@axinom/mosaic-message-bus 0.32.0-rc.8 → 0.33.0-rc.0

package/src/middleware/validate-signed-event-middleware.ts

@@ -0,0 +1,136 @@
+import { MosaicError, validateSignature } from '@axinom/mosaic-service-common';
+import { AckOrNack } from 'rascal';
+import {
+  MOSAIC_SIGNING_SIGNATURE,
+  MOSAIC_SIGNING_SIGNATURE_KEY_VERSION,
+} from '../common';
+import { RascalConfigBuilder } from '../rascal-config-builder';
+import { EventSigningErrors, getCachedPublicKey } from '../signing';
+import {
+  GetEventSigningTokenFunc,
+  MessageEnvelope,
+  MessageInfo,
+  OnMessageMiddleware,
+  PublicSigningKey,
+} from '../types';
+
+/**
+ * Parameters object expected by the `validateSignedEventMiddleware`
+ */
+export interface ValidateSignedEventParams {
+  /**
+   * Used to determine which events the service is expecting to
+   * receive. Passing a list of all builders used by `setupMessagingBroker` is recommended.
+   */
+  builders: RascalConfigBuilder[];
+  /**
+   * Base URL of Mosaic Key Service
+   */
+  keyServiceBaseUrl: string;
+  /**
+   * Function to retrieve authorization token result to make a
+   * request to the Key Service
+   */
+  getTokenCallback: GetEventSigningTokenFunc;
+  /**
+   * An optional array of trusted public keys that are not registered with the
+   * Key service. Could be used by customizable services if event signing is
+   * enabled for customizable services. If not specified - validation of events
+   * originating from customizable services will be skipped, assuming that event
+   * signing is not enabled for them. Alternatively, might useful for specifying
+   * services own key, if registration is delayed.
+   */
+  extraTrustedPublicKeys?: PublicSigningKey[];
+}
+
+/**
+ * Messaging middleware to validate signed events, making sure they originated
+ * from a trustworthy source.
+ */
+export const validateSignedEventMiddleware = ({
+  builders,
+  keyServiceBaseUrl,
+  getTokenCallback,
+  extraTrustedPublicKeys = [],
+}: ValidateSignedEventParams): OnMessageMiddleware => {
+  return async (
+    envelope: MessageEnvelope,
+    message: MessageInfo,
+    ackOrNack: AckOrNack,
+    next?: OnMessageMiddleware,
+  ): Promise<void> => {
+    const eventBuilder = builders.find(
+      (b) => b.info.messageType === envelope.message_type,
+    );
+    if (!eventBuilder) {
+      throw new MosaicError(EventSigningErrors.UnexpectedMessageType);
+    }
+
+    if (eventBuilder.info.action !== 'event') {
+      // Commands do not require signature validation
+      await next?.(envelope, message, ackOrNack);
+      return;
+    }
+
+    const serviceId =
+      eventBuilder.info.serviceId ?? message.fields.routingKey?.split('.')[0];
+    if (!serviceId) {
+      throw new MosaicError(EventSigningErrors.ServiceIdNotFound);
+    }
+
+    const customizableTrustedKeys = extraTrustedPublicKeys.filter(
+      (x) => !x.serviceId.startsWith('ax-'),
+    );
+    if (customizableTrustedKeys.length === 0 && !serviceId.startsWith('ax-')) {
+      // Event signing not enabled for customizable services, skipping
+      // validation of event from customizable service.
+      await next?.(envelope, message, ackOrNack);
+      return;
+    }
+
+    // Assuming that if at least one custom public key is set for customizable
+    // services - then all customizable services per environment should be using
+    // message signing
+
+    const signature = message.properties.headers[MOSAIC_SIGNING_SIGNATURE];
+    const version =
+      message.properties.headers[MOSAIC_SIGNING_SIGNATURE_KEY_VERSION];
+    if (!signature || !version) {
+      throw new MosaicError({
+        ...EventSigningErrors.SigningHeadersMissing,
+        details: { signature, version },
+      });
+    }
+
+    const publicKey =
+      extraTrustedPublicKeys.find(
+        (x) => x.serviceId === serviceId && x.version === version,
+      )?.key ||
+      (await getCachedPublicKey(
+        serviceId,
+        version,
+        builders,
+        keyServiceBaseUrl,
+        getTokenCallback,
+      ));
+
+    const isValid = validateSignature(
+      message.unparsedEnvelope.toString(),
+      signature,
+      publicKey,
+    );
+    if (!isValid) {
+      throw new MosaicError({
+        ...EventSigningErrors.SignatureValidationFailed,
+        details: {
+          serviceId,
+          version,
+          signature,
+          publicKey,
+        },
+      });
+    }
+
+    await next?.(envelope, message, ackOrNack);
+  };
+};

package/src/publication.ts

@@ -6,7 +6,11 @@ import {
 import { mergeDeepRight } from 'ramda';
 import { BrokerAsPromised, PublicationSession } from 'rascal';
 import { v4 as uuid } from 'uuid';
-import { AggregateMessageType } from './common';
+import {
+  AggregateMessageType,
+  MOSAIC_SIGNING_SIGNATURE,
+  MOSAIC_SIGNING_SIGNATURE_KEY_VERSION,
+} from './common';
 import {
   MessageEnvelope,
   MessageEnvelopeOverrides,
@@ -81,8 +85,8 @@ export default class Publication {
     eventSigning: SigningDetails | undefined,
   ): {
     headers?: {
-      ['x-mosaic-signature']: string;
-      ['x-mosaic-signature-key-version']: number;
+      [MOSAIC_SIGNING_SIGNATURE]: string;
+      [MOSAIC_SIGNING_SIGNATURE_KEY_VERSION]: number;
     };
     body: string | MessageEnvelope<unknown>;
   } {
@@ -96,8 +100,8 @@ export default class Publication {
       );
       return {
         headers: {
-          ['x-mosaic-signature']: signature,
-          ['x-mosaic-signature-key-version']:
+          [MOSAIC_SIGNING_SIGNATURE]: signature,
+          [MOSAIC_SIGNING_SIGNATURE_KEY_VERSION]:
             eventSigning.rmqEventSigningKeyVersion,
         },
         body: stringifiedValue,

package/src/rascal-config-builder.spec.ts

@@ -1,10 +1,10 @@
 /* eslint-disable no-console */
-import { MessagingSettings } from '@axinom/mosaic-message-bus-abstractions';
 import { stub } from 'jest-auto-stub';
 import 'jest-extended';
 import { BrokerProxy } from './broker';
 import { MessageHandler } from './message-handler';
 import { RascalConfigBuilder } from './rascal-config-builder';
+import { createBuilder } from './tests/utils';
 
 describe('RascalConfigBuilder', () => {
   let builder: RascalConfigBuilder;
@@ -13,38 +13,6 @@ describe('RascalConfigBuilder', () => {
   ) => MessageHandler<unknown> = () => {
     return stub<MessageHandler<unknown>>();
   };
-
-  const createBuilder = (
-    infoOverrides: Partial<MessagingSettings> = {},
-  ): RascalConfigBuilder => {
-    return new RascalConfigBuilder(
-      {
-        action: 'event',
-        aggregateType: 'test',
-        messageType: 'TestKey',
-        queue: 'test-queue',
-        routingKey: 'test.key',
-        ...infoOverrides,
-      },
-      {
-        isDev: false,
-        serviceId: 'test-service-id',
-        rmqProtocol: 'test-protocol',
-        rmqVHost: 'test-vhost',
-        rmqHost: 'test-host',
-        rmqPort: 123,
-        rmqUser: 'test-user',
-        rmqPassword: 'test-pw',
-        rmqVHostAssert: true,
-        rmqChannelMax: 5,
-        rmqMgmtHost: 'test',
-        rmqMgmtPort: 1234,
-        rmqMgmtProtocol: 'amqp',
-        rmqEventSigningKeyVersion: 1,
-        rmqEventSigningPrivateKey: 'test',
-      },
-    );
-  };
   beforeEach(async () => {
     builder = createBuilder();
   });

package/src/rascal-config-builder.ts

@@ -38,12 +38,21 @@ export class RascalConfigBuilder {
   protected currentServiceId: string;
   protected destinationServiceId: string;
 
+  /**
+   * Service ID of an event to which the service subscripbes to.
+   * Used by the `cachePublicSigningKeys` to request only relevant public keys
+   * from the Key Service.
+   *
+   * Only set if `subscribeForEvent` is called on the builder.
+   */
+  public subscribedEventServiceId: string | undefined;
+
   /**
    * @param info an info object that contains general information about message type
    * @param config general RabbitMQ configuration object
    */
   constructor(
-    protected readonly info: MessagingSettings,
+    public readonly info: MessagingSettings,
     protected readonly config: MessagingConfig,
   ) {
     this.currentServiceId = this.config.serviceId;
@@ -107,6 +116,7 @@ export class RascalConfigBuilder {
   public subscribeForEvent<TContent>(
     buildMessageHandler: (broker: BrokerProxy) => MessageHandler<TContent>,
   ): RascalConfigBuilder {
+    this.subscribedEventServiceId = this.info.serviceId;
     return this.subscribeForMessage('event', buildMessageHandler);
   }
 

package/src/signing/cache-public-signing-keys.graphql

@@ -0,0 +1,10 @@
+query GetPublicSigningKeys($filter: PublicKeyFilter!) {
+  publicKeys(filter: $filter) {
+    nodes {
+      serviceId
+      key
+      version
+      isActive
+    }
+  }
+}

package/src/signing/cache-public-signing-keys.ts

@@ -0,0 +1,115 @@
+import { Logger, MosaicError } from '@axinom/mosaic-service-common';
+import { GraphQLClient } from 'graphql-request';
+import { getSdk } from '../generated/key-service';
+import { RascalConfigBuilder } from '../rascal-config-builder';
+import { GetEventSigningTokenFunc, PublicSigningKey } from '../types';
+import { EventSigningErrors } from './event-signing-errors';
+import {
+  getCachedSigningPublicKeys,
+  getCachedSigningToken,
+  setCachedSigningPublicKeys,
+  setCachedSigningToken,
+} from './signing-cache';
+
+/**
+ * Retrieves and caches a list of public keys for services which events the
+ * current service is expecting to receive.
+ *
+ * @param builders - Used to determine which events the service is expecting to
+ * receive. Passing a list of all builders used by `setupMessagingBroker` is recommended.
+ * @param keyServiceBaseUrl - Base URL of Mosaic Key Service
+ * @param getTokenCallback - Function to retrieve authorization token result to make a
+ * request to the Key Service
+ * @param logger - Optional instance of the Mosaic Logger. If not provided - new
+ * instance will be created and used by the function itself.
+ */
+export const cachePublicSigningKeys = async (
+  builders: RascalConfigBuilder[],
+  keyServiceBaseUrl: string,
+  getTokenCallback: GetEventSigningTokenFunc,
+  logger?: Logger,
+): Promise<PublicSigningKey[]> => {
+  logger = logger ?? new Logger({ context: cachePublicSigningKeys.name });
+
+  let token = getCachedSigningToken();
+  if (!token) {
+    const { accessToken, expiresInSeconds } = await getTokenCallback();
+    setCachedSigningToken(accessToken, expiresInSeconds - 60);
+    token = accessToken;
+  }
+  const serviceIds = [
+    ...new Set(
+      builders
+        .map((x) => x.subscribedEventServiceId)
+        .filter((id): id is string => !!id),
+    ),
+  ];
+
+  const client = new GraphQLClient(new URL('graphql', keyServiceBaseUrl).href);
+  const { GetPublicSigningKeys } = getSdk(client);
+  const { data } = await GetPublicSigningKeys(
+    {
+      filter: {
+        serviceId: { in: serviceIds },
+      },
+    },
+    { Authorization: `Bearer ${token}` },
+  );
+  setCachedSigningPublicKeys(data.publicKeys?.nodes, 60 * 10);
+  logger.log({
+    message: 'Public signing keys successfully cached.',
+    details: { serviceIds, keys: data.publicKeys?.nodes },
+  });
+  return data.publicKeys?.nodes ?? [];
+};
+
+/**
+ * Retrieves a public key for specific service ID and version. If not available
+ * in the cache - cache is updated using `cachePublicSigningKeys` and cache is
+ * checked again. If even still there is no matching key - error is thrown,
+ * because at this point, if there is a need to validate the received event - it
+ * is expected for the service that produced said event to register its own
+ * public key with the Key Service.
+ *
+ *
+ * @param serviceId - ID of the service that signed event originated from
+ * @param version - Version of the public key of the service that signed event originated from
+ * @param builders - Used to determine which events the service is expecting to
+ * receive. Passing a list of all builders used by `setupMessagingBroker` is recommended.
+ * @param keyServiceBaseUrl - Base URL of Mosaic Key Service
+ * @param getTokenCallback - Function to retrieve authorization token result to make a
+ * request to the Key Service
+ * @param logger - Optional instance of the Mosaic Logger. If not provided - new
+ * instance will be created and used by the function itself.
+ */
+export const getCachedPublicKey = async (
+  serviceId: string,
+  version: number,
+  builders: RascalConfigBuilder[],
+  keyServiceBaseUrl: string,
+  getTokenCallback: GetEventSigningTokenFunc,
+  logger?: Logger,
+): Promise<string> => {
+  let found = (getCachedSigningPublicKeys() ?? []).find(
+    (x) => x.serviceId === serviceId && x.version === version,
+  );
+
+  if (!found) {
+    found = (
+      await cachePublicSigningKeys(
+        builders,
+        keyServiceBaseUrl,
+        getTokenCallback,
+        logger,
+      )
+    ).find((x) => x.serviceId === serviceId && x.version === version);
+  }
+
+  if (!found) {
+    throw new MosaicError({
+      ...EventSigningErrors.SigningPublicKeyNotFound,
+      messageParams: [serviceId, version],
+    });
+  }
+  return found.key;
+};

package/src/signing/event-signing-errors.ts

@@ -0,0 +1,35 @@
+/**
+ * Possible errors that are explicitly handled during event signing and validation.
+ */
+export const EventSigningErrors = {
+  SigningPublicKeyNotFound: {
+    message:
+      "Unable to find the public signing key for service with ID '%s' and version %s. Please contact Axinom Support.",
+    code: 'SIGNING_PUBLIC_KEY_NOT_FOUND',
+  },
+  SignatureValidationFailed: {
+    message:
+      'Event signature validation has failed. The source of event message might be untrustworthy. Please contact Axinom Support.',
+    code: 'SIGNATURE_VALIDATION_FAILED',
+  },
+  KeyServiceNotAccessible: {
+    message:
+      'The Key service is not accessible. Please contact Axinom support.',
+    code: 'KEY_SERVICE_NOT_ACCESSIBLE',
+  },
+  UnexpectedMessageType: {
+    message:
+      'The received message has a type that the service does not expect. The source of message might be untrustworthy. Please contact Axinom Support.',
+    code: 'UNEXPECTED_MESSAGE_TYPE',
+  },
+  SigningHeadersMissing: {
+    message:
+      'The received event message is missing either signature or version headers. The source of message might be untrustworthy. Please contact Axinom Support.',
+    code: 'SIGNING_HEADERS_MISSING',
+  },
+  ServiceIdNotFound: {
+    message:
+      'The received message is missing a service ID at the start of the routing key or related message builder has no service ID. This is probably an implementation bug. Please contact the Service Support.',
+    code: 'SERVICE_ID_NOT_FOUND',
+  },
+} as const;

package/src/signing/index.ts

@@ -0,0 +1,3 @@
+export * from './cache-public-signing-keys';
+export * from './event-signing-errors';
+export * from './register-public-signing-key';

package/src/signing/register-public-signing-key.graphql

@@ -0,0 +1,10 @@
+mutation RegisterPublicSigningKey($input: RegisterPublicKeyInput!) {
+  registerPublicKey(input: $input) {
+    publicKey {
+      version
+      serviceId
+      key
+      isActive
+    }
+  }
+}

package/src/signing/register-public-signing-key.spec.ts

@@ -0,0 +1,95 @@
+/* eslint-disable no-console */
+import { stub } from 'jest-auto-stub';
+import 'jest-extended';
+import * as keyService from '../generated/key-service';
+import { GetEventSigningTokenFunc } from '../types';
+import { registerPublicSigningKey } from './register-public-signing-key';
+import {
+  exportedForTesting,
+  getCachedSigningPublicKeys,
+  getCachedSigningToken,
+} from './signing-cache';
+
+describe('registerPublicSigningKey', () => {
+  const keyServiceBaseUrl = 'http://localhost:12100/graphiql';
+  const managedServiceId = 'ax-test-service';
+  const validPublicKey =
+    'MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr6hjEsxp5nIfgQTXfPcYSTMAAhYFLkygyCQHI4aIiTL1fddWs9nIBomiIsTjapggQGqRn7GdmztRSRaYuHS5ll6for6j5UbP5S6FKP9wRZomE952Uet+qIMOicvFgk/YB8OAHyOcZ8dZSYqMpR0BMRHxLjpj+FS3FPdiIpb5Dj10lXcUP0I8jatbpp9iqCFDQaY7hxSFE2p5XJKPYoA0/9nLZiRX5LJF5QsOx1eAZwT0qgS4Q5SkGnzYT4/V5/d4eLBofOU3DwZPdBnmf10NyyeTpn9ae6QXWv7kouYIOhcmZaxWCo4loJpAd4Iv+zL7JwijJqcNcLHr0SlaRmaUNQIDAQAB';
+
+  const getTokenCallback: GetEventSigningTokenFunc = async () => ({
+    accessToken: 'SGVsbG8gVGhlcmUh',
+    expiresInSeconds: 86400,
+    tokenType: 'ManagedServiceAccount',
+  });
+
+  let keyServiceSpy: jest.SpyInstance;
+  let consoleSpy: jest.SpyInstance;
+  let registerKeyResponse = () => ({});
+
+  beforeAll(() => {
+    keyServiceSpy = jest.spyOn(keyService, 'getSdk').mockImplementation(() =>
+      stub<keyService.Sdk>({
+        RegisterPublicSigningKey: () => ({ data: registerKeyResponse() }),
+      }),
+    );
+    consoleSpy = jest
+      .spyOn(console, 'log')
+      .mockImplementation((obj) => JSON.parse(obj));
+  });
+
+  afterEach(() => {
+    jest.clearAllMocks();
+    registerKeyResponse = () => ({});
+    exportedForTesting.clearSigningCache();
+  });
+
+  it('register public key successfully -> success log', async () => {
+    // Arrange
+    const config = {
+      rmqEventSigningKeyVersion: 1,
+      serviceId: managedServiceId,
+      rmqEventSigningPublicKey: validPublicKey,
+      rmqEventSigningKeyVersionsToRevoke: [],
+    };
+    const response = {
+      key: config.rmqEventSigningPublicKey,
+      serviceId: config.serviceId,
+      version: config.rmqEventSigningKeyVersion,
+      isActive: true,
+    };
+    registerKeyResponse = () => ({
+      registerPublicKey: {
+        publicKey: response,
+      },
+    });
+
+    // Act
+    await registerPublicSigningKey(config, keyServiceBaseUrl, getTokenCallback);
+
+    // Assert
+    expect(keyServiceSpy).toHaveBeenCalledTimes(1);
+    expect(consoleSpy).toHaveBeenCalledTimes(1);
+    expect(consoleSpy.mock.results).toMatchObject([
+      {
+        type: 'return',
+        value: {
+          context: 'registerPublicSigningKey',
+          details: {
+            key: validPublicKey,
+            serviceId: managedServiceId,
+            version: 1,
+            versionsToRevoke: [],
+          },
+          loglevel: 'INFO',
+          message: 'Public signing key successfully registered.',
+        },
+      },
+    ]);
+
+    const cachedToken = getCachedSigningToken();
+    expect(cachedToken).toEqual((await getTokenCallback()).accessToken);
+
+    const cachedKeys = getCachedSigningPublicKeys();
+    expect(cachedKeys).toEqual([response]);
+  });
+});

package/src/signing/register-public-signing-key.ts

@@ -0,0 +1,59 @@
+import { Logger } from '@axinom/mosaic-service-common';
+import { GraphQLClient } from 'graphql-request';
+import { RegisterPublicKeyInput, getSdk } from '../generated/key-service';
+import { GetEventSigningTokenFunc, SigningRegistrationConfig } from '../types';
+import {
+  getCachedSigningPublicKeys,
+  setCachedSigningPublicKeys,
+  setCachedSigningToken,
+} from './signing-cache';
+
+/**
+ * Registers a service public key with the Key service. Caches the used token
+ * and the single registered public key. If some public keys were already cached - newly registered public key is added to the cached list.
+ *
+ * @param config - service configuration object containing all values relavant
+ * for event signing
+ * @param keyServiceBaseUrl - Base URL of Mosaic Key Service
+ * @param getTokenCallback - Function to retrieve authorization token result to make a
+ * registration request to the Key Service
+ * @param logger - Optional instance of the Mosaic Logger. If not provided - new
+ * instance will be created and used by the function itself.
+ */
+export const registerPublicSigningKey = async (
+  config: SigningRegistrationConfig,
+  keyServiceBaseUrl: string,
+  getTokenCallback: GetEventSigningTokenFunc,
+  logger?: Logger,
+): Promise<void> => {
+  logger = logger ?? new Logger({ context: registerPublicSigningKey.name });
+
+  const input: RegisterPublicKeyInput = {
+    version: config.rmqEventSigningKeyVersion,
+    versionsToRevoke: config.rmqEventSigningKeyVersionsToRevoke,
+    serviceId: config.serviceId,
+    key: config.rmqEventSigningPublicKey,
+  };
+  const { accessToken, expiresInSeconds } = await getTokenCallback();
+  setCachedSigningToken(accessToken, expiresInSeconds - 60);
+
+  const client = new GraphQLClient(new URL('graphql', keyServiceBaseUrl).href);
+  const { RegisterPublicSigningKey } = getSdk(client);
+  const { data } = await RegisterPublicSigningKey(
+    { input },
+    { Authorization: `Bearer ${accessToken}` },
+  );
+
+  if (data.registerPublicKey?.publicKey) {
+    const currentKeys = getCachedSigningPublicKeys();
+    setCachedSigningPublicKeys(
+      [...(currentKeys ?? []), data.registerPublicKey.publicKey],
+      60 * 10,
+    );
+  }
+
+  logger.log({
+    message: 'Public signing key successfully registered.',
+    details: { ...input },
+  });
+};

package/src/signing/signing-cache.ts

@@ -0,0 +1,49 @@
+import NodeCache from 'node-cache';
+import { PublicSigningKey } from '../types';
+const signingCache = new NodeCache({ stdTTL: 60 * 10 }); // cache for 10 minutes
+const signingCacheKeys = 'keys';
+const signingCacheToken = 'token';
+
+/**
+ * Retrieves the cached authorization token for requests related to event signing.
+ */
+export const getCachedSigningToken = (): string | undefined => {
+  return signingCache.get<string>(signingCacheToken);
+};
+
+/**
+ * Caches the authorization token for requests related to event signing.
+ */
+export const setCachedSigningToken = (
+  token: string,
+  expiration: number,
+): void => {
+  signingCache.set(signingCacheToken, token, expiration);
+};
+
+/**
+ * Retrieves the cached array of event signing public keys.
+ */
+export const getCachedSigningPublicKeys = ():
+  | PublicSigningKey[]
+  | undefined => {
+  return signingCache.get<PublicSigningKey[]>(signingCacheKeys);
+};
+
+/**
+ * Caches the array of event signing public keys.
+ */
+export const setCachedSigningPublicKeys = (
+  keys: PublicSigningKey[] | undefined,
+  expiration: number,
+): void => {
+  signingCache.set(signingCacheKeys, keys, expiration);
+};
+
+/**
+ * Only used for unit tests. Helps clear cache so tests would not interfere with
+ * one another.
+ */
+export const exportedForTesting = {
+  clearSigningCache: (): void => signingCache.flushAll(),
+};

package/src/tests/utils/create-builder.ts

@@ -0,0 +1,34 @@
+import { MessagingSettings } from '@axinom/mosaic-message-bus-abstractions';
+import { RascalConfigBuilder } from '../../rascal-config-builder';
+
+export const createBuilder = (
+  infoOverrides: Partial<MessagingSettings> = {},
+): RascalConfigBuilder => {
+  return new RascalConfigBuilder(
+    {
+      action: 'event',
+      aggregateType: 'test',
+      messageType: 'TestKey',
+      queue: 'test-queue',
+      routingKey: 'test.key',
+      ...infoOverrides,
+    },
+    {
+      isDev: false,
+      serviceId: 'test-service-id',
+      rmqProtocol: 'test-protocol',
+      rmqVHost: 'test-vhost',
+      rmqHost: 'test-host',
+      rmqPort: 123,
+      rmqUser: 'test-user',
+      rmqPassword: 'test-pw',
+      rmqVHostAssert: true,
+      rmqChannelMax: 5,
+      rmqMgmtHost: 'test',
+      rmqMgmtPort: 1234,
+      rmqMgmtProtocol: 'amqp',
+      rmqEventSigningKeyVersion: 1,
+      rmqEventSigningPrivateKey: 'test',
+    },
+  );
+};

package/src/tests/utils/index.ts

@@ -0,0 +1 @@
+export * from './create-builder';

package/src/types/index.ts

@@ -3,4 +3,4 @@ export * from './message-envelope';
 export * from './message-envelope-overrides';
 export * from './message-info';
 export * from './on-message-middleware';
-export * from './signing-details';
+export * from './signing';