAAG;QACjB,GAAG,IAAI,GAAG,CACR,QAAQ;aACL,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,wBAAwB,CAAC;aACtC,MAAM,CAAC,CAAC,EAAE,EAAgB,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC,CACtC;KACF,CAAC;IAEF,MAAM,MAAM,GAAG,IAAI,+BAAa,CAAC,IAAI,GAAG,CAAC,SAAS,EAAE,iBAAiB,CAAC,CAAC,IAAI,CAAC,CAAC;IAC7E,MAAM,EAAE,oBAAoB,EAAE,GAAG,IAAA,oBAAM,EAAC,MAAM,CAAC,CAAC;IAChD,MAAM,EAAE,IAAI,EAAE,GAAG,MAAM,oBAAoB,CACzC;QACE,MAAM,EAAE;YACN,SAAS,EAAE,EAAE,EAAE,EAAE,UAAU,EAAE;SAC9B;KACF,EACD,EAAE,aAAa,EAAE,UAAU,KAAK,EAAE,EAAE,CACrC,CAAC;IACF,IAAA,0CAA0B,EAAC,MAAA,IAAI,CAAC,UAAU,0CAAE,KAAK,EAAE,EAAE,GAAG,EAAE,CAAC,CAAC;IAC5D,MAAM,CAAC,GAAG,CAAC;QACT,OAAO,EAAE,0CAA0C;QACnD,OAAO,EAAE,EAAE,UAAU,EAAE,IAAI,EAAE,MAAA,IAAI,CAAC,UAAU,0CAAE,KAAK,EAAE;KACtD,CAAC,CAAC;IACH,OAAO,MAAA,MAAA,IAAI,CAAC,UAAU,0CAAE,KAAK,mCAAI,EAAE,CAAC;AACtC,CAAC,CAAC;AAtCW,QAAA,sBAAsB,0BAsCjC;AAEF;;;;;;;;;;;;;;;;;;GAkBG;AACI,MAAM,kBAAkB,GAAG,KAAK,EACrC,SAAiB,EACjB,OAAe,EACf,QAA+B,EAC/B,iBAAyB,EACzB,gBAA0C,EAC1C,MAAe,EACE,EAAE;;IACnB,IAAI,KAAK,GAAG,CAAC,MAAA,IAAA,0CAA0B,GAAE,mCAAI,EAAE,CAAC,CAAC,IAAI,CACnD,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,SAAS,KAAK,SAAS,IAAI,CAAC,CAAC,OAAO,KAAK,OAAO,CAC1D,CAAC;IAEF,IAAI,CAAC,KAAK,EAAE;QACV,KAAK,GAAG,CACN,MAAM,IAAA,8BAAsB,EAC1B,QAAQ,EACR,iBAAiB,EACjB,gBAAgB,EAChB,MAAM,CACP,CACF,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,SAAS,KAAK,SAAS,IAAI,CAAC,CAAC,OAAO,KAAK,OAAO,CAAC,CAAC;KACnE;IAED,IAAI,CAAC,KAAK,EAAE;QACV,MAAM,IAAI,mCAAW,iCAChB,yCAAkB,CAAC,wBAAwB,KAC9C,aAAa,EAAE,CAAC,SAAS,EAAE,OAAO,CAAC,IACnC,CAAC;KACJ;IACD,OAAO,KAAK,CAAC,GAAG,CAAC;AACnB,CAAC,CAAC;AA9BW,QAAA,kBAAkB,sBA8B7B"}
|
|
@@ -0,0 +1,30 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Possible errors that are explicitly handled during event signing and validation.
|
|
3
|
+
*/
|
|
4
|
+
export declare const EventSigningErrors: {
|
|
5
|
+
readonly SigningPublicKeyNotFound: {
|
|
6
|
+
readonly message: "Unable to find the public signing key for service with ID '%s' and version %s. Please contact Axinom Support.";
|
|
7
|
+
readonly code: "SIGNING_PUBLIC_KEY_NOT_FOUND";
|
|
8
|
+
};
|
|
9
|
+
readonly SignatureValidationFailed: {
|
|
10
|
+
readonly message: "Event signature validation has failed. The source of event message might be untrustworthy. Please contact Axinom Support.";
|
|
11
|
+
readonly code: "SIGNATURE_VALIDATION_FAILED";
|
|
12
|
+
};
|
|
13
|
+
readonly KeyServiceNotAccessible: {
|
|
14
|
+
readonly message: "The Key service is not accessible. Please contact Axinom support.";
|
|
15
|
+
readonly code: "KEY_SERVICE_NOT_ACCESSIBLE";
|
|
16
|
+
};
|
|
17
|
+
readonly UnexpectedMessageType: {
|
|
18
|
+
readonly message: "The received message has a type that the service does not expect. The source of message might be untrustworthy. Please contact Axinom Support.";
|
|
19
|
+
readonly code: "UNEXPECTED_MESSAGE_TYPE";
|
|
20
|
+
};
|
|
21
|
+
readonly SigningHeadersMissing: {
|
|
22
|
+
readonly message: "The received event message is missing either signature or version headers. The source of message might be untrustworthy. Please contact Axinom Support.";
|
|
23
|
+
readonly code: "SIGNING_HEADERS_MISSING";
|
|
24
|
+
};
|
|
25
|
+
readonly ServiceIdNotFound: {
|
|
26
|
+
readonly message: "The received message is missing a service ID at the start of the routing key or related message builder has no service ID. This is probably an implementation bug. Please contact the Service Support.";
|
|
27
|
+
readonly code: "SERVICE_ID_NOT_FOUND";
|
|
28
|
+
};
|
|
29
|
+
};
|
|
30
|
+
//# sourceMappingURL=event-signing-errors.d.ts.map
|