npm - @chevre/domain - Versions diffs - 23.2.0-alpha.41 → 23.2.0-alpha.42 - Mend

@chevre/domain 23.2.0-alpha.41 → 23.2.0-alpha.42

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (11) hide show

package/example/src/chevre/orderNumber/decryptOrderNumber.ts ADDED Viewed

@@ -0,0 +1,14 @@
+// tslint:disable:no-console
+// tslint:disable-next-line:no-require-imports no-var-requires
+const fpe = require('node-fpe-v1');
+// const orderNumber = 'CIN1-3796505-5174753';
+const timestamp = '1769837978000';
+const cipher = fpe({ secret: '3:v2-xxxxxx' });
+// .encrypt(orderNumber);
+const orderNumber = cipher.encrypt(`${timestamp}1`);
+console.log(orderNumber);
+console.log(cipher.decrypt(orderNumber));
+// '1234567'

package/example/src/chevre/transactionNumber/publishByTimestamp.ts ADDED Viewed

@@ -0,0 +1,34 @@
+// tslint:disable:no-console
+import * as mongoose from 'mongoose';
+import * as fpe2Module from 'node-fpe-v2';
+const fpe2 = (fpe2Module as unknown) as typeof fpe2Module.default;
+import { chevre } from '../../../../lib/index';
+// tslint:disable-next-line:max-func-body-length
+async function main() {
+    await mongoose.connect(<string>process.env.MONGOLAB_URI, { autoIndex: false });
+    const transactionNumberRepo = await chevre.repository.TransactionNumber.createInstance({
+        connection: mongoose.connection
+    });
+    const result = await transactionNumberRepo.publishByTimestamp({ startDate: new Date() });
+    console.log(result);
+    console.log('length:', result.transactionNumber.length);
+    const decryptResult = fpe2({ secret: String(result.secret) })
+        // tslint:disable-next-line:no-magic-numbers
+        .decrypt(result.transactionNumber.slice(2));
+    console.log(decryptResult);
+    console.log(decryptResult === `${result.timestamp}${result.incrReply.toString()
+        // tslint:disable-next-line:no-magic-numbers
+        .padStart(2, '0')}`);
+}
+main()
+    .then(() => {
+        console.log('success!');
+    })
+    .catch(console.error);

package/example/src/chevre/transactionNumber/testRandomness.ts ADDED Viewed

@@ -0,0 +1,42 @@
+// tslint:disable:object-literal-key-quotes no-console
+import * as mongoose from 'mongoose';
+import { chevre } from '../../../../lib/index';
+async function testGeneration() {
+    await mongoose.connect(<string>process.env.MONGOLAB_URI, { autoIndex: false });
+    const transactionNumberRepo = await chevre.repository.TransactionNumber.createInstance({
+        connection: mongoose.connection
+    });
+    const ts = new Date(); // 同一ミリ秒固定
+    const results: Record<string, string>[] = [];
+    console.log(`--- 同一ミリ秒(${ts})内での連続生成テスト ---`);
+    // tslint:disable-next-line:no-magic-numbers
+    for (let i = 0; i < 100; i += 1) {
+        // 同一ミリ秒内でシーケンス(00-99)だけが変わる状況を再現
+        const { transactionNumber, timestamp, incrReply } = await transactionNumberRepo.publishByTimestamp({ startDate: ts });
+        // 復号して元のデータに戻るかチェック
+        const decoded = await transactionNumberRepo.decrypt(transactionNumber);
+        const isSuccess = decoded === `${timestamp}${incrReply.toString()
+            // tslint:disable-next-line:no-magic-numbers
+            .padStart(2, '0')}`;
+        results.push({
+            timestamp: timestamp,
+            'シーケンス': incrReply.toString(),
+            '生成された番号 (17桁)': transactionNumber,
+            'ソルト(2文字目)': transactionNumber[1],
+            '復号結果': decoded,
+            '復号確認': isSuccess ? '✅OK' : '❌NG'
+        });
+    }
+    console.table(results);
+}
+testGeneration();

package/lib/chevre/repo/confirmationNumber.js CHANGED Viewed

@@ -14,7 +14,7 @@ const cdigit = require("cdigit");
 const moment = require("moment-timezone");
 // import { RedisClientType } from 'redis';
 // tslint:disable-next-line:no-require-imports no-var-requires
-const fpe = require('node-fpe');
+const fpe = require('node-fpe-v1');
 // import { createSchema as createSettingSchema, modelName as settingModelName } from './mongoose/schemas/setting';
 const transactionNumber_1 = require("./mongoose/schemas/transactionNumber");
 const transactionNumberCounter_1 = require("./transactionNumberCounter");

package/lib/chevre/repo/mongoose/schemas/setting.d.ts CHANGED Viewed

@@ -110,6 +110,16 @@ export interface IJWTSetting {
      */
     algorithm: Algorithm;
 }
+export interface ITransactionNumberSetting {
+    /**
+     * fpe暗号鍵
+     */
+    fpeSecret: string;
+    /**
+     * "1"
+     */
+    version: string;
+}
 export interface ISetting {
     defaultSenderEmail?: string;
     jwt?: IJWTSetting;
@@ -127,6 +137,7 @@ export interface ISetting {
     };
     quota?: IQuotaSettings;
     storage?: IStorageSettings;
+    transactionNumber?: ITransactionNumberSetting;
     /**
      * 通知設定
      */

package/lib/chevre/repo/mongoose/schemas/setting.js CHANGED Viewed

@@ -19,6 +19,7 @@ const schemaDefinition = {
     onTransactionStatusChanged: mongoose_1.SchemaTypes.Mixed,
     quota: mongoose_1.SchemaTypes.Mixed,
     storage: mongoose_1.SchemaTypes.Mixed,
+    transactionNumber: mongoose_1.SchemaTypes.Mixed,
     triggerWebhook: mongoose_1.SchemaTypes.Mixed,
     useInformResourceTypes: [String],
     userPoolIdOld: String,

package/lib/chevre/repo/orderNumber.js CHANGED Viewed

@@ -14,7 +14,7 @@ const cdigit = require("cdigit");
 const moment = require("moment-timezone");
 // import { RedisClientType } from 'redis';
 // tslint:disable-next-line:no-require-imports no-var-requires
-const fpe = require('node-fpe');
+const fpe = require('node-fpe-v1');
 // import { createSchema as createSettingSchema, modelName as settingModelName } from './mongoose/schemas/setting';
 const transactionNumber_1 = require("./mongoose/schemas/transactionNumber");
 const transactionNumberCounter_1 = require("./transactionNumberCounter");

package/lib/chevre/repo/serviceOutputIdentifier.js CHANGED Viewed

@@ -14,7 +14,7 @@ const cdigit = require("cdigit");
 const moment = require("moment-timezone");
 // import { RedisClientType } from 'redis';
 // tslint:disable-next-line:no-require-imports no-var-requires
-const fpe = require('node-fpe');
+const fpe = require('node-fpe-v1');
 // import { createSchema as createSettingSchema, modelName as settingModelName } from './mongoose/schemas/setting';
 const transactionNumber_1 = require("./mongoose/schemas/transactionNumber");
 const transactionNumberCounter_1 = require("./transactionNumberCounter");

package/lib/chevre/repo/transactionNumber.d.ts CHANGED Viewed

@@ -1,12 +1,16 @@
 import type { Connection } from 'mongoose';
 interface IPublishResult {
     transactionNumber: string;
+    timestamp: string;
+    incrReply: number;
+    secret?: string;
 }
 /**
  * 取引番号リポジトリ
  */
 export declare class TransactionNumberRepo {
     private readonly counterRepo;
+    private readonly settingModel;
     constructor(params: {
         connection: Connection;
     });
@@ -16,5 +20,7 @@ export declare class TransactionNumberRepo {
     publishByTimestamp(params: {
         startDate: Date;
     }): Promise<IPublishResult>;
+    decrypt(id: string): Promise<string>;
+    private findSetting;
 }
 export {};

package/lib/chevre/repo/transactionNumber.js CHANGED Viewed

@@ -11,11 +11,15 @@ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, ge
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.TransactionNumberRepo = void 0;
 const cdigit = require("cdigit");
+const crypto_1 = require("crypto");
 const moment = require("moment-timezone");
-// import { RedisClientType } from 'redis';
+const fpe2Module = require("node-fpe-v2");
+// 型定義が新しいtypescriptに適合しないので、強制的に型変更
+const fpe2 = fpe2Module;
 // tslint:disable-next-line:no-require-imports no-var-requires
-const fpe = require('node-fpe');
-// import { createSchema as createSettingSchema, modelName as settingModelName } from './mongoose/schemas/setting';
+const fpe1 = require('node-fpe-v1');
+const factory = require("../factory");
+const setting_1 = require("./mongoose/schemas/setting");
 const transactionNumber_1 = require("./mongoose/schemas/transactionNumber");
 const transactionNumberCounter_1 = require("./transactionNumberCounter");
 /**
@@ -23,25 +27,15 @@ const transactionNumberCounter_1 = require("./transactionNumberCounter");
  */
 class TransactionNumberRepo {
     constructor(params) {
-        // const { connection } = params;
-        // this.settingModel = connection.model(settingModelName, createSettingSchema());
         this.counterRepo = new transactionNumberCounter_1.TransactionNumberCounterRepo(params);
+        this.settingModel = params.connection.model(setting_1.modelName, (0, setting_1.createSchema)());
     }
-    // private static createKey(params: {
-    //     startDate: Date;
-    //     timestamp: string;
-    // }): string {
-    //     return util.format(
-    //         '%s:%s',
-    //         TransactionNumberRepo.REDIS_KEY_PREFIX,
-    //         params.timestamp
-    //     );
-    // }
     /**
      * タイムスタンプから発行する
      */
     publishByTimestamp(params) {
         return __awaiter(this, void 0, void 0, function* () {
+            const { fpeSecret, version } = yield this.findSetting();
             const timestamp = moment(params.startDate)
                 .valueOf()
                 .toString();
@@ -57,13 +51,67 @@ class TransactionNumberRepo {
                 includedInDataCatalog: { identifier: transactionNumber_1.DataCatalogIdentifier.transactionNumber },
                 expires: dataFeedExpires
             });
-            let transactionNumber = `${timestamp}${incrReply}`;
-            // checkdigit
-            const cd = cdigit.luhn.compute(transactionNumber);
-            transactionNumber = fpe({ password: cd })
-                .encrypt(transactionNumber);
-            transactionNumber = `${cd}${transactionNumber}`;
-            return { transactionNumber };
+            let transactionNumber;
+            let secret;
+            if (typeof fpeSecret === 'string' && typeof version === 'string') {
+                // tslint:disable-next-line:no-magic-numbers
+                const saltDigit = (0, crypto_1.randomInt)(0, 10);
+                const saltStr = saltDigit.toString();
+                secret = `${fpeSecret}${saltStr}`;
+                const cipher = fpe2({ secret });
+                // incrReplyが 0〜99 なら "00"〜"99" になり（15桁）
+                // incrReplyが 100〜999 なら "100"〜"999" になる（16桁）
+                const rawBody = `${timestamp}${incrReply.toString()
+                    // tslint:disable-next-line:no-magic-numbers
+                    .padStart(2, '0')}`;
+                const encryptedBody = cipher.encrypt(rawBody);
+                // ソルトを「あえて」2文字目に含める
+                transactionNumber = `${version}${saltStr}${encryptedBody}`;
+            }
+            else {
+                transactionNumber = `${timestamp}${incrReply}`;
+                // checkdigit
+                const cd = cdigit.luhn.compute(transactionNumber);
+                transactionNumber = fpe1({ password: cd })
+                    .encrypt(transactionNumber);
+                transactionNumber = `${cd}${transactionNumber}`;
+            }
+            return { transactionNumber, timestamp, incrReply, secret };
+        });
+    }
+    decrypt(id) {
+        return __awaiter(this, void 0, void 0, function* () {
+            const { fpeSecret } = yield this.findSetting();
+            const saltStr = id[1]; // 2文字目からソルト（鍵のヒント）を回収
+            // tslint:disable-next-line:no-magic-numbers
+            const encryptedBody = id.slice(2);
+            const cipher = fpe2({
+                secret: `${fpeSecret}${saltStr}`
+            });
+            return cipher.decrypt(encryptedBody);
+        });
+    }
+    findSetting() {
+        return __awaiter(this, void 0, void 0, function* () {
+            const filterQuery = { 'project.id': { $eq: '*' } };
+            const projection = {
+                _id: 0,
+                transactionNumber: 1
+            };
+            const setting = yield this.settingModel.findOne(filterQuery, projection)
+                .lean()
+                .exec();
+            if (setting === null || setting.transactionNumber === undefined) {
+                return {};
+            }
+            const { fpeSecret, version } = setting.transactionNumber;
+            if (typeof fpeSecret !== 'string' || fpeSecret === '') {
+                throw new factory.errors.NotFound('setting.transactionNumber.secret');
+            }
+            if (typeof version !== 'string' || version === '') {
+                throw new factory.errors.NotFound('setting.transactionNumber.version');
+            }
+            return { fpeSecret, version };
         });
     }
 }

package/package.json CHANGED Viewed

@@ -25,7 +25,8 @@
     "lodash.difference": "^4.5.0",
     "moment": "^2.29.1",
     "moment-timezone": "^0.5.33",
-    "node-fpe": "1.0.0",
+    "node-fpe-v1": "npm:node-fpe@1.0.0",
+    "node-fpe-v2": "npm:node-fpe@2.0.4",
     "pug": "^2.0.4",
     "uniqid": "5.4.0",
     "uuid": "^3.4.0"
@@ -116,5 +117,5 @@
     "postversion": "git push origin --tags",
     "prepublishOnly": "npm run clean && npm run build && npm test && npm run doc"
   },
-  "version": "23.2.0-alpha.41"
+  "version": "23.2.0-alpha.42"
 }