npm - @fonoster/apiserver - Versions diffs - 0.8.0 → 0.8.4 - Mend

@fonoster/apiserver 0.8.0 → 0.8.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (6) hide show

package/dist/core/identityConfig.js +14 -0
package/dist/envs.d.ts +2 -0
package/dist/envs.js +4 -2
package/dist/index.js +0 -0
package/dist/voice/VoiceClientImpl.js +23 -0
package/package.json +9 -9

package/dist/core/identityConfig.js CHANGED Viewed

@@ -19,7 +19,21 @@ exports.identityConfig = void 0;
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */
+const common_1 = require("@fonoster/common");
 const envs_1 = require("../envs");
+if (envs_1.IDENTITY_USER_VERIFICATION_REQUIRED) {
+    (0, common_1.assertEnvsAreSet)([
+        "TWILIO_ACCOUNT_SID",
+        "TWILIO_AUTH_TOKEN",
+        "TWILIO_PHONE_NUMBER"
+    ]);
+}
+if (envs_1.IDENTITY_OAUTH2_GITHUB_ENABLED) {
+    (0, common_1.assertEnvsAreSet)([
+        "IDENTITY_OAUTH2_GITHUB_CLIENT_ID",
+        "IDENTITY_OAUTH2_GITHUB_CLIENT_SECRET"
+    ]);
+}
 const identityConfig = {
     issuer: envs_1.IDENTITY_ISSUER,
     audience: envs_1.IDENTITY_AUDIENCE,

package/dist/envs.d.ts CHANGED Viewed

@@ -15,6 +15,8 @@ export declare const IDENTITY_ACCESS_TOKEN_EXPIRES_IN: string;
 export declare const IDENTITY_AUDIENCE: string;
 export declare const IDENTITY_ID_TOKEN_EXPIRES_IN: string;
 export declare const IDENTITY_ISSUER: string;
+export declare const IDENTITY_USER_VERIFICATION_REQUIRED: boolean;
+export declare const IDENTITY_OAUTH2_GITHUB_ENABLED: boolean;
 export declare const IDENTITY_OAUTH2_GITHUB_CLIENT_ID: string;
 export declare const IDENTITY_OAUTH2_GITHUB_CLIENT_SECRET: string;
 export declare const IDENTITY_PRIVATE_KEY: string;

package/dist/envs.js CHANGED Viewed

@@ -4,8 +4,8 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
 };
 var _a;
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.TEMPLATES_DIR = exports.SMTP_SENDER = exports.SMTP_SECURE = exports.SMTP_PORT = exports.SMTP_HOST = exports.SMTP_AUTH_USER = exports.SMTP_AUTH_PASS = exports.ROUTR_DEFAULT_PEER_USERNAME = exports.ROUTR_DEFAULT_PEER_PASSWORD = exports.ROUTR_DEFAULT_PEER_NAME = exports.ROUTR_DEFAULT_PEER_AOR = exports.ROUTR_API_ENDPOINT = exports.OWNER_PASSWORD = exports.OWNER_NAME = exports.OWNER_EMAIL = exports.NATS_URL = exports.INTEGRATIONS_FILE = exports.INFLUXDB_USERNAME = exports.INFLUXDB_URL = exports.INFLUXDB_TOKEN = exports.INFLUXDB_PASSWORD = exports.INFLUXDB_ORG = exports.INFLUXDB_BUCKET = exports.AUTHZ_SERVICE_METHODS = exports.AUTHZ_SERVICE_PORT = exports.AUTHZ_SERVICE_HOST = exports.AUTHZ_SERVICE_ENABLED = exports.IDENTITY_WORKSPACE_INVITATION_FAIL_URL = exports.IDENTITY_REFRESH_TOKEN_EXPIRES_IN = exports.IDENTITY_PUBLIC_KEY = exports.IDENTITY_PRIVATE_KEY = exports.IDENTITY_OAUTH2_GITHUB_CLIENT_SECRET = exports.IDENTITY_OAUTH2_GITHUB_CLIENT_ID = exports.IDENTITY_ISSUER = exports.IDENTITY_ID_TOKEN_EXPIRES_IN = exports.IDENTITY_AUDIENCE = exports.IDENTITY_ACCESS_TOKEN_EXPIRES_IN = exports.HTTP_BRIDGE_PORT = exports.DEFAULT_NATS_QUEUE_GROUP = exports.CLOAK_ENCRYPTION_KEY = exports.CALLS_TRACK_CALL_SUBJECT = exports.CALLS_CREATE_SUBJECT = exports.ASTERISK_TRUNK = exports.ASTERISK_SYSTEM_DOMAIN = exports.ASTERISK_ARI_USERNAME = exports.ASTERISK_ARI_SECRET = exports.ASTERISK_ARI_PROXY_URL = exports.APP_URL = exports.APISERVER_HOST = exports.APISERVER_BIND_ADDR = void 0;
-exports.TWILIO_PHONE_NUMBER = exports.TWILIO_AUTH_TOKEN = exports.TWILIO_ACCOUNT_SID = void 0;
+exports.SMTP_SECURE = exports.SMTP_PORT = exports.SMTP_HOST = exports.SMTP_AUTH_USER = exports.SMTP_AUTH_PASS = exports.ROUTR_DEFAULT_PEER_USERNAME = exports.ROUTR_DEFAULT_PEER_PASSWORD = exports.ROUTR_DEFAULT_PEER_NAME = exports.ROUTR_DEFAULT_PEER_AOR = exports.ROUTR_API_ENDPOINT = exports.OWNER_PASSWORD = exports.OWNER_NAME = exports.OWNER_EMAIL = exports.NATS_URL = exports.INTEGRATIONS_FILE = exports.INFLUXDB_USERNAME = exports.INFLUXDB_URL = exports.INFLUXDB_TOKEN = exports.INFLUXDB_PASSWORD = exports.INFLUXDB_ORG = exports.INFLUXDB_BUCKET = exports.AUTHZ_SERVICE_METHODS = exports.AUTHZ_SERVICE_PORT = exports.AUTHZ_SERVICE_HOST = exports.AUTHZ_SERVICE_ENABLED = exports.IDENTITY_WORKSPACE_INVITATION_FAIL_URL = exports.IDENTITY_REFRESH_TOKEN_EXPIRES_IN = exports.IDENTITY_PUBLIC_KEY = exports.IDENTITY_PRIVATE_KEY = exports.IDENTITY_OAUTH2_GITHUB_CLIENT_SECRET = exports.IDENTITY_OAUTH2_GITHUB_CLIENT_ID = exports.IDENTITY_OAUTH2_GITHUB_ENABLED = exports.IDENTITY_USER_VERIFICATION_REQUIRED = exports.IDENTITY_ISSUER = exports.IDENTITY_ID_TOKEN_EXPIRES_IN = exports.IDENTITY_AUDIENCE = exports.IDENTITY_ACCESS_TOKEN_EXPIRES_IN = exports.HTTP_BRIDGE_PORT = exports.DEFAULT_NATS_QUEUE_GROUP = exports.CLOAK_ENCRYPTION_KEY = exports.CALLS_TRACK_CALL_SUBJECT = exports.CALLS_CREATE_SUBJECT = exports.ASTERISK_TRUNK = exports.ASTERISK_SYSTEM_DOMAIN = exports.ASTERISK_ARI_USERNAME = exports.ASTERISK_ARI_SECRET = exports.ASTERISK_ARI_PROXY_URL = exports.APP_URL = exports.APISERVER_HOST = exports.APISERVER_BIND_ADDR = void 0;
+exports.TWILIO_PHONE_NUMBER = exports.TWILIO_AUTH_TOKEN = exports.TWILIO_ACCOUNT_SID = exports.TEMPLATES_DIR = exports.SMTP_SENDER = void 0;
 /*
  * Copyright (C) 2024 by Fonoster Inc (https://fonoster.com)
  * http://github.com/fonoster/fonoster
@@ -77,6 +77,8 @@ exports.IDENTITY_ACCESS_TOKEN_EXPIRES_IN = e.IDENTITY_ACCESS_TOKEN_EXPIRES_IN ||
 exports.IDENTITY_AUDIENCE = e.IDENTITY_AUDIENCE || "api";
 exports.IDENTITY_ID_TOKEN_EXPIRES_IN = e.IDENTITY_ID_TOKEN_EXPIRES_IN || "15m";
 exports.IDENTITY_ISSUER = e.IDENTITY_ISSUER || "https://fonoster.local";
+exports.IDENTITY_USER_VERIFICATION_REQUIRED = e.IDENTITY_USER_VERIFICATION_REQUIRED === "true";
+exports.IDENTITY_OAUTH2_GITHUB_ENABLED = e.IDENTITY_OAUTH2_GITHUB_ENABLED === "true";
 exports.IDENTITY_OAUTH2_GITHUB_CLIENT_ID = e.IDENTITY_OAUTH2_GITHUB_CLIENT_ID;
 exports.IDENTITY_OAUTH2_GITHUB_CLIENT_SECRET = e.IDENTITY_OAUTH2_GITHUB_CLIENT_SECRET;
 exports.IDENTITY_PRIVATE_KEY = fs_1.default.readFileSync(IDENTITY_PRIVATE_KEY_PATH, "utf8");

package/dist/index.js CHANGED Viewed

File without changes

package/dist/voice/VoiceClientImpl.js CHANGED Viewed

@@ -72,6 +72,8 @@ const transcribeOnConnection_1 = require("./transcribeOnConnection");
 const types_1 = require("./types");
 const createExternalMediaConfig_1 = require("./utils/createExternalMediaConfig");
 const VoiceServiceClientConstructor_1 = require("./utils/VoiceServiceClientConstructor");
+const envs_1 = require("../envs");
+const authz_1 = require("@fonoster/authz");
 const logger = (0, logger_1.getLogger)({ service: "apiserver", filePath: __filename });
 class VoiceClientImpl {
     constructor(params, filesServer) {
@@ -86,6 +88,27 @@ class VoiceClientImpl {
     }
     connect() {
         return __awaiter(this, void 0, void 0, function* () {
+            // TODO: We should improve the error handling here. As it is now,
+            // it always returns true or throws an error we should return a boolean and throw an error only if the
+            // connection is not possible or other critical error
+            if (envs_1.AUTHZ_SERVICE_ENABLED) {
+                try {
+                    const authz = new authz_1.AuthzClient(`${envs_1.AUTHZ_SERVICE_HOST}:${envs_1.AUTHZ_SERVICE_PORT}`);
+                    yield authz.checkSessionAuthorized({
+                        accessKeyId: this.config.accessKeyId
+                    });
+                }
+                catch (e) {
+                    const { sessionRef: channelId } = this.config;
+                    const { ari } = this;
+                    logger.verbose("rejected unauthorized session", { channelId });
+                    yield ari.channels.answer({ channelId });
+                    yield ari.channels.play({ channelId, media: "sound:unavailable" });
+                    yield new Promise((resolve) => setTimeout(resolve, 2000));
+                    yield ari.channels.hangup({ channelId });
+                    return;
+                }
+            }
             this.grpcClient = new VoiceServiceClientConstructor_1.VoiceServiceClientConstructor(this.config.endpoint, grpc.credentials.createInsecure());
             const metadata = new grpc.Metadata();
             metadata.add("accessKeyId", this.config.accessKeyId);

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@fonoster/apiserver",
-  "version": "0.8.0",
+  "version": "0.8.4",
   "description": "APIServer for Fonoster",
   "author": "Pedro Sanders <psanders@fonoster.com>",
   "homepage": "https://github.com/fonoster/fonoster#readme",
@@ -21,13 +21,13 @@
   },
   "dependencies": {
     "@deepgram/sdk": "^3.5.1",
-    "@fonoster/authz": "^0.8.0",
-    "@fonoster/common": "^0.8.0",
-    "@fonoster/identity": "^0.8.0",
-    "@fonoster/logger": "^0.8.0",
-    "@fonoster/sipnet": "^0.8.0",
-    "@fonoster/streams": "^0.8.0",
-    "@fonoster/types": "^0.8.0",
+    "@fonoster/authz": "^0.8.4",
+    "@fonoster/common": "^0.8.4",
+    "@fonoster/identity": "^0.8.4",
+    "@fonoster/logger": "^0.8.4",
+    "@fonoster/sipnet": "^0.8.4",
+    "@fonoster/streams": "^0.8.4",
+    "@fonoster/types": "^0.8.4",
     "@google-cloud/speech": "^6.6.0",
     "@google-cloud/text-to-speech": "^5.3.0",
     "@grpc/grpc-js": "~1.10.6",
@@ -73,5 +73,5 @@
     "@types/uuid": "^10.0.0",
     "@types/validator": "^13.12.0"
   },
-  "gitHead": "9d8a6fc044fe23f4f75356c142d1ca412db5af15"
+  "gitHead": "230bf0c9b793e5de49ffeb30ee1bd62226f55cba"
 }