@bigid/apps-infrastructure-node-js 1.180.1 → 1.181.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (6) hide show
  1. package/lib/services/dataSourceService.js +12 -3
  2. package/lib/services/encryptionService.d.ts +1 -0
  3. package/lib/services/encryptionService.js +9 -6
  4. package/package.json +1 -1
  5. package/src/services/dataSourceService.ts +12 -4
  6. package/src/services/encryptionService.ts +6 -3
package/lib/services/dataSourceService.js CHANGED
@@ -13,13 +13,22 @@ exports.fetchDataSourceCredentials = void 0;
13
13
  const encryptionService_1 = require("./encryptionService");
14
14
  const bigidProxyService_1 = require("./bigidProxyService");
15
15
  const fetchDataSourceCredentials = (executionContext, dataSourceName) => __awaiter(void 0, void 0, void 0, function* () {
16
+ var _a, _b;
16
17
  const res = yield (0, bigidProxyService_1.executeHttpGet)(executionContext, '/tpa/' + executionContext.tpaId + '/credentials/' + dataSourceName.replace(' ', '%20'));
17
18
  const resData = res.data;
18
- return Object.keys(resData).reduce((acc, key) => {
19
+ const encryptionKey = resData.random
20
+ ? (_b = (_a = (yield (0, bigidProxyService_1.executeHttpGet)(executionContext, '/tpa/encryption-key/' + resData.random))) === null || _a === void 0 ? void 0 : _a.data) === null || _b === void 0 ? void 0 : _b.key
21
+ : null;
22
+ const credsObject = resData.random ? resData.credentials : resData;
23
+ return Object.keys(credsObject).reduce((acc, key) => {
19
24
  var _a;
20
- const credentialObject = resData[key];
25
+ const credentialObject = credsObject[key];
21
26
  const credentialValue = (_a = credentialObject.value) === null || _a === void 0 ? void 0 : _a.toString();
22
- acc[key] = credentialObject.encrypted ? (0, encryptionService_1.decrypt)(credentialValue) : credentialValue;
27
+ acc[key] = credentialObject.encrypted
28
+ ? encryptionKey
29
+ ? (0, encryptionService_1.decryptWithKey)(credentialValue, encryptionKey)
30
+ : (0, encryptionService_1.decrypt)(credentialValue)
31
+ : credentialValue;
23
32
  return acc;
24
33
  }, {});
25
34
  });
package/lib/services/encryptionService.d.ts CHANGED
@@ -1 +1,2 @@
1
1
  export declare const decrypt: (encryptedText: string) => string;
2
+ export declare const decryptWithKey: (encryptedText: string, encryptionKey: string) => string;
package/lib/services/encryptionService.js CHANGED
@@ -23,7 +23,7 @@ var __importStar = (this && this.__importStar) || function (mod) {
23
23
  return result;
24
24
  };
25
25
  Object.defineProperty(exports, "__esModule", { value: true });
26
- exports.decrypt = void 0;
26
+ exports.decryptWithKey = exports.decrypt = void 0;
27
27
  const crypto = __importStar(require("crypto"));
28
28
  var Defaults;
29
29
  (function (Defaults) {
@@ -36,18 +36,21 @@ var Defaults;
36
36
  Defaults["SECRET_KEY"] = "SECRET_KEY";
37
37
  })(Defaults || (Defaults = {}));
38
38
  const decrypt = (encryptedText) => {
39
+ var _a;
40
+ return (0, exports.decryptWithKey)(encryptedText, (_a = process.env.APPLICATION_CREDENTIALS_KEY) !== null && _a !== void 0 ? _a : '');
41
+ };
42
+ exports.decrypt = decrypt;
43
+ const decryptWithKey = (encryptedText, encryptionKey) => {
39
44
  const ivAndText = getAndUseOldIvOrNew(encryptedText);
40
- const decipher = crypto.createDecipheriv(Defaults.AES_ALGORITHM, makeKey(), ivAndText.iv);
45
+ const decipher = crypto.createDecipheriv(Defaults.AES_ALGORITHM, makeKey(encryptionKey), ivAndText.iv);
41
46
  let decryptedData = decipher.update(ivAndText.cleanText, Defaults.BASE64_ENC, Defaults.UTF8_ENC);
42
47
  decryptedData += decipher.final(Defaults.UTF8_ENC);
43
48
  return decryptedData;
44
49
  };
45
- exports.decrypt = decrypt;
46
- const makeKey = () => {
47
- var _a;
50
+ exports.decryptWithKey = decryptWithKey;
51
+ const makeKey = (secretKey) => {
48
52
  const md = crypto.createHash(Defaults.SHA_ALGORITHM);
49
53
  try {
50
- const secretKey = (_a = process.env.APPLICATION_CREDENTIALS_KEY) !== null && _a !== void 0 ? _a : '';
51
54
  const key = md.update(secretKey).digest();
52
55
  return key;
53
56
  }
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@bigid/apps-infrastructure-node-js",
3
- "version": "1.180.1",
3
+ "version": "1.181.1",
4
4
  "description": "",
5
5
  "main": "lib/index.js",
6
6
  "scripts": {
package/src/services/dataSourceService.ts CHANGED
@@ -1,4 +1,4 @@
1
- import { decrypt } from './encryptionService';
1
+ import { decrypt, decryptWithKey } from './encryptionService';
2
2
  import { ExecutionContext } from '../dto';
3
3
  import { executeHttpGet } from './bigidProxyService';
4
4
 
@@ -11,10 +11,18 @@ export const fetchDataSourceCredentials = async (
11
11
  '/tpa/' + executionContext.tpaId + '/credentials/' + dataSourceName.replace(' ', '%20'),
12
12
  );
13
13
  const resData = res.data;
14
- return Object.keys(resData).reduce((acc: { [key: string]: string }, key) => {
15
- const credentialObject = resData[key];
14
+ const encryptionKey = resData.random
15
+ ? (await executeHttpGet(executionContext, '/tpa/encryption-key/' + resData.random))?.data?.key
16
+ : null;
17
+ const credsObject = resData.random ? resData.credentials : resData;
18
+ return Object.keys(credsObject).reduce((acc: { [key: string]: string }, key) => {
19
+ const credentialObject = credsObject[key];
16
20
  const credentialValue = credentialObject.value?.toString();
17
- acc[key] = credentialObject.encrypted ? decrypt(credentialValue) : credentialValue;
21
+ acc[key] = credentialObject.encrypted
22
+ ? encryptionKey
23
+ ? decryptWithKey(credentialValue, encryptionKey)
24
+ : decrypt(credentialValue)
25
+ : credentialValue;
18
26
  return acc;
19
27
  }, {});
20
28
  };
package/src/services/encryptionService.ts CHANGED
@@ -13,17 +13,20 @@ enum Defaults {
13
13
  }
14
14
 
15
15
  export const decrypt = (encryptedText: string): string => {
16
+ return decryptWithKey(encryptedText, process.env.APPLICATION_CREDENTIALS_KEY ?? '');
17
+ };
18
+
19
+ export const decryptWithKey = (encryptedText: string, encryptionKey: string): string => {
16
20
  const ivAndText = getAndUseOldIvOrNew(encryptedText);
17
- const decipher = crypto.createDecipheriv(Defaults.AES_ALGORITHM, makeKey(), ivAndText.iv);
21
+ const decipher = crypto.createDecipheriv(Defaults.AES_ALGORITHM, makeKey(encryptionKey), ivAndText.iv);
18
22
  let decryptedData = decipher.update(ivAndText.cleanText as string, Defaults.BASE64_ENC, Defaults.UTF8_ENC);
19
23
  decryptedData += decipher.final(Defaults.UTF8_ENC);
20
24
  return decryptedData;
21
25
  };
22
26
 
23
- const makeKey = (): Buffer => {
27
+ const makeKey = (secretKey: string): Buffer => {
24
28
  const md = crypto.createHash(Defaults.SHA_ALGORITHM);
25
29
  try {
26
- const secretKey = process.env.APPLICATION_CREDENTIALS_KEY ?? '';
27
30
  const key = md.update(secretKey).digest();
28
31
  return key;
29
32
  } catch (error) {