@drunk-pulumi/azure 0.0.19

package/Apim/ApiProduct/PolicyBuilder.js

@@ -0,0 +1,361 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.getPolicies = exports.SetHeaderTypes = void 0;
+const AzureEnv_1 = require("../../Common/AzureEnv");
+const Helper_1 = require("../../VNet/Helper");
+const StackEnv_1 = require("../../Common/StackEnv");
+const defaultRateLimit = AzureEnv_1.isPrd ? 60 : 120;
+const enableApimEventHub = false;
+const getInMockResponse = ({ code = 200, contentType = 'text/html', }) => `      <mock-response status-code="${code}" content-type="${contentType}" />`;
+const getInRewriteUri = ({ template = '/' }) => `      <rewrite-uri template="${template}" />`;
+const setBaseUrl = ({ url }) => `   <set-backend-service base-url="${url}" />`;
+const getInRateLimit = ({ call = defaultRateLimit, //The number of call in
+period = 60, //1 minute
+successConditionOnly, }) => successConditionOnly
+    ? `      <rate-limit-by-key calls="${call}" 
+            renewal-period="${period}" 
+            counter-key="@(context.Request.IpAddress)" 
+            increment-condition="@(context.Response.StatusCode >= 200 && context.Response.StatusCode < 300)" />`
+    : `      <rate-limit-by-key calls="${call}" 
+            renewal-period="${period}" 
+            counter-key="@(context.Request.IpAddress)" />`;
+const getInCache = () => `      <cache-lookup vary-by-developer="false" 
+            vary-by-developer-groups="false" 
+            allow-private-response-caching="true" 
+            must-revalidate="true" 
+            downstream-caching-type="public" />`;
+const getOutCache = ({ duration = 60 }) => `      <cache-store duration="${duration}" />`;
+const getInBackendCert = ({ thumbprint }) => `      <authentication-certificate thumbprint="${thumbprint}" />`;
+const getInClientCertValidate = ({ issuer, subject, thumbprint, verifyCert, }) => `   <choose>
+        <when condition="@(context.Request.Certificate == null${verifyCert
+    ? ' || !context.Request.Certificate.VerifyNoRevocation()'
+    : ''}${issuer ? ` || context.Request.Certificate.Issuer != "${issuer}"` : ''}${subject
+    ? ` || context.Request.Certificate.SubjectName.Name != "${subject}"`
+    : ''}${thumbprint
+    ? ` || context.Request.Certificate.Thumbprint != "${thumbprint}"`
+    : ''})" >
+          <return-response>
+            <set-status code="403" reason="Invalid client certificate" />
+          </return-response>
+      </when>
+    </choose>`;
+const getCorsPolicy = ({ origins }) => {
+    const orgs = origins
+        ? origins.map((o) => `<origin>${o}</origin>`)
+        : ['<origin>*</origin>'];
+    return `<cors allow-credentials="${Array.isArray(origins)}">
+    <allowed-origins>
+        ${orgs.join('\n')}
+    </allowed-origins>
+    <allowed-methods preflight-result-max-age="300">
+        <method>*</method>
+    </allowed-methods>
+    <allowed-headers>
+        <header>*</header>
+    </allowed-headers>
+</cors>`;
+};
+//Event Hub Policy
+const getEventHubPolicy = ({ eventHubName, captureClientCertThumbprint, azFuncUrl, azFuncKey, }) => {
+    const enableIpStack = azFuncKey && azFuncUrl;
+    const rs = `
+  <set-variable name="message-id" value="@(Guid.NewGuid())" />
+  ${enableIpStack
+        ? `
+  <set-variable name="ipstackBaseUrl" value="@("${azFuncUrl}?ipAddress=" + context.Request.IpAddress)" />
+  <send-request mode="new" response-variable-name="ipstackResponse" timeout="2" ignore-error="true">
+    <set-url>@((string)context.Variables["ipstackBaseUrl"])</set-url>
+    <set-method>POST</set-method>
+    <set-header name="x-functions-key" exists-action="override">
+      <value>${azFuncKey}</value>
+    </set-header>
+  </send-request>`
+        : ''}
+
+  <log-to-eventhub logger-id="${eventHubName}" partition-id="0">@{
+      string accountId = "";
+      string profileId = "";
+
+      string authHeader = context.Request.Headers.GetValueOrDefault("Authorization", "");
+      if (authHeader?.Length > 0)
+      {
+        string[] authHeaderParts = authHeader.Split(' ');
+        if (authHeaderParts?.Length == 2 && authHeaderParts[0].Equals("Bearer", StringComparison.InvariantCultureIgnoreCase))
+        {
+          Jwt jwt;
+          if (authHeaderParts[1].TryParseJwt(out jwt))
+          {
+            accountId = jwt.Claims.GetValueOrDefault("client_AccountId", "");
+            profileId = jwt.Claims.GetValueOrDefault("client_ProfileId", "");
+          }
+        }
+      }
+
+      string statusText = (context.Response.StatusCode >= 200 && context.Response.StatusCode <= 299) ? "PASS" : "FAIL";
+      string statusMsg = "";
+      if (context.Response.StatusCode == 400 || context.Response.StatusCode == 500) {
+          statusMsg = context.Response.Body?.As<string>(true);
+      }
+
+      string ipLocation = "";
+${enableIpStack
+        ? `
+      try {
+        var ipstackResponse = ((IResponse)context.Variables["ipstackResponse"]);
+        if (ipstackResponse.StatusCode == 200) { 
+            ipLocation = (((IResponse)context.Variables["ipstackResponse"]).Body?.As<JObject>()["country_name"]).ToString();
+        }
+      }catch {}`
+        : ''}
+
+      string clientThumbprint = "";
+${captureClientCertThumbprint
+        ? `
+      string xCert = context.Request.Headers.GetValueOrDefault("X-ARR-ClientCert", "");
+      if(context.Request.Certificate != null){
+        clientThumbprint = context.Request.Certificate.Thumbprint;
+      }else if(xCert?.Length > 0){
+        var cert = new X509Certificate2(Convert.FromBase64String(xCert), (string)null);
+        clientThumbprint = cert.Thumbprint;
+      }
+      else{ clientThumbprint = "Not found";}
+`
+        : ''}
+
+      return new JObject(
+        new JProperty("MessageId", context.Variables["message-id"]),
+        new JProperty("Method", context.Request.Method),
+        new JProperty("UrlPath", context.Request.Url.Path),
+        new JProperty("Timestamp", DateTime.UtcNow.ToString()),
+        new JProperty("IP_Address", context.Request.IpAddress),
+        new JProperty("IP_Location", ipLocation),
+        new JProperty("AccountId", accountId),
+        new JProperty("ProfileId", profileId),
+        new JProperty("Status", statusText),
+        new JProperty("HttpCode", context.Response.StatusCode),
+        new JProperty("Status_Message", statusMsg),
+        new JProperty("clientThumbprint", clientThumbprint)
+      ).ToString();
+  }</log-to-eventhub>`;
+    //console.log(rs);
+    return rs;
+};
+/** Validate Client IP Address with configured IP in Token. */
+const getIPAddressFilterPolicy = () => {
+    const getFilterStatus = `
+    <set-header name="IpAddressValidation" exists-action="override">
+      <value>@{
+				Boolean ipAddressValid = false;
+				string authHeader = context.Request.Headers.GetValueOrDefault("Authorization", "");
+				if (authHeader?.Length > 0)
+				{
+					string[] authHeaderParts = authHeader.Split(' ');
+					if (authHeaderParts?.Length == 2 && authHeaderParts[0].Equals("Bearer", StringComparison.InvariantCultureIgnoreCase))
+					{
+						if (authHeaderParts[1].TryParseJwt(out Jwt jwt))
+						{
+							var ipsWhitelist = jwt.Claims.GetValueOrDefault("client_IpWhitelist", "");
+              IEnumerable<string> ips = ipsWhitelist
+                .Split(new char[] { ';', ',' }, StringSplitOptions.RemoveEmptyEntries)
+                .Select(p => p.Trim());
+
+              if(string.IsNullOrEmpty(ipsWhitelist) || ips.Contains(context.Request.IpAddress))
+              {
+                ipAddressValid = true;
+              }
+						}
+					}
+        }
+        else
+        {
+          ipAddressValid = true;
+        }
+				
+        return ipAddressValid.ToString();
+			}</value>
+    </set-header>`;
+    const checkFilterValid = `
+    <choose>
+		  <when condition="@(context.Request.Headers.GetValueOrDefault("IpAddressValidation", "").Equals(Boolean.FalseString))">
+        <return-response>
+            <set-status code="403" reason="Forbidden"/>
+              <set-body>@{
+                return new JObject(
+                  new JProperty("message","IP does not match")
+                ).ToString();
+              }</set-body>
+        </return-response>
+		  </when>
+		</choose>`;
+    return `
+    ${getFilterStatus}
+    ${checkFilterValid}
+  `;
+};
+const getIpWhitelistPolicy = ({ ipAddresses }) => {
+    const policy = `<ip-filter action="allow">\r\n${ipAddresses
+        .map((ip) => {
+        if (ip.includes('/')) {
+            const range = (0, Helper_1.getIpsRange)(ip);
+            return `<address-range from="${range.first}" to="${range.last}" />`;
+        }
+        return `<address>${ip}</address>`;
+    })
+        .join('\r\n')}\r\n</ip-filter>`;
+    //console.log(policy);
+    return policy;
+};
+var SetHeaderTypes;
+(function (SetHeaderTypes) {
+    SetHeaderTypes["delete"] = "delete";
+    SetHeaderTypes["override"] = "override";
+    SetHeaderTypes["skip"] = "skip";
+    SetHeaderTypes["append"] = "append";
+})(SetHeaderTypes || (exports.SetHeaderTypes = SetHeaderTypes = {}));
+const setHeader = ({ name, type = SetHeaderTypes.delete, value, }) => {
+    let rs = `<set-header name="${name}" exists-action="${type}">`;
+    if (value) {
+        rs += ` <value>${value}</value>`;
+    }
+    rs += '</set-header>';
+    return rs;
+};
+const checkHeaderPolicy = ({ checkHeaders }) => {
+    return checkHeaders
+        .map((c) => {
+        return `<check-header name="${c.name}" failed-check-httpcode="401" failed-check-error-message="The header ${c.name} is not found" ignore-case="true">
+    ${c.value ? c.value.map((v) => `<value>${v}</value>`).join('\n') : ''}
+</check-header>`;
+    })
+        .join('\n');
+};
+/** Set Client IP address to 'x-ts-client-ip' header key */
+const setClientIpHeader = (key = `x-${StackEnv_1.organization}-clientIp`) => setHeader({
+    name: key,
+    value: '@(context.Request.IpAddress)',
+    type: SetHeaderTypes.override,
+});
+const setFindAndReplaces = (findAndReplaces) => findAndReplaces
+    .map((f) => ` <find-and-replace from="${f.from}" to="${f.to}" />`)
+    .join('\n');
+const getPolicies = ({ enableClientIpHeader = false, findAndReplaces, ...props }) => {
+    const inbound = new Array();
+    const outbound = new Array();
+    const getProps = (p) => (typeof p === 'boolean' ? {} : p);
+    if (enableClientIpHeader) {
+        inbound.push(setClientIpHeader());
+    }
+    if (props.setBaseUrl) {
+        inbound.push(setBaseUrl(props.setBaseUrl));
+    }
+    if (props.rewriteUri) {
+        inbound.push(getInRewriteUri(getProps(props.rewriteUri)));
+    }
+    if (props.cache) {
+        inbound.push(getInCache());
+        outbound.push(getOutCache(getProps(props.cache)));
+    }
+    if (props.mockResponse) {
+        inbound.push(getInMockResponse(getProps(props.mockResponse)));
+    }
+    if (props.rateLimit) {
+        inbound.push(getInRateLimit(getProps(props.rateLimit)));
+    }
+    if (props.backendCert) {
+        inbound.push(getInBackendCert(props.backendCert));
+    }
+    if (props.cors) {
+        inbound.push(getCorsPolicy(getProps(props.cors)));
+    }
+    if (props.ipFilter) {
+        inbound.push(getIPAddressFilterPolicy());
+    }
+    if (props.whitelistIPs) {
+        inbound.push(getIpWhitelistPolicy({ ipAddresses: props.whitelistIPs }));
+    }
+    if (props.setHeaders) {
+        const array = Array.isArray(props.setHeaders)
+            ? props.setHeaders
+            : [props.setHeaders];
+        array.forEach((s) => inbound.push(setHeader(s)));
+    }
+    if (props.checkHeaders) {
+        inbound.push(checkHeaderPolicy(props.checkHeaders));
+    }
+    if (findAndReplaces) {
+        outbound.push(setFindAndReplaces(findAndReplaces));
+    }
+    if (props.customInboundPolicy) {
+        inbound.push(props.customInboundPolicy);
+    }
+    if (props.customOutPolicy) {
+        outbound.push(props.customOutPolicy);
+    }
+    //======This always in the last position.===========
+    if (props.clientCert) {
+        inbound.push(getInClientCertValidate(props.clientCert));
+    }
+    let backend = '<base />';
+    if (!props.mockResponse) {
+        backend =
+            '<forward-request timeout="120" follow-redirects="true" buffer-request-body="true" fail-on-error-status-code="true"/>';
+    }
+    return `<policies>
+  <inbound>
+      <base />
+      ${inbound.join('\n')}
+  </inbound>
+  <backend>
+      ${backend}
+  </backend>
+  <outbound>
+      <base />
+      <set-header name="Strict-Transport-Security" exists-action="override">    
+          <value>max-age=15724800; includeSubDomains</value>    
+      </set-header>    
+      <set-header name="X-XSS-Protection" exists-action="override">    
+          <value>1; mode=block</value>    
+      </set-header>    
+      <set-header name="Content-Security-Policy" exists-action="override">    
+          <value>default-src 'self' data: 'unsafe-inline' 'unsafe-eval'</value>    
+      </set-header>    
+      <set-header name="X-Frame-Options" exists-action="override">    
+          <value>Deny</value>    
+      </set-header>    
+      <set-header name="X-Content-Type-Options" exists-action="override">    
+          <value>nosniff</value>    
+      </set-header>    
+      <set-header name="Expect-Ct" exists-action="override">    
+          <value>max-age=604800,enforce</value>    
+      </set-header>    
+      <set-header name="Cache-Control" exists-action="override">    
+          <value>none</value>    
+      </set-header>    
+      <set-header name="X-Powered-By" exists-action="delete" />    
+      <set-header name="X-AspNet-Version" exists-action="delete" />
+      
+      ${outbound.join('\n')}
+      ${enableApimEventHub && props.logEventHubName
+        ? getEventHubPolicy({
+            eventHubName: props.logEventHubName,
+            azFuncUrl: props.azFuncUrl,
+            azFuncKey: props.azFuncKey,
+            captureClientCertThumbprint: props.captureClientCertThumbprint,
+        })
+        : ''}
+  </outbound>
+  <on-error>
+      <base />
+      ${enableApimEventHub && props.logEventHubName
+        ? getEventHubPolicy({
+            eventHubName: props.logEventHubName,
+            azFuncUrl: props.azFuncUrl,
+            azFuncKey: props.azFuncKey,
+            captureClientCertThumbprint: props.captureClientCertThumbprint,
+        })
+        : ''}
+  </on-error>
+</policies>`;
+};
+exports.getPolicies = getPolicies;
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiUG9saWN5QnVpbGRlci5qcyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbIi4uLy4uLy4uL3NyYy9BcGltL0FwaVByb2R1Y3QvUG9saWN5QnVpbGRlci50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiOzs7QUFBQSxvREFBOEM7QUFDOUMsOENBQWdEO0FBQ2hELG9EQUFxRDtBQUVyRCxNQUFNLGdCQUFnQixHQUFHLGdCQUFLLENBQUMsQ0FBQyxDQUFDLEVBQUUsQ0FBQyxDQUFDLENBQUMsR0FBRyxDQUFDO0FBQzFDLE1BQU0sa0JBQWtCLEdBQUcsS0FBSyxDQUFDO0FBT2pDLE1BQU0saUJBQWlCLEdBQUcsQ0FBQyxFQUN6QixJQUFJLEdBQUcsR0FBRyxFQUNWLFdBQVcsR0FBRyxXQUFXLEdBQ2YsRUFBRSxFQUFFLENBQ2QscUNBQXFDLElBQUksbUJBQW1CLFdBQVcsTUFBTSxDQUFDO0FBTWhGLE1BQU0sZUFBZSxHQUFHLENBQUMsRUFBRSxRQUFRLEdBQUcsR0FBRyxFQUFtQixFQUFFLEVBQUUsQ0FDOUQsZ0NBQWdDLFFBQVEsTUFBTSxDQUFDO0FBTWpELE1BQU0sVUFBVSxHQUFHLENBQUMsRUFBRSxHQUFHLEVBQWdCLEVBQUUsRUFBRSxDQUMzQyxxQ0FBcUMsR0FBRyxNQUFNLENBQUM7QUFXakQsTUFBTSxjQUFjLEdBQUcsQ0FBQyxFQUN0QixJQUFJLEdBQUcsZ0JBQWdCLEVBQUUsdUJBQXVCO0FBQ2hELE1BQU0sR0FBRyxFQUFFLEVBQUUsVUFBVTtBQUN2QixvQkFBb0IsR0FDTCxFQUFFLEVBQUUsQ0FDbkIsb0JBQW9CO0lBQ2xCLENBQUMsQ0FBQyxtQ0FBbUMsSUFBSTs4QkFDZixNQUFNOztnSEFFNEU7SUFDNUcsQ0FBQyxDQUFDLG1DQUFtQyxJQUFJOzhCQUNmLE1BQU07MERBQ3NCLENBQUM7QUFFM0QsTUFBTSxVQUFVLEdBQUcsR0FBRyxFQUFFLENBQ3RCOzs7O2dEQUk4QyxDQUFDO0FBS2pELE1BQU0sV0FBVyxHQUFHLENBQUMsRUFBRSxRQUFRLEdBQUcsRUFBRSxFQUFpQixFQUFFLEVBQUUsQ0FDdkQsZ0NBQWdDLFFBQVEsTUFBTSxDQUFDO0FBTWpELE1BQU0sZ0JBQWdCLEdBQUcsQ0FBQyxFQUFFLFVBQVUsRUFBaUIsRUFBRSxFQUFFLENBQ3pELGlEQUFpRCxVQUFVLE1BQU0sQ0FBQztBQVFwRSxNQUFNLHVCQUF1QixHQUFHLENBQUMsRUFDL0IsTUFBTSxFQUNOLE9BQU8sRUFDUCxVQUFVLEVBQ1YsVUFBVSxHQUNNLEVBQUUsRUFBRSxDQUNwQjtnRUFFUSxVQUFVO0lBQ1IsQ0FBQyxDQUFDLHVEQUF1RDtJQUN6RCxDQUFDLENBQUMsRUFDTixHQUNKLE1BQU0sQ0FBQyxDQUFDLENBQUMsOENBQThDLE1BQU0sR0FBRyxDQUFDLENBQUMsQ0FBQyxFQUNyRSxHQUNFLE9BQU87SUFDTCxDQUFDLENBQUMsd0RBQXdELE9BQU8sR0FBRztJQUNwRSxDQUFDLENBQUMsRUFDTixHQUNFLFVBQVU7SUFDUixDQUFDLENBQUMsa0RBQWtELFVBQVUsR0FBRztJQUNqRSxDQUFDLENBQUMsRUFDTjs7Ozs7Y0FLWSxDQUFDO0FBTWYsTUFBTSxhQUFhLEdBQUcsQ0FBQyxFQUFFLE9BQU8sRUFBYSxFQUFFLEVBQUU7SUFDL0MsTUFBTSxJQUFJLEdBQUcsT0FBTztRQUNsQixDQUFDLENBQUMsT0FBTyxDQUFDLEdBQUcsQ0FBQyxDQUFDLENBQUMsRUFBRSxFQUFFLENBQUMsV0FBVyxDQUFDLFdBQVcsQ0FBQztRQUM3QyxDQUFDLENBQUMsQ0FBQyxvQkFBb0IsQ0FBQyxDQUFDO0lBRTNCLE9BQU8sNEJBQTRCLEtBQUssQ0FBQyxPQUFPLENBQUMsT0FBTyxDQUFDOztVQUVqRCxJQUFJLENBQUMsSUFBSSxDQUFDLElBQUksQ0FBQzs7Ozs7Ozs7UUFRakIsQ0FBQztBQUNULENBQUMsQ0FBQztBQVFGLGtCQUFrQjtBQUNsQixNQUFNLGlCQUFpQixHQUFHLENBQUMsRUFDekIsWUFBWSxFQUNaLDJCQUEyQixFQUMzQixTQUFTLEVBQ1QsU0FBUyxHQUNLLEVBQUUsRUFBRTtJQUNsQixNQUFNLGFBQWEsR0FBRyxTQUFTLElBQUksU0FBUyxDQUFDO0lBRTdDLE1BQU0sRUFBRSxHQUFHOztJQUdULGFBQWE7UUFDWCxDQUFDLENBQUM7a0RBQzBDLFNBQVM7Ozs7O2VBSzVDLFNBQVM7O2tCQUVOO1FBQ1osQ0FBQyxDQUFDLEVBQ047O2dDQUU4QixZQUFZOzs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7OztFQTJCMUMsYUFBYTtRQUNYLENBQUMsQ0FBQzs7Ozs7O2dCQU1VO1FBQ1osQ0FBQyxDQUFDLEVBQ047OztFQUlFLDJCQUEyQjtRQUN6QixDQUFDLENBQUM7Ozs7Ozs7OztDQVNMO1FBQ0csQ0FBQyxDQUFDLEVBQ047Ozs7Ozs7Ozs7Ozs7Ozs7c0JBZ0JzQixDQUFDO0lBRXJCLGtCQUFrQjtJQUNsQixPQUFPLEVBQUUsQ0FBQztBQUNaLENBQUMsQ0FBQztBQUVGLDhEQUE4RDtBQUM5RCxNQUFNLHdCQUF3QixHQUFHLEdBQUcsRUFBRTtJQUNwQyxNQUFNLGVBQWUsR0FBRzs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7OztrQkErQlIsQ0FBQztJQUVqQixNQUFNLGdCQUFnQixHQUFHOzs7Ozs7Ozs7Ozs7WUFZZixDQUFDO0lBRVgsT0FBTztNQUNILGVBQWU7TUFDZixnQkFBZ0I7R0FDbkIsQ0FBQztBQUNKLENBQUMsQ0FBQztBQU1GLE1BQU0sb0JBQW9CLEdBQUcsQ0FBQyxFQUFFLFdBQVcsRUFBb0IsRUFBRSxFQUFFO0lBQ2pFLE1BQU0sTUFBTSxHQUFHLGlDQUFpQyxXQUFXO1NBQ3hELEdBQUcsQ0FBQyxDQUFDLEVBQUUsRUFBRSxFQUFFO1FBQ1YsSUFBSSxFQUFFLENBQUMsUUFBUSxDQUFDLEdBQUcsQ0FBQyxFQUFFLENBQUM7WUFDckIsTUFBTSxLQUFLLEdBQUcsSUFBQSxvQkFBVyxFQUFDLEVBQUUsQ0FBQyxDQUFDO1lBQzlCLE9BQU8sd0JBQXdCLEtBQUssQ0FBQyxLQUFLLFNBQVMsS0FBSyxDQUFDLElBQUksTUFBTSxDQUFDO1FBQ3RFLENBQUM7UUFDRCxPQUFPLFlBQVksRUFBRSxZQUFZLENBQUM7SUFDcEMsQ0FBQyxDQUFDO1NBQ0QsSUFBSSxDQUFDLE1BQU0sQ0FBQyxrQkFBa0IsQ0FBQztJQUVsQyxzQkFBc0I7SUFDdEIsT0FBTyxNQUFNLENBQUM7QUFDaEIsQ0FBQyxDQUFDO0FBRUYsSUFBWSxjQUtYO0FBTEQsV0FBWSxjQUFjO0lBQ3hCLG1DQUFpQixDQUFBO0lBQ2pCLHVDQUFxQixDQUFBO0lBQ3JCLCtCQUFhLENBQUE7SUFDYixtQ0FBaUIsQ0FBQTtBQUNuQixDQUFDLEVBTFcsY0FBYyw4QkFBZCxjQUFjLFFBS3pCO0FBUUQsTUFBTSxTQUFTLEdBQUcsQ0FBQyxFQUNqQixJQUFJLEVBQ0osSUFBSSxHQUFHLGNBQWMsQ0FBQyxNQUFNLEVBQzVCLEtBQUssR0FDVSxFQUFFLEVBQUU7SUFDbkIsSUFBSSxFQUFFLEdBQUcscUJBQXFCLElBQUksb0JBQW9CLElBQUksSUFBSSxDQUFDO0lBRS9ELElBQUksS0FBSyxFQUFFLENBQUM7UUFDVixFQUFFLElBQUksV0FBVyxLQUFLLFVBQVUsQ0FBQztJQUNuQyxDQUFDO0lBQ0QsRUFBRSxJQUFJLGVBQWUsQ0FBQztJQUV0QixPQUFPLEVBQUUsQ0FBQztBQUNaLENBQUMsQ0FBQztBQU1GLE1BQU0saUJBQWlCLEdBQUcsQ0FBQyxFQUFFLFlBQVksRUFBZ0IsRUFBRSxFQUFFO0lBQzNELE9BQU8sWUFBWTtTQUNoQixHQUFHLENBQUMsQ0FBQyxDQUFDLEVBQUUsRUFBRTtRQUNULE9BQU8sdUJBQ0wsQ0FBQyxDQUFDLElBQ0osd0VBQ0UsQ0FBQyxDQUFDLElBQ0o7TUFDQSxDQUFDLENBQUMsS0FBSyxDQUFDLENBQUMsQ0FBQyxDQUFDLENBQUMsS0FBSyxDQUFDLEdBQUcsQ0FBQyxDQUFDLENBQUMsRUFBRSxFQUFFLENBQUMsVUFBVSxDQUFDLFVBQVUsQ0FBQyxDQUFDLElBQUksQ0FBQyxJQUFJLENBQUMsQ0FBQyxDQUFDLENBQUMsRUFBRTtnQkFDekQsQ0FBQztJQUNiLENBQUMsQ0FBQztTQUNELElBQUksQ0FBQyxJQUFJLENBQUMsQ0FBQztBQUNoQixDQUFDLENBQUM7QUFFRiwyREFBMkQ7QUFDM0QsTUFBTSxpQkFBaUIsR0FBRyxDQUFDLE1BQWMsS0FBSyx1QkFBWSxXQUFXLEVBQUUsRUFBRSxDQUN2RSxTQUFTLENBQUM7SUFDUixJQUFJLEVBQUUsR0FBRztJQUNULEtBQUssRUFBRSw4QkFBOEI7SUFDckMsSUFBSSxFQUFFLGNBQWMsQ0FBQyxRQUFRO0NBQzlCLENBQUMsQ0FBQztBQUVMLE1BQU0sa0JBQWtCLEdBQUcsQ0FDekIsZUFBb0QsRUFDcEQsRUFBRSxDQUNGLGVBQWU7S0FDWixHQUFHLENBQUMsQ0FBQyxDQUFDLEVBQUUsRUFBRSxDQUFDLDRCQUE0QixDQUFDLENBQUMsSUFBSSxTQUFTLENBQUMsQ0FBQyxFQUFFLE1BQU0sQ0FBQztLQUNqRSxJQUFJLENBQUMsSUFBSSxDQUFDLENBQUM7QUFpQ1QsTUFBTSxXQUFXLEdBQUcsQ0FBQyxFQUMxQixvQkFBb0IsR0FBRyxLQUFLLEVBQzVCLGVBQWUsRUFDZixHQUFHLEtBQUssRUFDTSxFQUFFLEVBQUU7SUFDbEIsTUFBTSxPQUFPLEdBQUcsSUFBSSxLQUFLLEVBQVUsQ0FBQztJQUNwQyxNQUFNLFFBQVEsR0FBRyxJQUFJLEtBQUssRUFBVSxDQUFDO0lBRXJDLE1BQU0sUUFBUSxHQUFHLENBQUksQ0FBYyxFQUFFLEVBQUUsQ0FDckMsQ0FBQyxPQUFPLENBQUMsS0FBSyxTQUFTLENBQUMsQ0FBQyxDQUFDLEVBQUUsQ0FBQyxDQUFDLENBQUMsQ0FBQyxDQUFNLENBQUM7SUFFekMsSUFBSSxvQkFBb0IsRUFBRSxDQUFDO1FBQ3pCLE9BQU8sQ0FBQyxJQUFJLENBQUMsaUJBQWlCLEVBQUUsQ0FBQyxDQUFDO0lBQ3BDLENBQUM7SUFDRCxJQUFJLEtBQUssQ0FBQyxVQUFVLEVBQUUsQ0FBQztRQUNyQixPQUFPLENBQUMsSUFBSSxDQUFDLFVBQVUsQ0FBQyxLQUFLLENBQUMsVUFBVSxDQUFDLENBQUMsQ0FBQztJQUM3QyxDQUFDO0lBQ0QsSUFBSSxLQUFLLENBQUMsVUFBVSxFQUFFLENBQUM7UUFDckIsT0FBTyxDQUFDLElBQUksQ0FBQyxlQUFlLENBQUMsUUFBUSxDQUFDLEtBQUssQ0FBQyxVQUFVLENBQUMsQ0FBQyxDQUFDLENBQUM7SUFDNUQsQ0FBQztJQUNELElBQUksS0FBSyxDQUFDLEtBQUssRUFBRSxDQUFDO1FBQ2hCLE9BQU8sQ0FBQyxJQUFJLENBQUMsVUFBVSxFQUFFLENBQUMsQ0FBQztRQUMzQixRQUFRLENBQUMsSUFBSSxDQUFDLFdBQVcsQ0FBQyxRQUFRLENBQUMsS0FBSyxDQUFDLEtBQUssQ0FBQyxDQUFDLENBQUMsQ0FBQztJQUNwRCxDQUFDO0lBQ0QsSUFBSSxLQUFLLENBQUMsWUFBWSxFQUFFLENBQUM7UUFDdkIsT0FBTyxDQUFDLElBQUksQ0FBQyxpQkFBaUIsQ0FBQyxRQUFRLENBQUMsS0FBSyxDQUFDLFlBQVksQ0FBQyxDQUFDLENBQUMsQ0FBQztJQUNoRSxDQUFDO0lBQ0QsSUFBSSxLQUFLLENBQUMsU0FBUyxFQUFFLENBQUM7UUFDcEIsT0FBTyxDQUFDLElBQUksQ0FBQyxjQUFjLENBQUMsUUFBUSxDQUFDLEtBQUssQ0FBQyxTQUFTLENBQUMsQ0FBQyxDQUFDLENBQUM7SUFDMUQsQ0FBQztJQUVELElBQUksS0FBSyxDQUFDLFdBQVcsRUFBRSxDQUFDO1FBQ3RCLE9BQU8sQ0FBQyxJQUFJLENBQUMsZ0JBQWdCLENBQUMsS0FBSyxDQUFDLFdBQVcsQ0FBQyxDQUFDLENBQUM7SUFDcEQsQ0FBQztJQUVELElBQUksS0FBSyxDQUFDLElBQUksRUFBRSxDQUFDO1FBQ2YsT0FBTyxDQUFDLElBQUksQ0FBQyxhQUFhLENBQUMsUUFBUSxDQUFDLEtBQUssQ0FBQyxJQUFJLENBQUMsQ0FBQyxDQUFDLENBQUM7SUFDcEQsQ0FBQztJQUVELElBQUksS0FBSyxDQUFDLFFBQVEsRUFBRSxDQUFDO1FBQ25CLE9BQU8sQ0FBQyxJQUFJLENBQUMsd0JBQXdCLEVBQUUsQ0FBQyxDQUFDO0lBQzNDLENBQUM7SUFFRCxJQUFJLEtBQUssQ0FBQyxZQUFZLEVBQUUsQ0FBQztRQUN2QixPQUFPLENBQUMsSUFBSSxDQUFDLG9CQUFvQixDQUFDLEVBQUUsV0FBVyxFQUFFLEtBQUssQ0FBQyxZQUFZLEVBQUUsQ0FBQyxDQUFDLENBQUM7SUFDMUUsQ0FBQztJQUVELElBQUksS0FBSyxDQUFDLFVBQVUsRUFBRSxDQUFDO1FBQ3JCLE1BQU0sS0FBSyxHQUFHLEtBQUssQ0FBQyxPQUFPLENBQUMsS0FBSyxDQUFDLFVBQVUsQ0FBQztZQUMzQyxDQUFDLENBQUMsS0FBSyxDQUFDLFVBQVU7WUFDbEIsQ0FBQyxDQUFDLENBQUMsS0FBSyxDQUFDLFVBQVUsQ0FBQyxDQUFDO1FBRXZCLEtBQUssQ0FBQyxPQUFPLENBQUMsQ0FBQyxDQUFDLEVBQUUsRUFBRSxDQUFDLE9BQU8sQ0FBQyxJQUFJLENBQUMsU0FBUyxDQUFDLENBQUMsQ0FBQyxDQUFDLENBQUMsQ0FBQztJQUNuRCxDQUFDO0lBRUQsSUFBSSxLQUFLLENBQUMsWUFBWSxFQUFFLENBQUM7UUFDdkIsT0FBTyxDQUFDLElBQUksQ0FBQyxpQkFBaUIsQ0FBQyxLQUFLLENBQUMsWUFBWSxDQUFDLENBQUMsQ0FBQztJQUN0RCxDQUFDO0lBRUQsSUFBSSxlQUFlLEVBQUUsQ0FBQztRQUNwQixRQUFRLENBQUMsSUFBSSxDQUFDLGtCQUFrQixDQUFDLGVBQWUsQ0FBQyxDQUFDLENBQUM7SUFDckQsQ0FBQztJQUVELElBQUksS0FBSyxDQUFDLG1CQUFtQixFQUFFLENBQUM7UUFDOUIsT0FBTyxDQUFDLElBQUksQ0FBQyxLQUFLLENBQUMsbUJBQW1CLENBQUMsQ0FBQztJQUMxQyxDQUFDO0lBQ0QsSUFBSSxLQUFLLENBQUMsZUFBZSxFQUFFLENBQUM7UUFDMUIsUUFBUSxDQUFDLElBQUksQ0FBQyxLQUFLLENBQUMsZUFBZSxDQUFDLENBQUM7SUFDdkMsQ0FBQztJQUNELG9EQUFvRDtJQUNwRCxJQUFJLEtBQUssQ0FBQyxVQUFVLEVBQUUsQ0FBQztRQUNyQixPQUFPLENBQUMsSUFBSSxDQUFDLHVCQUF1QixDQUFDLEtBQUssQ0FBQyxVQUFVLENBQUMsQ0FBQyxDQUFDO0lBQzFELENBQUM7SUFFRCxJQUFJLE9BQU8sR0FBRyxVQUFVLENBQUM7SUFFekIsSUFBSSxDQUFDLEtBQUssQ0FBQyxZQUFZLEVBQUUsQ0FBQztRQUN4QixPQUFPO1lBQ0wsc0hBQXNILENBQUM7SUFDM0gsQ0FBQztJQUVELE9BQU87OztRQUdELE9BQU8sQ0FBQyxJQUFJLENBQUMsSUFBSSxDQUFDOzs7UUFHbEIsT0FBTzs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7OztRQTRCUCxRQUFRLENBQUMsSUFBSSxDQUFDLElBQUksQ0FBQztRQUVuQixrQkFBa0IsSUFBSSxLQUFLLENBQUMsZUFBZTtRQUN6QyxDQUFDLENBQUMsaUJBQWlCLENBQUM7WUFDaEIsWUFBWSxFQUFFLEtBQUssQ0FBQyxlQUFlO1lBQ25DLFNBQVMsRUFBRSxLQUFLLENBQUMsU0FBUztZQUMxQixTQUFTLEVBQUUsS0FBSyxDQUFDLFNBQVM7WUFDMUIsMkJBQTJCLEVBQUUsS0FBSyxDQUFDLDJCQUEyQjtTQUMvRCxDQUFDO1FBQ0osQ0FBQyxDQUFDLEVBQ047Ozs7UUFLRSxrQkFBa0IsSUFBSSxLQUFLLENBQUMsZUFBZTtRQUN6QyxDQUFDLENBQUMsaUJBQWlCLENBQUM7WUFDaEIsWUFBWSxFQUFFLEtBQUssQ0FBQyxlQUFlO1lBQ25DLFNBQVMsRUFBRSxLQUFLLENBQUMsU0FBUztZQUMxQixTQUFTLEVBQUUsS0FBSyxDQUFDLFNBQVM7WUFDMUIsMkJBQTJCLEVBQUUsS0FBSyxDQUFDLDJCQUEyQjtTQUMvRCxDQUFDO1FBQ0osQ0FBQyxDQUFDLEVBQ047O1lBRU0sQ0FBQztBQUNiLENBQUMsQ0FBQztBQTdJVyxRQUFBLFdBQVcsZUE2SXRCIn0=

package/Apim/ApiProduct/Product.d.ts

@@ -0,0 +1,8 @@
+import { ApimInfo, KeyVaultInfo } from '../../types';
+export interface ProductProps {
+    name: string;
+    apimInfo: ApimInfo;
+    subscriptionRequired?: boolean;
+    vaultInfo?: KeyVaultInfo;
+}
+export declare const createProduct: ({ name, apimInfo, subscriptionRequired, vaultInfo, }: ProductProps) => Promise<import("@pulumi/azure-native/apimanagement/product").Product>;

package/Apim/ApiProduct/Product.js

@@ -0,0 +1,63 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.createProduct = void 0;
+const apim = require("@pulumi/azure-native/apimanagement");
+const ResourceEnv_1 = require("../../Common/ResourceEnv");
+const pulumi_1 = require("@pulumi/pulumi");
+const Random_1 = require("../../Core/Random");
+const Naming_1 = require("../../Common/Naming");
+const CustomHelper_1 = require("../../KeyVault/CustomHelper");
+const getProductName = (name) => (0, ResourceEnv_1.getResourceName)(name, { prefix: '', suffix: 'prod', includeOrgName: false });
+const getSubscriptionName = (name) => (0, ResourceEnv_1.getResourceName)(name, {
+    prefix: 'apim',
+    suffix: 'sub',
+    includeOrgName: false,
+});
+const createProduct = async ({ name, apimInfo, subscriptionRequired, vaultInfo, }) => {
+    const pName = getProductName(name);
+    const product = new apim.Product(pName, {
+        productId: pName,
+        displayName: pName,
+        description: pName,
+        serviceName: apimInfo.serviceName,
+        resourceGroupName: apimInfo.group.resourceGroupName,
+        subscriptionRequired,
+        approvalRequired: subscriptionRequired ? false : undefined,
+        subscriptionsLimit: subscriptionRequired ? 5 : undefined,
+    });
+    if (subscriptionRequired && vaultInfo) {
+        const subName = getSubscriptionName(name);
+        const primaryKey = (0, Naming_1.getPasswordName)(subName, 'primary');
+        const secondaryKey = (0, Naming_1.getPasswordName)(subName, 'secondary');
+        const primaryPass = (0, Random_1.randomPassword)({ name: primaryKey }).result;
+        const secondaryPass = (0, Random_1.randomPassword)({ name: secondaryKey }).result;
+        new apim.Subscription(subName, {
+            sid: subName,
+            displayName: subName,
+            serviceName: apimInfo.serviceName,
+            resourceGroupName: apimInfo.group.resourceGroupName,
+            scope: (0, pulumi_1.interpolate) `/products/${product.id}`,
+            primaryKey: primaryPass,
+            secondaryKey: secondaryPass,
+        }, { dependsOn: product });
+        (0, CustomHelper_1.addCustomSecret)({
+            name: primaryKey,
+            formattedName: true,
+            value: primaryPass,
+            contentType: subName,
+            vaultInfo,
+            tags: { name, subName },
+        });
+        (0, CustomHelper_1.addCustomSecret)({
+            name: secondaryKey,
+            formattedName: true,
+            value: secondaryPass,
+            contentType: subName,
+            vaultInfo,
+            tags: { name, subName },
+        });
+    }
+    return product;
+};
+exports.createProduct = createProduct;
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiUHJvZHVjdC5qcyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbIi4uLy4uLy4uL3NyYy9BcGltL0FwaVByb2R1Y3QvUHJvZHVjdC50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiOzs7QUFDQSwyREFBMkQ7QUFDM0QsMERBQTJEO0FBQzNELDJDQUE2QztBQUM3Qyw4Q0FBbUQ7QUFDbkQsZ0RBQXNEO0FBQ3RELDhEQUE4RDtBQUU5RCxNQUFNLGNBQWMsR0FBRyxDQUFDLElBQVksRUFBRSxFQUFFLENBQ3RDLElBQUEsNkJBQWUsRUFBQyxJQUFJLEVBQUUsRUFBRSxNQUFNLEVBQUUsRUFBRSxFQUFFLE1BQU0sRUFBRSxNQUFNLEVBQUUsY0FBYyxFQUFFLEtBQUssRUFBRSxDQUFDLENBQUM7QUFDL0UsTUFBTSxtQkFBbUIsR0FBRyxDQUFDLElBQVksRUFBRSxFQUFFLENBQzNDLElBQUEsNkJBQWUsRUFBQyxJQUFJLEVBQUU7SUFDcEIsTUFBTSxFQUFFLE1BQU07SUFDZCxNQUFNLEVBQUUsS0FBSztJQUNiLGNBQWMsRUFBRSxLQUFLO0NBQ3RCLENBQUMsQ0FBQztBQVNFLE1BQU0sYUFBYSxHQUFHLEtBQUssRUFBRSxFQUNsQyxJQUFJLEVBQ0osUUFBUSxFQUNSLG9CQUFvQixFQUNwQixTQUFTLEdBQ0ksRUFBRSxFQUFFO0lBQ2pCLE1BQU0sS0FBSyxHQUFHLGNBQWMsQ0FBQyxJQUFJLENBQUMsQ0FBQztJQUNuQyxNQUFNLE9BQU8sR0FBRyxJQUFJLElBQUksQ0FBQyxPQUFPLENBQUMsS0FBSyxFQUFFO1FBQ3RDLFNBQVMsRUFBRSxLQUFLO1FBQ2hCLFdBQVcsRUFBRSxLQUFLO1FBQ2xCLFdBQVcsRUFBRSxLQUFLO1FBQ2xCLFdBQVcsRUFBRSxRQUFRLENBQUMsV0FBVztRQUNqQyxpQkFBaUIsRUFBRSxRQUFRLENBQUMsS0FBSyxDQUFDLGlCQUFpQjtRQUVuRCxvQkFBb0I7UUFDcEIsZ0JBQWdCLEVBQUUsb0JBQW9CLENBQUMsQ0FBQyxDQUFDLEtBQUssQ0FBQyxDQUFDLENBQUMsU0FBUztRQUMxRCxrQkFBa0IsRUFBRSxvQkFBb0IsQ0FBQyxDQUFDLENBQUMsQ0FBQyxDQUFDLENBQUMsQ0FBQyxTQUFTO0tBQ3pELENBQUMsQ0FBQztJQUVILElBQUksb0JBQW9CLElBQUksU0FBUyxFQUFFLENBQUM7UUFDdEMsTUFBTSxPQUFPLEdBQUcsbUJBQW1CLENBQUMsSUFBSSxDQUFDLENBQUM7UUFDMUMsTUFBTSxVQUFVLEdBQUcsSUFBQSx3QkFBZSxFQUFDLE9BQU8sRUFBRSxTQUFTLENBQUMsQ0FBQztRQUN2RCxNQUFNLFlBQVksR0FBRyxJQUFBLHdCQUFlLEVBQUMsT0FBTyxFQUFFLFdBQVcsQ0FBQyxDQUFDO1FBRTNELE1BQU0sV0FBVyxHQUFHLElBQUEsdUJBQWMsRUFBQyxFQUFFLElBQUksRUFBRSxVQUFVLEVBQUUsQ0FBQyxDQUFDLE1BQU0sQ0FBQztRQUNoRSxNQUFNLGFBQWEsR0FBRyxJQUFBLHVCQUFjLEVBQUMsRUFBRSxJQUFJLEVBQUUsWUFBWSxFQUFFLENBQUMsQ0FBQyxNQUFNLENBQUM7UUFFcEUsSUFBSSxJQUFJLENBQUMsWUFBWSxDQUNuQixPQUFPLEVBQ1A7WUFDRSxHQUFHLEVBQUUsT0FBTztZQUNaLFdBQVcsRUFBRSxPQUFPO1lBQ3BCLFdBQVcsRUFBRSxRQUFRLENBQUMsV0FBVztZQUNqQyxpQkFBaUIsRUFBRSxRQUFRLENBQUMsS0FBSyxDQUFDLGlCQUFpQjtZQUNuRCxLQUFLLEVBQUUsSUFBQSxvQkFBVyxFQUFBLGFBQWEsT0FBTyxDQUFDLEVBQUUsRUFBRTtZQUMzQyxVQUFVLEVBQUUsV0FBVztZQUN2QixZQUFZLEVBQUUsYUFBYTtTQUM1QixFQUNELEVBQUUsU0FBUyxFQUFFLE9BQU8sRUFBRSxDQUN2QixDQUFDO1FBRUYsSUFBQSw4QkFBZSxFQUFDO1lBQ2QsSUFBSSxFQUFFLFVBQVU7WUFDaEIsYUFBYSxFQUFFLElBQUk7WUFDbkIsS0FBSyxFQUFFLFdBQVc7WUFDbEIsV0FBVyxFQUFFLE9BQU87WUFDcEIsU0FBUztZQUNULElBQUksRUFBRSxFQUFFLElBQUksRUFBRSxPQUFPLEVBQUU7U0FDeEIsQ0FBQyxDQUFDO1FBRUgsSUFBQSw4QkFBZSxFQUFDO1lBQ2QsSUFBSSxFQUFFLFlBQVk7WUFDbEIsYUFBYSxFQUFFLElBQUk7WUFDbkIsS0FBSyxFQUFFLGFBQWE7WUFDcEIsV0FBVyxFQUFFLE9BQU87WUFDcEIsU0FBUztZQUNULElBQUksRUFBRSxFQUFFLElBQUksRUFBRSxPQUFPLEVBQUU7U0FDeEIsQ0FBQyxDQUFDO0lBQ0wsQ0FBQztJQUVELE9BQU8sT0FBTyxDQUFDO0FBQ2pCLENBQUMsQ0FBQztBQTdEVyxRQUFBLGFBQWEsaUJBNkR4QiJ9

package/Apim/ApiProduct/SwaggerHelper.d.ts

@@ -0,0 +1,6 @@
+import { Input } from "@pulumi/pulumi";
+export interface ApiImport {
+    contentFormat: Input<string>;
+    contentValue: Input<string>;
+}
+export declare const getImportConfig: (specUrl: string, version: string) => Promise<string | undefined>;

package/Apim/ApiProduct/SwaggerHelper.js

@@ -0,0 +1,44 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.getImportConfig = void 0;
+const axios_1 = require("axios");
+const Helpers_1 = require("../../Common/Helpers");
+const removeVersion = (data, version) => {
+    if (!data?.paths) {
+        console.error(`APIM-removeVersion: There is no paths found in`, data);
+        return data;
+    }
+    const newPaths = {};
+    //Replace version from path
+    Object.keys(data.paths).forEach((k) => {
+        const newKey = (0, Helpers_1.replaceAll)(k, `/${version}`, "");
+        //console.log('Replaced: ', { current: k, new: newKey });
+        newPaths[newKey] = data.paths[k];
+    });
+    data.paths = newPaths;
+    return data;
+};
+const downloadSpecFile = async (fileUrl) => {
+    //console.log('Downloading Specs Url', fileUrl);
+    try {
+        //Get specs json from URL
+        const specs = await axios_1.default.get(fileUrl);
+        return specs.data;
+    }
+    catch {
+        console.error("Not able to get spec file from:", fileUrl);
+        return undefined;
+    }
+};
+const getImportConfig = async (specUrl, version) => {
+    const spec = await downloadSpecFile(specUrl);
+    if (!spec)
+        return undefined;
+    //Validate
+    //if (!validateSpecFile(specUrl, spec)) return undefined;
+    //Remove Version
+    const data = removeVersion(spec, version);
+    return JSON.stringify(data);
+};
+exports.getImportConfig = getImportConfig;
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiU3dhZ2dlckhlbHBlci5qcyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbIi4uLy4uLy4uL3NyYy9BcGltL0FwaVByb2R1Y3QvU3dhZ2dlckhlbHBlci50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiOzs7QUFFQSxpQ0FBMEI7QUFDMUIsa0RBQWtEO0FBRWxELE1BQU0sYUFBYSxHQUFHLENBQUMsSUFBYyxFQUFFLE9BQWUsRUFBWSxFQUFFO0lBQ2xFLElBQUksQ0FBQyxJQUFJLEVBQUUsS0FBSyxFQUFFLENBQUM7UUFDakIsT0FBTyxDQUFDLEtBQUssQ0FBQyxnREFBZ0QsRUFBRSxJQUFJLENBQUMsQ0FBQztRQUN0RSxPQUFPLElBQUksQ0FBQztJQUNkLENBQUM7SUFFRCxNQUFNLFFBQVEsR0FBRyxFQUFTLENBQUM7SUFFM0IsMkJBQTJCO0lBQzNCLE1BQU0sQ0FBQyxJQUFJLENBQUMsSUFBSSxDQUFDLEtBQUssQ0FBQyxDQUFDLE9BQU8sQ0FBQyxDQUFDLENBQUMsRUFBRSxFQUFFO1FBQ3BDLE1BQU0sTUFBTSxHQUFHLElBQUEsb0JBQVUsRUFBQyxDQUFDLEVBQUUsSUFBSSxPQUFPLEVBQUUsRUFBRSxFQUFFLENBQUMsQ0FBQztRQUNoRCx5REFBeUQ7UUFFekQsUUFBUSxDQUFDLE1BQU0sQ0FBQyxHQUFHLElBQUksQ0FBQyxLQUFLLENBQUMsQ0FBQyxDQUFDLENBQUM7SUFDbkMsQ0FBQyxDQUFDLENBQUM7SUFFSCxJQUFJLENBQUMsS0FBSyxHQUFHLFFBQVEsQ0FBQztJQUN0QixPQUFPLElBQUksQ0FBQztBQUNkLENBQUMsQ0FBQztBQU9GLE1BQU0sZ0JBQWdCLEdBQUcsS0FBSyxFQUM1QixPQUFlLEVBQ2dCLEVBQUU7SUFDakMsZ0RBQWdEO0lBRWhELElBQUksQ0FBQztRQUNILHlCQUF5QjtRQUN6QixNQUFNLEtBQUssR0FBRyxNQUFNLGVBQUssQ0FBQyxHQUFHLENBQVcsT0FBTyxDQUFDLENBQUM7UUFDakQsT0FBTyxLQUFLLENBQUMsSUFBSSxDQUFDO0lBQ3BCLENBQUM7SUFBQyxNQUFNLENBQUM7UUFDUCxPQUFPLENBQUMsS0FBSyxDQUFDLGlDQUFpQyxFQUFFLE9BQU8sQ0FBQyxDQUFDO1FBQzFELE9BQU8sU0FBUyxDQUFDO0lBQ25CLENBQUM7QUFDSCxDQUFDLENBQUM7QUFFSyxNQUFNLGVBQWUsR0FBRyxLQUFLLEVBQ2xDLE9BQWUsRUFDZixPQUFlLEVBQ2MsRUFBRTtJQUMvQixNQUFNLElBQUksR0FBRyxNQUFNLGdCQUFnQixDQUFDLE9BQU8sQ0FBQyxDQUFDO0lBRTdDLElBQUksQ0FBQyxJQUFJO1FBQUUsT0FBTyxTQUFTLENBQUM7SUFFNUIsVUFBVTtJQUNWLHlEQUF5RDtJQUV6RCxnQkFBZ0I7SUFDaEIsTUFBTSxJQUFJLEdBQUcsYUFBYSxDQUFDLElBQUksRUFBRSxPQUFPLENBQUMsQ0FBQztJQUMxQyxPQUFPLElBQUksQ0FBQyxTQUFTLENBQUMsSUFBSSxDQUFDLENBQUM7QUFDOUIsQ0FBQyxDQUFDO0FBZFcsUUFBQSxlQUFlLG1CQWMxQiJ9

package/Apim/ApiProduct/index.d.ts

@@ -0,0 +1,9 @@
+import { ProductProps } from './Product';
+import { ApiProps } from './Api';
+interface Props extends ProductProps, Omit<ApiProps, 'product'> {
+}
+declare const _default: ({ name, apimInfo, subscriptionRequired, vaultInfo, ...others }: Props) => Promise<{
+    set: import("@pulumi/azure-native/apimanagement/apiVersionSet").ApiVersionSet | undefined;
+    apis: import("@pulumi/azure-native/apimanagement/api").Api[];
+}>;
+export default _default;

package/Apim/ApiProduct/index.js

@@ -0,0 +1,22 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+const Product_1 = require("./Product");
+const Api_1 = require("./Api");
+exports.default = async ({ name, apimInfo, subscriptionRequired, vaultInfo, ...others }) => {
+    const product = await (0, Product_1.createProduct)({
+        name,
+        apimInfo,
+        vaultInfo,
+        subscriptionRequired,
+    });
+    product.name.apply(console.log);
+    const api = (0, Api_1.createApi)({
+        name,
+        apimInfo,
+        product,
+        subscriptionRequired,
+        ...others,
+    });
+    return { product, ...api };
+};
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaW5kZXguanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi8uLi9zcmMvQXBpbS9BcGlQcm9kdWN0L2luZGV4LnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7O0FBQUEsdUNBQXdEO0FBQ3hELCtCQUE0QztBQUk1QyxrQkFBZSxLQUFLLEVBQUUsRUFDcEIsSUFBSSxFQUNKLFFBQVEsRUFDUixvQkFBb0IsRUFDcEIsU0FBUyxFQUNULEdBQUcsTUFBTSxFQUNILEVBQUUsRUFBRTtJQUNWLE1BQU0sT0FBTyxHQUFHLE1BQU0sSUFBQSx1QkFBYSxFQUFDO1FBQ2xDLElBQUk7UUFDSixRQUFRO1FBQ1IsU0FBUztRQUNULG9CQUFvQjtLQUNyQixDQUFDLENBQUM7SUFFSCxPQUFPLENBQUMsSUFBSSxDQUFDLEtBQUssQ0FBQyxPQUFPLENBQUMsR0FBRyxDQUFDLENBQUM7SUFFaEMsTUFBTSxHQUFHLEdBQUcsSUFBQSxlQUFTLEVBQUM7UUFDcEIsSUFBSTtRQUNKLFFBQVE7UUFDUixPQUFPO1FBQ1Asb0JBQW9CO1FBQ3BCLEdBQUcsTUFBTTtLQUNWLENBQUMsQ0FBQztJQUVILE9BQU8sRUFBRSxPQUFPLEVBQUUsR0FBRyxHQUFHLEVBQUUsQ0FBQztBQUM3QixDQUFDLENBQUMifQ==

package/Apim/Helpers.js

@@ -0,0 +1,2 @@
+"use strict";
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiSGVscGVycy5qcyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbIi4uLy4uL3NyYy9BcGltL0hlbHBlcnMudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6IiJ9

package/Apim/HookProxy/index.d.ts

@@ -0,0 +1,20 @@
+import { PoliciesProps } from '../ApiProduct/PolicyBuilder';
+import { ApimInfo, KeyVaultInfo } from '../../types';
+interface Props {
+    name?: string;
+    apimInfo: ApimInfo;
+    subscriptionRequired?: boolean;
+    vaultInfo?: KeyVaultInfo;
+    policies?: PoliciesProps;
+    domain: string;
+    authHeaderKey: string;
+    hookHeaderKey: string;
+}
+declare const _default: ({ name, subscriptionRequired, domain, hookHeaderKey, authHeaderKey, policies, ...props }: Props) => Promise<{
+    product: import("@pulumi/azure-native/apimanagement/product").Product;
+    api: {
+        set: import("@pulumi/azure-native/apimanagement/apiVersionSet").ApiVersionSet | undefined;
+        apis: import("@pulumi/azure-native/apimanagement/api").Api[];
+    };
+}>;
+export default _default;

package/Apim/HookProxy/index.js

@@ -0,0 +1,27 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+const PolicyBuilder_1 = require("../ApiProduct/PolicyBuilder");
+const Product_1 = require("../ApiProduct/Product");
+const Api_1 = require("../ApiProduct/Api");
+exports.default = async ({ name = 'hook-proxy', subscriptionRequired = true, domain, hookHeaderKey, authHeaderKey, policies, ...props }) => {
+    const product = await (0, Product_1.createProduct)({ name, ...props, subscriptionRequired });
+    const api = await (0, Api_1.createApi)({
+        name,
+        ...props,
+        enableApiSet: false,
+        product,
+        authHeaderKey,
+        policies: {
+            ...policies,
+            setHeaders: [{ name: authHeaderKey, type: PolicyBuilder_1.SetHeaderTypes.delete }],
+            checkHeaders: {
+                checkHeaders: [{ name: hookHeaderKey }],
+            },
+        },
+        //Dummy Url as it will be set from request header key `hookHeaderKey`
+        serviceUrl: `https://${domain}`,
+        operations: [{ name: 'Post', method: 'POST', urlTemplate: '/' }],
+    });
+    return { product, api };
+};
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaW5kZXguanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi8uLi9zcmMvQXBpbS9Ib29rUHJveHkvaW5kZXgudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6Ijs7QUFBQSwrREFBNEU7QUFFNUUsbURBQXNEO0FBQ3RELDJDQUE4QztBQWE5QyxrQkFBZSxLQUFLLEVBQUUsRUFDcEIsSUFBSSxHQUFHLFlBQVksRUFDbkIsb0JBQW9CLEdBQUcsSUFBSSxFQUMzQixNQUFNLEVBQ04sYUFBYSxFQUNiLGFBQWEsRUFDYixRQUFRLEVBQ1IsR0FBRyxLQUFLLEVBQ0YsRUFBRSxFQUFFO0lBQ1YsTUFBTSxPQUFPLEdBQUcsTUFBTSxJQUFBLHVCQUFhLEVBQUMsRUFBRSxJQUFJLEVBQUUsR0FBRyxLQUFLLEVBQUUsb0JBQW9CLEVBQUUsQ0FBQyxDQUFDO0lBRTlFLE1BQU0sR0FBRyxHQUFHLE1BQU0sSUFBQSxlQUFTLEVBQUM7UUFDMUIsSUFBSTtRQUNKLEdBQUcsS0FBSztRQUNSLFlBQVksRUFBRSxLQUFLO1FBQ25CLE9BQU87UUFDUCxhQUFhO1FBQ2IsUUFBUSxFQUFFO1lBQ1IsR0FBRyxRQUFRO1lBQ1gsVUFBVSxFQUFFLENBQUMsRUFBRSxJQUFJLEVBQUUsYUFBYSxFQUFFLElBQUksRUFBRSw4QkFBYyxDQUFDLE1BQU0sRUFBRSxDQUFDO1lBQ2xFLFlBQVksRUFBRTtnQkFDWixZQUFZLEVBQUUsQ0FBQyxFQUFFLElBQUksRUFBRSxhQUFhLEVBQUUsQ0FBQzthQUN4QztTQUNGO1FBQ0QscUVBQXFFO1FBQ3JFLFVBQVUsRUFBRSxXQUFXLE1BQU0sRUFBRTtRQUMvQixVQUFVLEVBQUUsQ0FBQyxFQUFFLElBQUksRUFBRSxNQUFNLEVBQUUsTUFBTSxFQUFFLE1BQU0sRUFBRSxXQUFXLEVBQUUsR0FBRyxFQUFFLENBQUM7S0FDakUsQ0FBQyxDQUFDO0lBRUgsT0FBTyxFQUFFLE9BQU8sRUFBRSxHQUFHLEVBQUUsQ0FBQztBQUMxQixDQUFDLENBQUMifQ==

package/Apim/index.d.ts

@@ -0,0 +1,22 @@
+import * as apimanagement from '@pulumi/azure-native/apimanagement';
+import { Input } from '@pulumi/pulumi';
+import { ApimInfo, BasicResourceArgs, DefaultResourceArgs } from '../types';
+interface Props extends BasicResourceArgs, Omit<DefaultResourceArgs, "monitoring"> {
+    insight?: {
+        id: Input<string>;
+        key: Input<string>;
+    };
+    sku: apimanagement.SkuType;
+    capacity?: number;
+    alertEmail: Input<string>;
+    customDomain?: {
+        domain: string;
+        certificate: Input<string>;
+        certificatePassword?: Input<string>;
+    };
+}
+declare const _default: ({ name, group, customDomain, insight, sku, capacity, lock, alertEmail, ...others }: Props) => {
+    apim: import("@pulumi/azure-native/apimanagement/apiManagementService").ApiManagementService;
+    toApimInfo: () => ApimInfo;
+};
+export default _default;