@itentialopensource/adapter-utils 5.10.7 → 5.10.9
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/lib/authenticationHandler.js +15 -2
- package/lib/connectorRest.js +13 -13
- package/package.json +1 -1
|
@@ -249,6 +249,21 @@ class AuthenticationHandler {
|
|
|
249
249
|
return callback(authOpts.headers);
|
|
250
250
|
}
|
|
251
251
|
|
|
252
|
+
const myDate = new Date().getTime();
|
|
253
|
+
const mySess = `${this.myid}-${myDate}`;
|
|
254
|
+
|
|
255
|
+
/* ADAPTER PROPERTIES AUTHENTICATION WITH GLOBAL ROLE */
|
|
256
|
+
// This will use the adapter role via the credentials provided to sign the call. If there is a global role for it to assume.
|
|
257
|
+
// it will use AWS Environment variables (access and secret key are null) to sign the call.
|
|
258
|
+
if (this.allProps.authentication.aws_access_key && this.allProps.authentication.aws_secret_key && this.allProps.authentication.aws_iam_role) {
|
|
259
|
+
log.info('Using Adapter PROPERTIES for AWS Authentication to assume a global role');
|
|
260
|
+
const parmas = {
|
|
261
|
+
RoleArn: this.allProps.authentication.aws_iam_role,
|
|
262
|
+
RoleSessionName: mySess
|
|
263
|
+
};
|
|
264
|
+
return this.assumeAWSSTSRole(null, null, null, options, parmas, true, callback);
|
|
265
|
+
}
|
|
266
|
+
|
|
252
267
|
/* ROLE NAME AUTHENTICATION */
|
|
253
268
|
// Different scenarios to discuss here
|
|
254
269
|
// 1. IAM to internal AWS Server - either Task Role (roleName) or Adapter Role (aws_iam_role)
|
|
@@ -268,8 +283,6 @@ class AuthenticationHandler {
|
|
|
268
283
|
|
|
269
284
|
// set up data for first assume role call
|
|
270
285
|
const stsrole = new AWS.STS();
|
|
271
|
-
const myDate = new Date().getTime();
|
|
272
|
-
const mySess = `${this.myid}-${myDate}`;
|
|
273
286
|
const stsData = {
|
|
274
287
|
RoleArn: myRole,
|
|
275
288
|
RoleSessionName: mySess,
|
package/lib/connectorRest.js
CHANGED
|
@@ -2018,8 +2018,10 @@ async function buildTokenRequest(reqPath, reqBody, callProperties, callback) {
|
|
|
2018
2018
|
options.rejectUnauthorized = true;
|
|
2019
2019
|
if (sslCAFileContent && sslCAFileContent !== '') {
|
|
2020
2020
|
options.ca = [sslCAFileContent];
|
|
2021
|
-
} else {
|
|
2021
|
+
} else if (callProperties.ssl.ca_file) {
|
|
2022
2022
|
options.ca = [fs.readFileSync(callProperties.ssl.ca_file)];
|
|
2023
|
+
} else {
|
|
2024
|
+
options.ca = undefined;
|
|
2023
2025
|
}
|
|
2024
2026
|
} catch (e) {
|
|
2025
2027
|
const errorObj = this.transUtil.formatErrorObject(origin, 'Missing File', [callProperties.ssl.ca_file], null, null, null);
|
|
@@ -2049,9 +2051,7 @@ async function buildTokenRequest(reqPath, reqBody, callProperties, callback) {
|
|
|
2049
2051
|
} else if (sslCAFile) {
|
|
2050
2052
|
options.ca = sslCAFile;
|
|
2051
2053
|
} else {
|
|
2052
|
-
|
|
2053
|
-
log.error(`${origin}: ${errorObj.IAPerror.displayString}`);
|
|
2054
|
-
return reject(errorObj);
|
|
2054
|
+
options.ca = undefined; // Node.js default CA store
|
|
2055
2055
|
}
|
|
2056
2056
|
// if there is a cert file, try to read in a cert file in the options
|
|
2057
2057
|
if (sslCertFilePath) {
|
|
@@ -4510,7 +4510,7 @@ class ConnectorRest {
|
|
|
4510
4510
|
}
|
|
4511
4511
|
|
|
4512
4512
|
if (typeof props.ssl.ca_file_content === 'string' && props.ssl.ca_file_content.trim() !== '') {
|
|
4513
|
-
sslCAFileContent = props.ssl.ca_file_content;
|
|
4513
|
+
sslCAFileContent = props.ssl.ca_file_content.replace(/\\n/g, '\n');
|
|
4514
4514
|
}
|
|
4515
4515
|
|
|
4516
4516
|
// set the ssl key file (optional - default is null)
|
|
@@ -4780,8 +4780,10 @@ class ConnectorRest {
|
|
|
4780
4780
|
options.rejectUnauthorized = true;
|
|
4781
4781
|
if (sslCAFileContent && sslCAFileContent !== '') {
|
|
4782
4782
|
options.ca = [sslCAFileContent];
|
|
4783
|
-
} else {
|
|
4783
|
+
} else if (callProperties.ssl.ca_file) {
|
|
4784
4784
|
options.ca = [fs.readFileSync(callProperties.ssl.ca_file)];
|
|
4785
|
+
} else {
|
|
4786
|
+
options.ca = undefined; // Node.js default CA store
|
|
4785
4787
|
}
|
|
4786
4788
|
} catch (e) {
|
|
4787
4789
|
const errorObj = this.transUtil.formatErrorObject(origin, 'Missing File', [callProperties.ssl.ca_file], null, null, null);
|
|
@@ -4811,9 +4813,7 @@ class ConnectorRest {
|
|
|
4811
4813
|
} else if (sslCAFile) {
|
|
4812
4814
|
options.ca = sslCAFile;
|
|
4813
4815
|
} else {
|
|
4814
|
-
|
|
4815
|
-
log.error(`${origin}: ${errorObj.IAPerror.displayString}`);
|
|
4816
|
-
return callback(null, errorObj);
|
|
4816
|
+
options.ca = undefined; // Node.js default CA store
|
|
4817
4817
|
}
|
|
4818
4818
|
// if there is a cert file, try to read in a cert file in the options
|
|
4819
4819
|
if (sslCertFilePath) {
|
|
@@ -4977,8 +4977,10 @@ class ConnectorRest {
|
|
|
4977
4977
|
options.rejectUnauthorized = true;
|
|
4978
4978
|
if (sslCAFileContent && sslCAFileContent !== '') {
|
|
4979
4979
|
options.ca = [sslCAFileContent];
|
|
4980
|
-
} else {
|
|
4980
|
+
} else if (callProperties.ssl.ca_file) {
|
|
4981
4981
|
options.ca = [fs.readFileSync(callProperties.ssl.ca_file)];
|
|
4982
|
+
} else {
|
|
4983
|
+
options.ca = undefined; // Node.js default CA store
|
|
4982
4984
|
}
|
|
4983
4985
|
} catch (e) {
|
|
4984
4986
|
const errorObj = this.transUtil.formatErrorObject(origin, 'Missing File', [callProperties.ssl.ca_file], null, null, null);
|
|
@@ -5008,9 +5010,7 @@ class ConnectorRest {
|
|
|
5008
5010
|
} else if (sslCAFile) {
|
|
5009
5011
|
options.ca = sslCAFile;
|
|
5010
5012
|
} else {
|
|
5011
|
-
|
|
5012
|
-
log.error(`${origin}: ${errorObj.IAPerror.displayString}`);
|
|
5013
|
-
return callback(null, errorObj);
|
|
5013
|
+
options.ca = undefined; // Node.js default CA store
|
|
5014
5014
|
}
|
|
5015
5015
|
// if there is a cert file, try to read in a cert file in the options
|
|
5016
5016
|
if (sslCertFilePath) {
|