@flashbacktech/flashbackclient 0.0.72 → 0.0.74

package/dist/gcs/index.d.ts

@@ -0,0 +1,2 @@
+import { MockupAuthClient } from "./oauth2";
+export { MockupAuthClient };

package/dist/gcs/index.js

@@ -0,0 +1,5 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.MockupAuthClient = void 0;
+const oauth2_1 = require("./oauth2");
+Object.defineProperty(exports, "MockupAuthClient", { enumerable: true, get: function () { return oauth2_1.MockupAuthClient; } });

package/dist/gcs/oauth2.d.ts

@@ -0,0 +1,29 @@
+import { OAuth2Client } from 'google-auth-library';
+import { ServiceCredentials } from './storage';
+import { GaxiosResponse } from 'gaxios';
+export declare class MockupAuthClient extends OAuth2Client {
+    getRequestHeaders(): Promise<{
+        Authorization: string;
+    }>;
+}
+export declare class FlashbackAuthClient extends OAuth2Client {
+    private authUrl;
+    private creds;
+    private _credentials;
+    private scopes;
+    constructor(authUrl: string, scopes: string[], credentials: ServiceCredentials);
+    getCredentials(): Promise<{
+        client_email: string;
+        private_key: string;
+    }>;
+    getAccessToken(): Promise<{
+        token: string | null;
+        res: null;
+    }>;
+    getRequestHeaders(): Promise<Record<string, string>>;
+    private ensureValidToken;
+    private fetchToken;
+    request<T = any>(opts: any): Promise<GaxiosResponse<T>>;
+    getRequestMetadata(url?: string): Promise<Record<string, string>>;
+    authorizeRequest(reqOpts: any): Promise<any>;
+}

package/dist/gcs/oauth2.js

@@ -0,0 +1,98 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.FlashbackAuthClient = exports.MockupAuthClient = void 0;
+const google_auth_library_1 = require("google-auth-library");
+const axios_1 = __importDefault(require("axios"));
+class MockupAuthClient extends google_auth_library_1.OAuth2Client {
+    async getRequestHeaders() {
+        return {
+            Authorization: 'Bearer test-token',
+        };
+    }
+}
+exports.MockupAuthClient = MockupAuthClient;
+class FlashbackAuthClient extends google_auth_library_1.OAuth2Client {
+    constructor(authUrl, scopes, credentials) {
+        super();
+        this.authUrl = authUrl;
+        this._credentials = null;
+        this.creds = credentials;
+        this.scopes = scopes;
+        console.log('FlashbackAuthClient created with URL:', authUrl);
+    }
+    async getCredentials() {
+        return {
+            client_email: this.creds.client_email,
+            private_key: this.creds.private_key,
+        };
+    }
+    async getAccessToken() {
+        await this.ensureValidToken();
+        return {
+            token: this._credentials?.access_token || null,
+            res: null
+        };
+    }
+    async getRequestHeaders() {
+        await this.ensureValidToken();
+        return {
+            Authorization: `Bearer ${this._credentials?.access_token}`,
+        };
+    }
+    async ensureValidToken() {
+        const now = Date.now();
+        if (!this._credentials?.access_token || !this._credentials?.expiry_date || now >= this._credentials.expiry_date) {
+            await this.fetchToken();
+        }
+    }
+    async fetchToken() {
+        const response = await axios_1.default.post(this.authUrl, {
+            client_email: this.creds.client_email,
+            private_key: this.creds.private_key,
+            scopes: this.scopes,
+        });
+        const { access_token, expires_in } = response.data;
+        this._credentials = {
+            access_token,
+            expiry_date: Date.now() + (expires_in * 1000) - 10000,
+        };
+    }
+    async request(opts) {
+        await this.ensureValidToken();
+        const headers = {
+            ...(opts.headers || {}),
+            Authorization: `Bearer ${this._credentials?.access_token}`,
+        };
+        const response = await axios_1.default.request({
+            ...opts,
+            headers,
+        });
+        return {
+            config: opts,
+            data: response.data,
+            headers: response.headers,
+            status: response.status,
+            statusText: response.statusText,
+        };
+    }
+    async getRequestMetadata(url) {
+        await this.ensureValidToken();
+        return {
+            Authorization: `Bearer ${this._credentials?.access_token}`,
+        };
+    }
+    async authorizeRequest(reqOpts) {
+        await this.ensureValidToken();
+        return {
+            ...reqOpts,
+            headers: {
+                ...(reqOpts.headers || {}),
+                Authorization: `Bearer ${this._credentials?.access_token}`,
+            },
+        };
+    }
+}
+exports.FlashbackAuthClient = FlashbackAuthClient;

package/dist/gcs/storage.d.ts

@@ -0,0 +1,22 @@
+import { Storage, StorageOptions, File } from '@google-cloud/storage';
+export interface ServiceCredentials {
+    client_email: string;
+    private_key: string;
+}
+export interface FlashbackStorageOptions extends Omit<StorageOptions, 'authClient'> {
+    apiEndpoint?: string;
+    tokenScopes?: string[];
+    credentials: ServiceCredentials;
+}
+export interface SignedUrlOptions {
+    version: 'v4';
+    action: 'write' | 'read';
+    expires: number;
+    contentType: string;
+    file: File;
+}
+export declare class FlashbackGCSStorage extends Storage {
+    protected credentials: ServiceCredentials;
+    constructor(opts: FlashbackStorageOptions);
+    getSignedUrl(cfg: SignedUrlOptions): Promise<[string]>;
+}

package/dist/gcs/storage.js

@@ -0,0 +1,103 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.FlashbackGCSStorage = void 0;
+const storage_1 = require("@google-cloud/storage");
+const oauth2_1 = require("./oauth2");
+const crypto_1 = __importDefault(require("crypto"));
+class FlashbackGCSStorage extends storage_1.Storage {
+    constructor(opts) {
+        const { credentials, apiEndpoint = 'https://gcs.us-east-1.flashback.tech', tokenScopes = ['READ', 'WRITE'], ...rest } = opts;
+        const authClient = new oauth2_1.FlashbackAuthClient(apiEndpoint + '/token', tokenScopes, credentials);
+        // Intercept Gaxios instance creation
+        const originalRequest = require('gaxios').instance.request;
+        require('gaxios').instance.request = async function (opts) {
+            // Add auth headers to all requests
+            const headers = await authClient.getRequestHeaders();
+            opts.headers = {
+                ...(opts.headers || {}),
+                ...headers,
+            };
+            return originalRequest.call(this, opts);
+        };
+        super({
+            ...rest,
+            apiEndpoint,
+            authClient,
+            useAuthWithCustomEndpoint: true,
+            retryOptions: {
+                autoRetry: true,
+                maxRetries: 3,
+            },
+        });
+        this.credentials = credentials;
+    }
+    // Override the getSignedUrl method
+    async getSignedUrl(cfg) {
+        const { version, action, expires, contentType } = cfg;
+        const accessibleAt = new Date();
+        const millisecondsToSeconds = 1.0 / 1000.0;
+        const expiresPeriodInSeconds = Math.floor((expires - accessibleAt.valueOf()) * millisecondsToSeconds);
+        console.log('Signing Parameters:', {
+            action,
+            expires,
+            expiresPeriodInSeconds,
+            accessibleAt: accessibleAt.toISOString(),
+            contentType
+        });
+        if (expiresPeriodInSeconds > 604800) { // 7 days in seconds
+            throw new Error('Max allowed expiration is seven days (604800 seconds).');
+        }
+        const extensionHeaders = {};
+        extensionHeaders.host = new URL(this.apiEndpoint).hostname;
+        if (contentType) {
+            extensionHeaders['content-type'] = contentType;
+        }
+        const signedHeaders = Object.keys(extensionHeaders)
+            .map(header => header.toLowerCase())
+            .sort()
+            .join(';');
+        const canonicalHeaders = Object.entries(extensionHeaders)
+            .map(([key, value]) => `${key.toLowerCase()}:${value}`)
+            .join('\n') + '\n';
+        const datestamp = accessibleAt.toISOString().split('T')[0];
+        const credentialScope = `${datestamp}/auto/storage/goog4_request`;
+        const credential = `${this.credentials.client_email}/${credentialScope}`;
+        const dateISO = accessibleAt.toISOString().replace(/[:-]|\.\d{3}/g, '');
+        const queryParams = {
+            'X-Goog-Algorithm': 'GOOG4-RSA-SHA256',
+            'X-Goog-Credential': credential,
+            'X-Goog-Date': dateISO,
+            'X-Goog-Expires': expiresPeriodInSeconds.toString(),
+            'X-Goog-SignedHeaders': signedHeaders,
+        };
+        const canonicalQueryString = Object.entries(queryParams)
+            .map(([key, value]) => `${encodeURIComponent(key)}=${encodeURIComponent(value)}`)
+            .join('&');
+        const canonicalRequest = [
+            action === 'read' ? 'GET' : 'PUT',
+            `/${cfg.file.bucket.name}/${cfg.file.name}`,
+            canonicalQueryString,
+            canonicalHeaders,
+            signedHeaders,
+            'UNSIGNED-PAYLOAD',
+        ].join('\n');
+        console.log('Canonical Request:', canonicalRequest);
+        console.log('Canonical Request Hash:', crypto_1.default.createHash('sha256').update(canonicalRequest).digest('hex'));
+        const stringToSign = [
+            'GOOG4-RSA-SHA256',
+            dateISO,
+            credentialScope,
+            crypto_1.default.createHash('sha256').update(canonicalRequest).digest('hex'),
+        ].join('\n');
+        console.log('String to Sign:', stringToSign);
+        const sign = crypto_1.default.createSign('RSA-SHA256');
+        sign.update(stringToSign);
+        const signature = sign.sign(this.credentials.private_key, 'hex');
+        console.log('Generated Signature:', signature);
+        return [`${this.apiEndpoint}/${cfg.file.bucket.name}/${cfg.file.name}?${canonicalQueryString}&X-Goog-Signature=${signature}`];
+    }
+}
+exports.FlashbackGCSStorage = FlashbackGCSStorage;

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@flashbacktech/flashbackclient",
-  "version": "0.0.72",
+  "version": "0.0.74",
   "publishConfig": {
     "access": "public"
   },
@@ -25,7 +25,9 @@
   "dependencies": {
     "@aws-sdk/client-sts": "^3.777.0",
     "@stellar/stellar-sdk": "^13.0.0",
-    "formdata-node": "^6.0.3"
+    "formdata-node": "^6.0.3",
+    "@google-cloud/storage": "^7.15.0",
+    "google-auth-library": "^9.15.1"
   },
   "bin": {
     "": "./dist/.min.js"
@@ -40,6 +42,11 @@
       "types": "./dist/api/index.d.ts",
       "require": "./dist/api/index.js",
       "default": "./dist/api/index.js"
+    },
+    "./gcs": {
+      "types": "./dist/gcs/index.d.ts",
+      "require": "./dist/gcs/index.js",
+      "default": "./dist/gcs/index.js"
     }
   },
   "files": [
@@ -47,8 +54,8 @@
   ],
   "devDependencies": {
     "@aws-sdk/client-s3": "^3.777.0",
+    "@aws-sdk/s3-request-presigner": "^3.782.0",
     "@eslint/js": "^8.56.0",
-    "@google-cloud/storage": "^7.15.0",
     "@types/jest": "^29.5.14",
     "@types/node": "^22.10.1",
     "@types/node-fetch": "^2.6.12",
@@ -71,6 +78,9 @@
       ],
       "api": [
         "./dist/api/index.d.ts"
+      ],
+      "gcs": [
+        "./dist/gcs/index.d.ts"
       ]
     }
   }