@boxyhq/saml-jackson 0.2.3-beta.177 → 0.2.3-beta.206

package/src/db/redis.js

@@ -1,88 +0,0 @@
-const redis = require('redis');
-const dbutils = require('./utils.js');
-
-class Redis {
-  constructor(options) {
-    return (async () => {
-      let opts = {};
-      if (options && options.url) {
-        opts.socket = {
-          url: options.url,
-        };
-      }
-      this.client = redis.createClient(opts);
-
-      this.client.on('error', (err) => console.log('Redis Client Error', err));
-
-      await this.client.connect();
-
-      return this;
-    })();
-  }
-
-  async get(namespace, key) {
-    let res = await this.client.get(dbutils.key(namespace, key));
-    if (res) {
-      return JSON.parse(res);
-    }
-
-    return null;
-  }
-
-  async getByIndex(namespace, idx) {
-    const dbKeys = await this.client.sMembers(
-      dbutils.keyForIndex(namespace, idx)
-    );
-
-    const ret = [];
-    for (const dbKey of dbKeys || []) {
-      ret.push(await this.get(namespace, dbKey));
-    }
-
-    return ret;
-  }
-
-  async put(namespace, key, val, ttl = 0, ...indexes) {
-    let tx = this.client.multi();
-    const k = dbutils.key(namespace, key);
-
-    tx = tx.set(k, JSON.stringify(val));
-
-    if (ttl) {
-      tx = tx.expire(k, ttl);
-    }
-
-    // no ttl support for secondary indexes
-    for (const idx of indexes || []) {
-      const idxKey = dbutils.keyForIndex(namespace, idx);
-      tx = tx.sAdd(idxKey, key);
-      tx = tx.sAdd(dbutils.keyFromParts(dbutils.indexPrefix, k), idxKey);
-    }
-
-    await tx.exec();
-  }
-
-  async delete(namespace, key) {
-    let tx = this.client.multi();
-    const k = dbutils.key(namespace, key);
-    tx = tx.del(k);
-
-    const idxKey = dbutils.keyFromParts(dbutils.indexPrefix, k);
-    // delete secondary indexes and then the mapping of the seconary indexes
-    const dbKeys = await this.client.sMembers(idxKey);
-
-    for (const dbKey of dbKeys || []) {
-      tx.sRem(dbKey, key);
-    }
-
-    tx.del(idxKey);
-
-    return await tx.exec();
-  }
-}
-
-module.exports = {
-  new: async (options) => {
-    return new Redis(options);
-  },
-};

package/src/db/sql/entity/JacksonIndex.js

@@ -1,42 +0,0 @@
-const EntitySchema = require('typeorm').EntitySchema;
-const JacksonIndex = require('../model/JacksonIndex.js');
-const JacksonStore = require('../model/JacksonStore.js');
-
-module.exports = new EntitySchema({
-  name: 'JacksonIndex',
-  target: JacksonIndex,
-  columns: {
-    id: {
-      primary: true,
-      generated: true,
-      type: 'int',
-    },
-    key: {
-      type: 'varchar',
-      length: 1500,
-    },
-    storeKey: {
-      type: 'varchar',
-      length: 1500,
-    }
-  },
-  relations: {
-    store: {
-      target: () => JacksonStore,
-      type: 'many-to-one',
-      inverseSide: 'indexes',
-      eager: true,
-      onDelete: 'CASCADE',
-    },
-  },
-  indices: [
-    {
-      name: '_jackson_index_key',
-      columns: ['key'],
-    },
-    {
-      name: '_jackson_index_key_store',
-      columns: ['key', 'storeKey'],
-    },
-  ],
-});

package/src/db/sql/entity/JacksonStore.js

@@ -1,42 +0,0 @@
-const EntitySchema = require('typeorm').EntitySchema;
-const JacksonStore = require('../model/JacksonStore.js');
-
-const valueType = (type) => {
-  switch (type) {
-    case 'postgres':
-    case 'cockroachdb':
-      return 'text';
-    case 'mysql':
-    case 'mariadb':
-      return 'mediumtext';
-    default:
-      return 'varchar';
-  }
-};
-
-module.exports = (type) => {
-  return new EntitySchema({
-    name: 'JacksonStore',
-    target: JacksonStore,
-    columns: {
-      key: {
-        primary: true,
-        type: 'varchar',
-        length: 1500,
-      },
-      value: {
-        type: valueType(type),
-      },
-      iv: {
-        type: 'varchar',
-        length: 64,
-        nullable: true,
-      },
-      tag: {
-        type: 'varchar',
-        length: 64,
-        nullable: true,
-      },
-    },
-  });
-};

package/src/db/sql/entity/JacksonTTL.js

@@ -1,23 +0,0 @@
-const EntitySchema = require('typeorm').EntitySchema;
-const JacksonTTL = require('../model/JacksonTTL.js');
-
-module.exports = new EntitySchema({
-  name: 'JacksonTTL',
-  target: JacksonTTL,
-  columns: {
-    key: {
-      primary: true,
-      type: 'varchar',
-      length: 1500,
-    },
-    expiresAt: {
-      type: 'bigint',
-    },
-  },
-  indices: [
-    {
-      name: '_jackson_ttl_expires_at',
-      columns: ['expiresAt'],
-    },
-  ],
-});

package/src/db/sql/model/JacksonIndex.js

@@ -1,9 +0,0 @@
-/*export */ class JacksonIndex {
-  constructor(id, key, store) {
-    this.id = id;
-    this.key = key;
-    this.store = store;
-  }
-}
-
-module.exports = JacksonIndex;

package/src/db/sql/model/JacksonStore.js

@@ -1,10 +0,0 @@
-/*export */ class JacksonStore {
-  constructor(key, value, iv, tag) {
-    this.key = key;
-    this.value = value;
-    this.iv = iv;
-    this.tag = tag;
-  }
-}
-
-module.exports = JacksonStore;

package/src/db/sql/model/JacksonTTL.js

@@ -1,8 +0,0 @@
-/*export */ class JacksonTTL {
-  constructor(key, expiresAt) {
-    this.key = key;
-    this.expiresAt = expiresAt;
-  }
-}
-
-module.exports = JacksonTTL;

package/src/db/sql/sql.js

@@ -1,153 +0,0 @@
-/*eslint no-constant-condition: ["error", { "checkLoops": false }]*/
-
-require('reflect-metadata');
-const typeorm = require('typeorm');
-const JacksonStore = require('./model/JacksonStore.js');
-const JacksonIndex = require('./model/JacksonIndex.js');
-const JacksonTTL = require('./model/JacksonTTL.js');
-
-const dbutils = require('../utils.js');
-
-class Sql {
-  constructor(options) {
-    return (async () => {
-      while (true) {
-        try {
-          this.connection = await typeorm.createConnection({
-            name: options.type + Math.floor(Math.random() * 100000),
-            type: options.type,
-            url: options.url,
-            synchronize: true,
-            migrationsTableName: '_jackson_migrations',
-            logging: false,
-            entities: [
-              require('./entity/JacksonStore.js')(options.type),
-              require('./entity/JacksonIndex.js'),
-              require('./entity/JacksonTTL.js'),
-            ],
-          });
-
-          break;
-        } catch (err) {
-          console.error(`error connecting to ${options.type} db: ${err}`);
-          await dbutils.sleep(1000);
-          continue;
-        }
-      }
-
-      this.storeRepository = this.connection.getRepository(JacksonStore);
-      this.indexRepository = this.connection.getRepository(JacksonIndex);
-      this.ttlRepository = this.connection.getRepository(JacksonTTL);
-
-      if (options.ttl && options.cleanupLimit) {
-        this.ttlCleanup = async () => {
-          const now = Date.now();
-
-          while (true) {
-            const ids = await this.ttlRepository
-              .createQueryBuilder('jackson_ttl')
-              .limit(options.cleanupLimit)
-              .where('jackson_ttl.expiresAt <= :expiresAt', { expiresAt: now })
-              .getMany();
-
-            if (ids.length <= 0) {
-              break;
-            }
-
-            const delIds = ids.map((id) => {
-              return id.key;
-            });
-
-            await this.storeRepository.remove(ids);
-            await this.ttlRepository.delete(delIds);
-          }
-
-          this.timerId = setTimeout(this.ttlCleanup, options.ttl * 1000);
-        };
-
-        this.timerId = setTimeout(this.ttlCleanup, options.ttl * 1000);
-      } else {
-        console.log(
-          'Warning: ttl cleanup not enabled, set both "ttl" and "cleanupLimit" options to enable it!'
-        );
-      }
-
-      return this;
-    })();
-  }
-
-  async get(namespace, key) {
-    let res = await this.storeRepository.findOne({
-      key: dbutils.key(namespace, key),
-    });
-
-    if (res && res.value) {
-      return {
-        value: res.value,
-        iv: res.iv,
-        tag: res.tag,
-      };
-    }
-
-    return null;
-  }
-
-  async getByIndex(namespace, idx) {
-    const res = await this.indexRepository.find({
-      key: dbutils.keyForIndex(namespace, idx),
-    });
-
-    const ret = [];
-
-    if (res) {
-      res.forEach((r) => {
-        ret.push({
-          value: r.store.value,
-          iv: r.store.iv,
-          tag: r.store.tag,
-        });
-      });
-    }
-
-    return ret;
-  }
-
-  async put(namespace, key, val, ttl = 0, ...indexes) {
-    await this.connection.transaction(async (transactionalEntityManager) => {
-      const dbKey = dbutils.key(namespace, key);
-      const store = new JacksonStore(dbKey, val.value, val.iv, val.tag);
-      await transactionalEntityManager.save(store);
-
-      if (ttl) {
-        const ttlRec = new JacksonTTL(dbKey, Date.now() + ttl * 1000);
-        await transactionalEntityManager.save(ttlRec);
-      }
-
-      // no ttl support for secondary indexes
-      for (const idx of indexes || []) {
-        const key = dbutils.keyForIndex(namespace, idx);
-        const rec = await this.indexRepository.findOne({
-          key,
-          storeKey: store.key,
-        });
-        if (!rec) {
-          await transactionalEntityManager.save(
-            new JacksonIndex(0, key, store)
-          );
-        }
-      }
-    });
-  }
-
-  async delete(namespace, key) {
-    return await this.storeRepository.remove({
-      key: dbutils.key(namespace, key),
-    });
-  }
-}
-
-module.exports = {
-  new: async (options) => {
-    return new Sql(options);
-  },
-};

package/src/db/store.js

@@ -1,42 +0,0 @@
-const dbutils = require('./utils.js');
-
-class Store {
-  constructor(namespace, db, ttl = 0) {
-    this.namespace = namespace;
-    this.db = db;
-    this.ttl = ttl;
-  }
-
-  async get(key) {
-    return await this.db.get(this.namespace, dbutils.keyDigest(key));
-  }
-
-  async getByIndex(idx) {
-    idx.value = dbutils.keyDigest(idx.value);
-    return await this.db.getByIndex(this.namespace, idx);
-  }
-
-  async put(key, val, ...indexes) {
-    indexes = (indexes || []).map((idx) => {
-      idx.value = dbutils.keyDigest(idx.value);
-      return idx;
-    });
-    return await this.db.put(
-      this.namespace,
-      dbutils.keyDigest(key),
-      val,
-      this.ttl,
-      ...indexes
-    );
-  }
-
-  async delete(key) {
-    return await this.db.delete(this.namespace, dbutils.keyDigest(key));
-  }
-}
-
-module.exports = {
-  new: (namespace, db, ttl = 0) => {
-    return new Store(namespace, db, ttl);
-  },
-};

package/src/db/utils.js

@@ -1,30 +0,0 @@
-const Ripemd160 = require('ripemd160');
-
-const key = (namespace, k) => {
-  return namespace + ':' + k;
-};
-
-const keyForIndex = (namespace, idx) => {
-  return key(key(namespace, idx.name), idx.value);
-};
-
-const keyDigest = (k) => {
-  return new Ripemd160().update(k).digest('hex');
-};
-
-const keyFromParts = (...parts) => {
-  return parts.join(':'); // TODO: pick a better strategy, keys can collide now
-};
-
-const sleep = (ms) => {
-  return new Promise((resolve) => setTimeout(resolve, ms));
-};
-
-module.exports = {
-  key,
-  keyForIndex,
-  keyDigest,
-  keyFromParts,
-  sleep,
-  indexPrefix: '_index',
-};

package/src/env.js

@@ -1,39 +0,0 @@
-const hostUrl = process.env.HOST_URL || 'localhost';
-const hostPort = (process.env.HOST_PORT || '5000') * 1;
-const externalUrl =
-  process.env.EXTERNAL_URL || 'http://' + hostUrl + ':' + hostPort;
-const samlPath = process.env.SAML_PATH || '/oauth/saml';
-
-const internalHostUrl = process.env.INTERNAL_HOST_URL || 'localhost';
-const internalHostPort = (process.env.INTERNAL_HOST_PORT || '6000') * 1;
-
-const apiKeys = (process.env.JACKSON_API_KEYS || '').split(',');
-
-const samlAudience = process.env.SAML_AUDIENCE;
-const preLoadedConfig = process.env.PRE_LOADED_CONFIG;
-
-const idpEnabled = process.env.IDP_ENABLED;
-const db = {
-  engine: process.env.DB_ENGINE,
-  url: process.env.DB_URL,
-  type: process.env.DB_TYPE,
-  ttl: process.env.DB_TTL,
-  encryptionKey: process.env.DB_ENCRYPTION_KEY,
-};
-
-module.exports = {
-  hostUrl,
-  hostPort,
-  externalUrl,
-  samlPath,
-  samlAudience,
-  preLoadedConfig,
-  internalHostUrl,
-  internalHostPort,
-  apiKeys,
-  idpEnabled,
-  db,
-  useInternalServer: !(
-    hostUrl === internalHostUrl && hostPort === internalHostPort
-  ),
-};

package/src/index.js

@@ -1,67 +0,0 @@
-const DB = require('./db/db.js');
-const readConfig = require('./read-config.js');
-
-const defaultOpts = (opts) => {
-  const newOpts = {
-    ...opts,
-  };
-
-  if (!newOpts.externalUrl) {
-    throw new Error('externalUrl is required');
-  }
-  if (!newOpts.samlPath) {
-    throw new Error('samlPath is required');
-  }
-
-  newOpts.samlAudience = newOpts.samlAudience || 'https://saml.boxyhq.com';
-  newOpts.preLoadedConfig = newOpts.preLoadedConfig || ''; // path to folder containing static SAML config that will be preloaded. This is useful for self-hosted deployments that only have to support a single tenant (or small number of known tenants).
-  newOpts.idpEnabled = newOpts.idpEnabled === true;
-  newOpts.db = newOpts.db || {};
-  newOpts.db.engine = newOpts.db.engine || 'sql'; // Supported values: redis, sql, mongo, mem. Keep comment in sync with db.js
-  newOpts.db.url =
-    newOpts.db.url || 'postgresql://postgres:postgres@localhost:5432/postgres';
-  newOpts.db.type = newOpts.db.type || 'postgres'; // Only needed if DB_ENGINE is sql. Supported values: postgres, cockroachdb, mysql, mariadb
-  newOpts.db.ttl = (newOpts.db.ttl || 300) * 1; // TTL for the code, session and token stores (in seconds)
-  newOpts.db.cleanupLimit = (newOpts.db.cleanupLimit || 1000) * 1; // Limit cleanup of TTL entries to this many items at a time
-
-  return newOpts;
-};
-
-module.exports = async function (opts) {
-  opts = defaultOpts(opts);
-
-  const db = await DB.new(opts.db);
-  const configStore = db.store('saml:config');
-  const sessionStore = db.store('oauth:session', opts.db.ttl);
-  const codeStore = db.store('oauth:code', opts.db.ttl);
-  const tokenStore = db.store('oauth:token', opts.db.ttl);
-
-  const apiController = require('./controller/api.js')({ configStore });
-  const oauthController = require('./controller/oauth.js')({
-    configStore,
-    sessionStore,
-    codeStore,
-    tokenStore,
-    opts,
-  });
-  // write pre-loaded config if present
-  if (opts.preLoadedConfig && opts.preLoadedConfig.length > 0) {
-    const configs = await readConfig(opts.preLoadedConfig);
-
-    for (const config of configs) {
-      await apiController.config(config);
-      console.log(
-        `loaded config for tenant "${config.tenant}" and product "${config.product}"`
-      );
-    }
-  }
-
-  const type =
-    opts.db.engine === 'sql' && opts.db.type ? ' Type: ' + opts.db.type : '';
-  console.log(`Using engine: ${opts.db.engine}.${type}`);
-
-  return {
-    apiController,
-    oauthController,
-  };
-};