@lingxiteam/assets 1.0.11 → 1.0.12

package/lib/security/const.d.ts

@@ -0,0 +1,22 @@
+export declare const securityHeaderKey = "XA-TYPE";
+export declare const defaultSignKey = "X-SIGN";
+export declare const MODE: {
+    SIGN_KEY: string;
+    SIGN: string;
+    RSA: string;
+    AES: string;
+    DES: string;
+};
+export declare const signKey: string;
+export declare const rsaPublicKey: string | undefined;
+export declare const rsaPrivKey: string | undefined;
+export declare const aesKey: string;
+export declare const desKey: string;
+declare const _default: {
+    signKey: string;
+    rsaPublicKey: string | undefined;
+    rsaPrivKey: string | undefined;
+    aesKey: string;
+    desKey: string;
+};
+export default _default;

package/lib/security/const.js

@@ -0,0 +1,38 @@
+"use strict";
+
+Object.defineProperty(exports, "__esModule", {
+  value: true
+});
+exports.signKey = exports.securityHeaderKey = exports.rsaPublicKey = exports.rsaPrivKey = exports.desKey = exports.defaultSignKey = exports.default = exports.aesKey = exports.MODE = void 0;
+var defaultAESKey = 'd86d7bab3d6ac01a';
+var defaultDESKey = '91THRABY';
+var securityHeaderKey = 'XA-TYPE';
+exports.securityHeaderKey = securityHeaderKey;
+var defaultSignKey = 'X-SIGN';
+exports.defaultSignKey = defaultSignKey;
+var MODE = {
+  SIGN_KEY: 'signKey',
+  SIGN: '1.0',
+  RSA: '2.0',
+  AES: '3.0',
+  DES: '4.0'
+};
+exports.MODE = MODE;
+var signKey = process.env.LINGXI_HTTP_SIGN_HEADER_KEY || process.env.REACT_APP_HTTP_SIGN_HEADER_KEY || process.env.UMI_APP_HTTP_SIGN_HEADER_KEY || process.env.FISHX_APP_HTTP_SIGN_HEADER_KEY || defaultSignKey;
+exports.signKey = signKey;
+var rsaPublicKey = process.env.LINGXI_HTTP_RSA_PUBLIC_KEY || process.env.REACT_APP_HTTP_RSA_PUBLIC_KEY || process.env.UMI_APP_HTTP_RSA_PUBLIC_KEY || process.env.FISHX_APP_HTTP_RSA_PUBLIC_KEY;
+exports.rsaPublicKey = rsaPublicKey;
+var rsaPrivKey = process.env.LINGXI_HTTP_RSA_PRIV_KEY || process.env.REACT_APP_HTTP_RSA_PRIV_KEY || process.env.UMI_APP_HTTP_RSA_PRIV_KEY || process.env.FISHX_APP_HTTP_RSA_PRIV_KEY;
+exports.rsaPrivKey = rsaPrivKey;
+var aesKey = process.env.LINGXI_HTTP_AES_KEY || process.env.REACT_APP_HTTP_AES_KEY || process.env.UMI_APP_HTTP_AES_KEY || process.env.FISHX_APP_HTTP_AES_KEY || defaultAESKey;
+exports.aesKey = aesKey;
+var desKey = process.env.LINGXI_HTTP_DES_KEY || process.env.REACT_APP_HTTP_DES_KEY || process.env.UMI_APP_HTTP_DES_KEY || process.env.FISHX_APP_HTTP_DES_KEY || defaultDESKey;
+exports.desKey = desKey;
+var _default = {
+  signKey: signKey,
+  rsaPublicKey: rsaPublicKey,
+  rsaPrivKey: rsaPrivKey,
+  aesKey: aesKey,
+  desKey: desKey
+};
+exports.default = _default;

package/lib/security/encipher/aes.d.ts

@@ -0,0 +1,2 @@
+export declare const AESEncrypt: (value: any, aesKey: string, handle?: any) => any;
+export declare const AESDecrypt: (value: string, aesKey: string, handle?: any) => any;

package/lib/security/encipher/aes.js

@@ -0,0 +1,35 @@
+"use strict";
+
+Object.defineProperty(exports, "__esModule", {
+  value: true
+});
+exports.AESEncrypt = exports.AESDecrypt = void 0;
+var _cryptoJs = _interopRequireDefault(require("crypto-js"));
+function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }
+var AESEncrypt = function AESEncrypt(value, aesKey, handle) {
+  if (typeof handle === 'function') {
+    return handle(value, aesKey, _cryptoJs.default);
+  }
+  var key = _cryptoJs.default.enc.Utf8.parse(aesKey);
+  var ciphertext = _cryptoJs.default.enc.Utf8.parse(value);
+  var encrypted = _cryptoJs.default.AES.encrypt(ciphertext, key, {
+    mode: _cryptoJs.default.mode.ECB,
+    padding: _cryptoJs.default.pad.Pkcs7
+  });
+  return encrypted.toString();
+};
+exports.AESEncrypt = AESEncrypt;
+var AESDecrypt = function AESDecrypt(value, aesKey, handle) {
+  if (typeof handle === 'function') {
+    return handle(value, aesKey, _cryptoJs.default);
+  }
+  var key = _cryptoJs.default.enc.Utf8.parse(aesKey);
+  var ciphertext = _cryptoJs.default.enc.Base64.stringify(_cryptoJs.default.enc.Base64.parse(value));
+  // const ciphertext = CryptoJS.enc.Base64.stringify(CryptoJS.enc.Base64.parse(CryptoJS.enc.Utf8.parse(value).toString(CryptoJS.enc.Utf8)));
+  var encrypted = _cryptoJs.default.AES.decrypt(ciphertext, key, {
+    mode: _cryptoJs.default.mode.ECB,
+    padding: _cryptoJs.default.pad.Pkcs7
+  });
+  return encrypted.toString(_cryptoJs.default.enc.Utf8);
+};
+exports.AESDecrypt = AESDecrypt;

package/lib/security/encipher/des.d.ts

@@ -0,0 +1,2 @@
+export declare const DESEncrypt: (value: string, aesKey: string, handle?: any) => any;
+export declare const DESDecrypt: (value: string, aesKey: string, handle?: any) => any;

package/lib/security/encipher/des.js

@@ -0,0 +1,34 @@
+"use strict";
+
+Object.defineProperty(exports, "__esModule", {
+  value: true
+});
+exports.DESEncrypt = exports.DESDecrypt = void 0;
+var _cryptoJs = _interopRequireDefault(require("crypto-js"));
+function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }
+var DESEncrypt = function DESEncrypt(value, aesKey, handle) {
+  if (typeof handle === 'function') {
+    return handle(value, aesKey, _cryptoJs.default);
+  }
+  var key = _cryptoJs.default.enc.Utf8.parse(aesKey);
+  var ciphertext = _cryptoJs.default.enc.Utf8.parse(value);
+  var encrypted = _cryptoJs.default.DES.encrypt(ciphertext, key, {
+    mode: _cryptoJs.default.mode.ECB,
+    padding: _cryptoJs.default.pad.Pkcs7
+  });
+  return encrypted.toString();
+};
+exports.DESEncrypt = DESEncrypt;
+var DESDecrypt = function DESDecrypt(value, aesKey, handle) {
+  if (typeof handle === 'function') {
+    return handle(value, aesKey, _cryptoJs.default);
+  }
+  var key = _cryptoJs.default.enc.Utf8.parse(aesKey);
+  var ciphertext = _cryptoJs.default.enc.Base64.stringify(_cryptoJs.default.enc.Base64.parse(value));
+  var encrypted = _cryptoJs.default.DES.decrypt(ciphertext, key, {
+    mode: _cryptoJs.default.mode.ECB,
+    padding: _cryptoJs.default.pad.Pkcs7
+  });
+  return encrypted.toString(_cryptoJs.default.enc.Utf8);
+};
+exports.DESDecrypt = DESDecrypt;

package/lib/security/encipher/rsa.d.ts

@@ -0,0 +1,2 @@
+export declare const RSAEncrypt: (value: string, publicKey: string, handle?: any) => any;
+export declare const RSADecrypt: (value: string, privKey: string, handle?: any) => any;

package/lib/security/encipher/rsa.js

@@ -0,0 +1,26 @@
+"use strict";
+
+Object.defineProperty(exports, "__esModule", {
+  value: true
+});
+exports.RSAEncrypt = exports.RSADecrypt = void 0;
+var _jsencrypt = _interopRequireDefault(require("jsencrypt"));
+function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }
+var RSAEncrypt = function RSAEncrypt(value, publicKey, handle) {
+  if (typeof handle === 'function') {
+    return handle(value, publicKey, _jsencrypt.default);
+  }
+  var encryptor = new _jsencrypt.default();
+  encryptor.setPublicKey(publicKey);
+  return encryptor.encrypt(value);
+};
+exports.RSAEncrypt = RSAEncrypt;
+var RSADecrypt = function RSADecrypt(value, privKey, handle) {
+  if (typeof handle === 'function') {
+    return handle(value, privKey, _jsencrypt.default);
+  }
+  var decrypt = new _jsencrypt.default();
+  decrypt.setPrivateKey(privKey);
+  return decrypt.decrypt(value);
+};
+exports.RSADecrypt = RSADecrypt;

package/lib/security/encipher/sign.d.ts

@@ -0,0 +1,6 @@
+export declare const createHttpSignStr: (url: string, options: any) => string;
+declare const _default: {
+    createHttpSignStr: (url: string, options: any) => string;
+    getApiPath: (url: string) => string | undefined;
+};
+export default _default;

package/lib/security/encipher/sign.js

@@ -0,0 +1,102 @@
+"use strict";
+
+Object.defineProperty(exports, "__esModule", {
+  value: true
+});
+exports.default = exports.createHttpSignStr = void 0;
+var _cryptoJs = require("crypto-js");
+var _url = require("../../utils/url");
+function _typeof(obj) { "@babel/helpers - typeof"; return _typeof = "function" == typeof Symbol && "symbol" == typeof Symbol.iterator ? function (obj) { return typeof obj; } : function (obj) { return obj && "function" == typeof Symbol && obj.constructor === Symbol && obj !== Symbol.prototype ? "symbol" : typeof obj; }, _typeof(obj); }
+function _slicedToArray(arr, i) { return _arrayWithHoles(arr) || _iterableToArrayLimit(arr, i) || _unsupportedIterableToArray(arr, i) || _nonIterableRest(); }
+function _nonIterableRest() { throw new TypeError("Invalid attempt to destructure non-iterable instance.\nIn order to be iterable, non-array objects must have a [Symbol.iterator]() method."); }
+function _unsupportedIterableToArray(o, minLen) { if (!o) return; if (typeof o === "string") return _arrayLikeToArray(o, minLen); var n = Object.prototype.toString.call(o).slice(8, -1); if (n === "Object" && o.constructor) n = o.constructor.name; if (n === "Map" || n === "Set") return Array.from(o); if (n === "Arguments" || /^(?:Ui|I)nt(?:8|16|32)(?:Clamped)?Array$/.test(n)) return _arrayLikeToArray(o, minLen); }
+function _arrayLikeToArray(arr, len) { if (len == null || len > arr.length) len = arr.length; for (var i = 0, arr2 = new Array(len); i < len; i++) { arr2[i] = arr[i]; } return arr2; }
+function _iterableToArrayLimit(arr, i) { var _i = null == arr ? null : "undefined" != typeof Symbol && arr[Symbol.iterator] || arr["@@iterator"]; if (null != _i) { var _s, _e, _x, _r, _arr = [], _n = !0, _d = !1; try { if (_x = (_i = _i.call(arr)).next, 0 === i) { if (Object(_i) !== _i) return; _n = !1; } else for (; !(_n = (_s = _x.call(_i)).done) && (_arr.push(_s.value), _arr.length !== i); _n = !0) { ; } } catch (err) { _d = !0, _e = err; } finally { try { if (!_n && null != _i.return && (_r = _i.return(), Object(_r) !== _r)) return; } finally { if (_d) throw _e; } } return _arr; } }
+function _arrayWithHoles(arr) { if (Array.isArray(arr)) return arr; }
+var SIGN_KEY = process.env.LING_XI_HTTP_SIGN_KEY || 'zrT5bi2escXilaH1fs653uZiH9RWfzCS';
+// 注意：修改此文件请跑测试用例, npm run test
+// 1、签名算法：
+// 通过对url、参数、秘钥拼接成字符串，然后对字符串使用算法SHA-256得到64个字符串，放到header, X-SIGN=XXXXXXX。
+// 2、签名字符串拼接规则：
+// a.get 请求：url+"#"+header+"#"+参数+"#"+秘钥
+// b.post 请求：url+"#"+header+"#"+body+"#"秘钥
+// 参数说明：
+// ● 如果其中的变量为空，则为空字符串。
+// ● url ：不包含参数，(2022.08.08 更改为apiName)
+// ● header ：取X-开头的header，或者APP-ID，多个则逗号分隔拼接。比如X-AA=a;APP-ID=88888
+// ● get 参数：就是url 问号后面的串
+// ● body：post 请求体
+/**
+ * 组装X-SIGN请求头
+ * @param {请求地址} url 接口请求地址
+ * @param {请求参数} options
+ * @returns
+ */
+// 由于X-B 的规则可能被业务网关使用，并往请求头增加内容，导致前后端加密不一致
+// 2022.08.09 使用以下3个固定值 + X-LX-*匹配 方式
+var hKeys = ['X-B-AUTH', 'X-B-TARGET-ID', 'APP-ID'];
+// 配置指定接口前缀,2023-03-16规则调整，不需要使用
+// const apiPrefix =
+//   process.env.LING_XI_HTTP_SIGN_API_PERFIX ||
+//   process.env.REACT_APP_HTTP_SIGN_API_PERFIX ||
+//   process.env.UMI_APP_HTTP_SIGN_API_PERFIX ||
+//   process.env.FISHX_APP_HTTP_SIGN_API_PERFIX ||
+//   'portal,asset,rhin,lcdp,ncdp,flow,app';
+// 获取接口路径,2023-03-16调整，只取最后一级
+var getApiPath = function getApiPath(url) {
+  return url.split('/').pop();
+};
+var createHttpSignStr = function createHttpSignStr(url, options) {
+  if (!url || !options || !options.method) {
+    return '';
+  }
+  var method = options.method,
+    headers = options.headers,
+    body = options.body,
+    search = options.search;
+  // 获取参数1: 接口名称
+  var mixUrl = url;
+  if (search && search instanceof Object) {
+    mixUrl += (url.indexOf('?') !== -1 ? '&' : '?') + (0, _url.obj2QueryString)(search);
+  }
+  var _mixUrl$split = mixUrl.split('?'),
+    _mixUrl$split2 = _slicedToArray(_mixUrl$split, 2),
+    urlPath = _mixUrl$split2[0],
+    _mixUrl$split2$ = _mixUrl$split2[1],
+    urlSearch = _mixUrl$split2$ === void 0 ? '' : _mixUrl$split2$;
+  var apiPath = getApiPath(urlPath);
+  // 获取参数2: 请求头部参数
+  var headerParams = '';
+  var headersKeyArr = [];
+  if (headers) {
+    Object.keys(headers).forEach(function (key) {
+      if (key.startsWith('X-LX-') || hKeys.includes(key)) {
+        headersKeyArr.push("".concat(key.toLowerCase(), "=").concat(headers[key]));
+      }
+    });
+  }
+  headerParams = headersKeyArr.sort().join(';');
+  // 获取参数3: 请求参数
+  var params = '';
+  if (method.toLowerCase() === 'get') {
+    params = urlSearch;
+  } else {
+    params = _typeof(body) === 'object' ? JSON.stringify(body) : body;
+  }
+  // 组装加密字符串
+  var str = [apiPath, headerParams, params, SIGN_KEY].join('#');
+  if (typeof window !== 'undefined' && (window.lxDebug || window.localStorage.getItem('lxDebug'))) {
+    console.log(' --- signDebug ---');
+    console.log('url', url);
+    console.log('str', str);
+    console.log('sign', (0, _cryptoJs.SHA256)(str).toString());
+  }
+  // 生成约定签名
+  return (0, _cryptoJs.SHA256)(str).toString();
+};
+exports.createHttpSignStr = createHttpSignStr;
+var _default = {
+  createHttpSignStr: createHttpSignStr,
+  getApiPath: getApiPath
+};
+exports.default = _default;

package/lib/security/fetch.d.ts

@@ -0,0 +1,9 @@
+declare const fetch: (url: any, fetchOptions?: any, config?: {
+    mode?: string;
+    signKeyOptions?: any;
+    aesOptions?: any;
+    desOptions?: any;
+    rsaOptions?: any;
+    debug?: boolean;
+}) => Promise<Response>;
+export default fetch;

package/lib/security/fetch.js

@@ -0,0 +1,212 @@
+"use strict";
+
+function _typeof(obj) { "@babel/helpers - typeof"; return _typeof = "function" == typeof Symbol && "symbol" == typeof Symbol.iterator ? function (obj) { return typeof obj; } : function (obj) { return obj && "function" == typeof Symbol && obj.constructor === Symbol && obj !== Symbol.prototype ? "symbol" : typeof obj; }, _typeof(obj); }
+Object.defineProperty(exports, "__esModule", {
+  value: true
+});
+exports.default = void 0;
+var _sign = require("./encipher/sign");
+var _rsa = require("./encipher/rsa");
+var _aes = require("./encipher/aes");
+var _des = require("./encipher/des");
+var _const = require("./const");
+function _regeneratorRuntime() { "use strict"; /*! regenerator-runtime -- Copyright (c) 2014-present, Facebook, Inc. -- license (MIT): https://github.com/facebook/regenerator/blob/main/LICENSE */ _regeneratorRuntime = function _regeneratorRuntime() { return exports; }; var exports = {}, Op = Object.prototype, hasOwn = Op.hasOwnProperty, defineProperty = Object.defineProperty || function (obj, key, desc) { obj[key] = desc.value; }, $Symbol = "function" == typeof Symbol ? Symbol : {}, iteratorSymbol = $Symbol.iterator || "@@iterator", asyncIteratorSymbol = $Symbol.asyncIterator || "@@asyncIterator", toStringTagSymbol = $Symbol.toStringTag || "@@toStringTag"; function define(obj, key, value) { return Object.defineProperty(obj, key, { value: value, enumerable: !0, configurable: !0, writable: !0 }), obj[key]; } try { define({}, ""); } catch (err) { define = function define(obj, key, value) { return obj[key] = value; }; } function wrap(innerFn, outerFn, self, tryLocsList) { var protoGenerator = outerFn && outerFn.prototype instanceof Generator ? outerFn : Generator, generator = Object.create(protoGenerator.prototype), context = new Context(tryLocsList || []); return defineProperty(generator, "_invoke", { value: makeInvokeMethod(innerFn, self, context) }), generator; } function tryCatch(fn, obj, arg) { try { return { type: "normal", arg: fn.call(obj, arg) }; } catch (err) { return { type: "throw", arg: err }; } } exports.wrap = wrap; var ContinueSentinel = {}; function Generator() {} function GeneratorFunction() {} function GeneratorFunctionPrototype() {} var IteratorPrototype = {}; define(IteratorPrototype, iteratorSymbol, function () { return this; }); var getProto = Object.getPrototypeOf, NativeIteratorPrototype = getProto && getProto(getProto(values([]))); NativeIteratorPrototype && NativeIteratorPrototype !== Op && hasOwn.call(NativeIteratorPrototype, iteratorSymbol) && (IteratorPrototype = NativeIteratorPrototype); var Gp = GeneratorFunctionPrototype.prototype = Generator.prototype = Object.create(IteratorPrototype); function defineIteratorMethods(prototype) { ["next", "throw", "return"].forEach(function (method) { define(prototype, method, function (arg) { return this._invoke(method, arg); }); }); } function AsyncIterator(generator, PromiseImpl) { function invoke(method, arg, resolve, reject) { var record = tryCatch(generator[method], generator, arg); if ("throw" !== record.type) { var result = record.arg, value = result.value; return value && "object" == _typeof(value) && hasOwn.call(value, "__await") ? PromiseImpl.resolve(value.__await).then(function (value) { invoke("next", value, resolve, reject); }, function (err) { invoke("throw", err, resolve, reject); }) : PromiseImpl.resolve(value).then(function (unwrapped) { result.value = unwrapped, resolve(result); }, function (error) { return invoke("throw", error, resolve, reject); }); } reject(record.arg); } var previousPromise; defineProperty(this, "_invoke", { value: function value(method, arg) { function callInvokeWithMethodAndArg() { return new PromiseImpl(function (resolve, reject) { invoke(method, arg, resolve, reject); }); } return previousPromise = previousPromise ? previousPromise.then(callInvokeWithMethodAndArg, callInvokeWithMethodAndArg) : callInvokeWithMethodAndArg(); } }); } function makeInvokeMethod(innerFn, self, context) { var state = "suspendedStart"; return function (method, arg) { if ("executing" === state) throw new Error("Generator is already running"); if ("completed" === state) { if ("throw" === method) throw arg; return doneResult(); } for (context.method = method, context.arg = arg;;) { var delegate = context.delegate; if (delegate) { var delegateResult = maybeInvokeDelegate(delegate, context); if (delegateResult) { if (delegateResult === ContinueSentinel) continue; return delegateResult; } } if ("next" === context.method) context.sent = context._sent = context.arg;else if ("throw" === context.method) { if ("suspendedStart" === state) throw state = "completed", context.arg; context.dispatchException(context.arg); } else "return" === context.method && context.abrupt("return", context.arg); state = "executing"; var record = tryCatch(innerFn, self, context); if ("normal" === record.type) { if (state = context.done ? "completed" : "suspendedYield", record.arg === ContinueSentinel) continue; return { value: record.arg, done: context.done }; } "throw" === record.type && (state = "completed", context.method = "throw", context.arg = record.arg); } }; } function maybeInvokeDelegate(delegate, context) { var methodName = context.method, method = delegate.iterator[methodName]; if (undefined === method) return context.delegate = null, "throw" === methodName && delegate.iterator.return && (context.method = "return", context.arg = undefined, maybeInvokeDelegate(delegate, context), "throw" === context.method) || "return" !== methodName && (context.method = "throw", context.arg = new TypeError("The iterator does not provide a '" + methodName + "' method")), ContinueSentinel; var record = tryCatch(method, delegate.iterator, context.arg); if ("throw" === record.type) return context.method = "throw", context.arg = record.arg, context.delegate = null, ContinueSentinel; var info = record.arg; return info ? info.done ? (context[delegate.resultName] = info.value, context.next = delegate.nextLoc, "return" !== context.method && (context.method = "next", context.arg = undefined), context.delegate = null, ContinueSentinel) : info : (context.method = "throw", context.arg = new TypeError("iterator result is not an object"), context.delegate = null, ContinueSentinel); } function pushTryEntry(locs) { var entry = { tryLoc: locs[0] }; 1 in locs && (entry.catchLoc = locs[1]), 2 in locs && (entry.finallyLoc = locs[2], entry.afterLoc = locs[3]), this.tryEntries.push(entry); } function resetTryEntry(entry) { var record = entry.completion || {}; record.type = "normal", delete record.arg, entry.completion = record; } function Context(tryLocsList) { this.tryEntries = [{ tryLoc: "root" }], tryLocsList.forEach(pushTryEntry, this), this.reset(!0); } function values(iterable) { if (iterable) { var iteratorMethod = iterable[iteratorSymbol]; if (iteratorMethod) return iteratorMethod.call(iterable); if ("function" == typeof iterable.next) return iterable; if (!isNaN(iterable.length)) { var i = -1, next = function next() { for (; ++i < iterable.length;) { if (hasOwn.call(iterable, i)) return next.value = iterable[i], next.done = !1, next; } return next.value = undefined, next.done = !0, next; }; return next.next = next; } } return { next: doneResult }; } function doneResult() { return { value: undefined, done: !0 }; } return GeneratorFunction.prototype = GeneratorFunctionPrototype, defineProperty(Gp, "constructor", { value: GeneratorFunctionPrototype, configurable: !0 }), defineProperty(GeneratorFunctionPrototype, "constructor", { value: GeneratorFunction, configurable: !0 }), GeneratorFunction.displayName = define(GeneratorFunctionPrototype, toStringTagSymbol, "GeneratorFunction"), exports.isGeneratorFunction = function (genFun) { var ctor = "function" == typeof genFun && genFun.constructor; return !!ctor && (ctor === GeneratorFunction || "GeneratorFunction" === (ctor.displayName || ctor.name)); }, exports.mark = function (genFun) { return Object.setPrototypeOf ? Object.setPrototypeOf(genFun, GeneratorFunctionPrototype) : (genFun.__proto__ = GeneratorFunctionPrototype, define(genFun, toStringTagSymbol, "GeneratorFunction")), genFun.prototype = Object.create(Gp), genFun; }, exports.awrap = function (arg) { return { __await: arg }; }, defineIteratorMethods(AsyncIterator.prototype), define(AsyncIterator.prototype, asyncIteratorSymbol, function () { return this; }), exports.AsyncIterator = AsyncIterator, exports.async = function (innerFn, outerFn, self, tryLocsList, PromiseImpl) { void 0 === PromiseImpl && (PromiseImpl = Promise); var iter = new AsyncIterator(wrap(innerFn, outerFn, self, tryLocsList), PromiseImpl); return exports.isGeneratorFunction(outerFn) ? iter : iter.next().then(function (result) { return result.done ? result.value : iter.next(); }); }, defineIteratorMethods(Gp), define(Gp, toStringTagSymbol, "Generator"), define(Gp, iteratorSymbol, function () { return this; }), define(Gp, "toString", function () { return "[object Generator]"; }), exports.keys = function (val) { var object = Object(val), keys = []; for (var key in object) { keys.push(key); } return keys.reverse(), function next() { for (; keys.length;) { var key = keys.pop(); if (key in object) return next.value = key, next.done = !1, next; } return next.done = !0, next; }; }, exports.values = values, Context.prototype = { constructor: Context, reset: function reset(skipTempReset) { if (this.prev = 0, this.next = 0, this.sent = this._sent = undefined, this.done = !1, this.delegate = null, this.method = "next", this.arg = undefined, this.tryEntries.forEach(resetTryEntry), !skipTempReset) for (var name in this) { "t" === name.charAt(0) && hasOwn.call(this, name) && !isNaN(+name.slice(1)) && (this[name] = undefined); } }, stop: function stop() { this.done = !0; var rootRecord = this.tryEntries[0].completion; if ("throw" === rootRecord.type) throw rootRecord.arg; return this.rval; }, dispatchException: function dispatchException(exception) { if (this.done) throw exception; var context = this; function handle(loc, caught) { return record.type = "throw", record.arg = exception, context.next = loc, caught && (context.method = "next", context.arg = undefined), !!caught; } for (var i = this.tryEntries.length - 1; i >= 0; --i) { var entry = this.tryEntries[i], record = entry.completion; if ("root" === entry.tryLoc) return handle("end"); if (entry.tryLoc <= this.prev) { var hasCatch = hasOwn.call(entry, "catchLoc"), hasFinally = hasOwn.call(entry, "finallyLoc"); if (hasCatch && hasFinally) { if (this.prev < entry.catchLoc) return handle(entry.catchLoc, !0); if (this.prev < entry.finallyLoc) return handle(entry.finallyLoc); } else if (hasCatch) { if (this.prev < entry.catchLoc) return handle(entry.catchLoc, !0); } else { if (!hasFinally) throw new Error("try statement without catch or finally"); if (this.prev < entry.finallyLoc) return handle(entry.finallyLoc); } } } }, abrupt: function abrupt(type, arg) { for (var i = this.tryEntries.length - 1; i >= 0; --i) { var entry = this.tryEntries[i]; if (entry.tryLoc <= this.prev && hasOwn.call(entry, "finallyLoc") && this.prev < entry.finallyLoc) { var finallyEntry = entry; break; } } finallyEntry && ("break" === type || "continue" === type) && finallyEntry.tryLoc <= arg && arg <= finallyEntry.finallyLoc && (finallyEntry = null); var record = finallyEntry ? finallyEntry.completion : {}; return record.type = type, record.arg = arg, finallyEntry ? (this.method = "next", this.next = finallyEntry.finallyLoc, ContinueSentinel) : this.complete(record); }, complete: function complete(record, afterLoc) { if ("throw" === record.type) throw record.arg; return "break" === record.type || "continue" === record.type ? this.next = record.arg : "return" === record.type ? (this.rval = this.arg = record.arg, this.method = "return", this.next = "end") : "normal" === record.type && afterLoc && (this.next = afterLoc), ContinueSentinel; }, finish: function finish(finallyLoc) { for (var i = this.tryEntries.length - 1; i >= 0; --i) { var entry = this.tryEntries[i]; if (entry.finallyLoc === finallyLoc) return this.complete(entry.completion, entry.afterLoc), resetTryEntry(entry), ContinueSentinel; } }, catch: function _catch(tryLoc) { for (var i = this.tryEntries.length - 1; i >= 0; --i) { var entry = this.tryEntries[i]; if (entry.tryLoc === tryLoc) { var record = entry.completion; if ("throw" === record.type) { var thrown = record.arg; resetTryEntry(entry); } return thrown; } } throw new Error("illegal catch attempt"); }, delegateYield: function delegateYield(iterable, resultName, nextLoc) { return this.delegate = { iterator: values(iterable), resultName: resultName, nextLoc: nextLoc }, "next" === this.method && (this.arg = undefined), ContinueSentinel; } }, exports; }
+function asyncGeneratorStep(gen, resolve, reject, _next, _throw, key, arg) { try { var info = gen[key](arg); var value = info.value; } catch (error) { reject(error); return; } if (info.done) { resolve(value); } else { Promise.resolve(value).then(_next, _throw); } }
+function _asyncToGenerator(fn) { return function () { var self = this, args = arguments; return new Promise(function (resolve, reject) { var gen = fn.apply(self, args); function _next(value) { asyncGeneratorStep(gen, resolve, reject, _next, _throw, "next", value); } function _throw(err) { asyncGeneratorStep(gen, resolve, reject, _next, _throw, "throw", err); } _next(undefined); }); }; }
+function _createForOfIteratorHelper(o, allowArrayLike) { var it = typeof Symbol !== "undefined" && o[Symbol.iterator] || o["@@iterator"]; if (!it) { if (Array.isArray(o) || (it = _unsupportedIterableToArray(o)) || allowArrayLike && o && typeof o.length === "number") { if (it) o = it; var i = 0; var F = function F() {}; return { s: F, n: function n() { if (i >= o.length) return { done: true }; return { done: false, value: o[i++] }; }, e: function e(_e2) { throw _e2; }, f: F }; } throw new TypeError("Invalid attempt to iterate non-iterable instance.\nIn order to be iterable, non-array objects must have a [Symbol.iterator]() method."); } var normalCompletion = true, didErr = false, err; return { s: function s() { it = it.call(o); }, n: function n() { var step = it.next(); normalCompletion = step.done; return step; }, e: function e(_e3) { didErr = true; err = _e3; }, f: function f() { try { if (!normalCompletion && it.return != null) it.return(); } finally { if (didErr) throw err; } } }; }
+function ownKeys(object, enumerableOnly) { var keys = Object.keys(object); if (Object.getOwnPropertySymbols) { var symbols = Object.getOwnPropertySymbols(object); enumerableOnly && (symbols = symbols.filter(function (sym) { return Object.getOwnPropertyDescriptor(object, sym).enumerable; })), keys.push.apply(keys, symbols); } return keys; }
+function _objectSpread(target) { for (var i = 1; i < arguments.length; i++) { var source = null != arguments[i] ? arguments[i] : {}; i % 2 ? ownKeys(Object(source), !0).forEach(function (key) { _defineProperty(target, key, source[key]); }) : Object.getOwnPropertyDescriptors ? Object.defineProperties(target, Object.getOwnPropertyDescriptors(source)) : ownKeys(Object(source)).forEach(function (key) { Object.defineProperty(target, key, Object.getOwnPropertyDescriptor(source, key)); }); } return target; }
+function _defineProperty(obj, key, value) { key = _toPropertyKey(key); if (key in obj) { Object.defineProperty(obj, key, { value: value, enumerable: true, configurable: true, writable: true }); } else { obj[key] = value; } return obj; }
+function _toPropertyKey(arg) { var key = _toPrimitive(arg, "string"); return _typeof(key) === "symbol" ? key : String(key); }
+function _toPrimitive(input, hint) { if (_typeof(input) !== "object" || input === null) return input; var prim = input[Symbol.toPrimitive]; if (prim !== undefined) { var res = prim.call(input, hint || "default"); if (_typeof(res) !== "object") return res; throw new TypeError("@@toPrimitive must return a primitive value."); } return (hint === "string" ? String : Number)(input); }
+function _slicedToArray(arr, i) { return _arrayWithHoles(arr) || _iterableToArrayLimit(arr, i) || _unsupportedIterableToArray(arr, i) || _nonIterableRest(); }
+function _nonIterableRest() { throw new TypeError("Invalid attempt to destructure non-iterable instance.\nIn order to be iterable, non-array objects must have a [Symbol.iterator]() method."); }
+function _unsupportedIterableToArray(o, minLen) { if (!o) return; if (typeof o === "string") return _arrayLikeToArray(o, minLen); var n = Object.prototype.toString.call(o).slice(8, -1); if (n === "Object" && o.constructor) n = o.constructor.name; if (n === "Map" || n === "Set") return Array.from(o); if (n === "Arguments" || /^(?:Ui|I)nt(?:8|16|32)(?:Clamped)?Array$/.test(n)) return _arrayLikeToArray(o, minLen); }
+function _arrayLikeToArray(arr, len) { if (len == null || len > arr.length) len = arr.length; for (var i = 0, arr2 = new Array(len); i < len; i++) { arr2[i] = arr[i]; } return arr2; }
+function _iterableToArrayLimit(arr, i) { var _i = null == arr ? null : "undefined" != typeof Symbol && arr[Symbol.iterator] || arr["@@iterator"]; if (null != _i) { var _s, _e, _x, _r, _arr = [], _n = !0, _d = !1; try { if (_x = (_i = _i.call(arr)).next, 0 === i) { if (Object(_i) !== _i) return; _n = !1; } else for (; !(_n = (_s = _x.call(_i)).done) && (_arr.push(_s.value), _arr.length !== i); _n = !0) { ; } } catch (err) { _d = !0, _e = err; } finally { try { if (!_n && null != _i.return && (_r = _i.return(), Object(_r) !== _r)) return; } finally { if (_d) throw _e; } } return _arr; } }
+function _arrayWithHoles(arr) { if (Array.isArray(arr)) return arr; }
+// import { store }  from './store';
+var originFetch = window.fetch;
+// const debugData = store('debugData');
+// (window as any).debugData = debugData;
+var LXREQ = {};
+window.LXREQ = LXREQ;
+function encryptedStr(str, type) {
+  var config = arguments.length > 2 && arguments[2] !== undefined ? arguments[2] : {};
+  if (type === _const.MODE.AES) {
+    var _config$aesOptions, _config$aesOptions2;
+    return (0, _aes.AESEncrypt)(str, ((_config$aesOptions = config.aesOptions) === null || _config$aesOptions === void 0 ? void 0 : _config$aesOptions.key) || _const.aesKey, (_config$aesOptions2 = config.aesOptions) === null || _config$aesOptions2 === void 0 ? void 0 : _config$aesOptions2.encrypt);
+  } else if (type === _const.MODE.RSA) {
+    var _config$rsaOptions, _config$rsaOptions2;
+    return (0, _rsa.RSAEncrypt)(str, ((_config$rsaOptions = config.rsaOptions) === null || _config$rsaOptions === void 0 ? void 0 : _config$rsaOptions.publicKey) || _const.rsaPublicKey, (_config$rsaOptions2 = config.rsaOptions) === null || _config$rsaOptions2 === void 0 ? void 0 : _config$rsaOptions2.encrypt);
+  } else if (type === _const.MODE.DES) {
+    var _config$desOptions, _config$desOptions2;
+    return (0, _des.DESEncrypt)(str, ((_config$desOptions = config.desOptions) === null || _config$desOptions === void 0 ? void 0 : _config$desOptions.key) || _const.desKey, (_config$desOptions2 = config.desOptions) === null || _config$desOptions2 === void 0 ? void 0 : _config$desOptions2.encrypt);
+  }
+  return str;
+}
+function decryptedStr(str, type) {
+  var config = arguments.length > 2 && arguments[2] !== undefined ? arguments[2] : {};
+  if (type === _const.MODE.AES) {
+    var _config$aesOptions3, _config$aesOptions4;
+    return (0, _aes.AESDecrypt)(str, ((_config$aesOptions3 = config.aesOptions) === null || _config$aesOptions3 === void 0 ? void 0 : _config$aesOptions3.key) || _const.aesKey, (_config$aesOptions4 = config.aesOptions) === null || _config$aesOptions4 === void 0 ? void 0 : _config$aesOptions4.decrypt);
+  } else if (type === _const.MODE.RSA) {
+    var _config$rsaOptions3, _config$rsaOptions4;
+    return (0, _rsa.RSADecrypt)(str, ((_config$rsaOptions3 = config.rsaOptions) === null || _config$rsaOptions3 === void 0 ? void 0 : _config$rsaOptions3.privKey) || _const.rsaPrivKey, (_config$rsaOptions4 = config.rsaOptions) === null || _config$rsaOptions4 === void 0 ? void 0 : _config$rsaOptions4.decrypt) || '';
+  } else if (type === _const.MODE.DES) {
+    var _config$desOptions3, _config$desOptions4;
+    return (0, _des.DESDecrypt)(str, ((_config$desOptions3 = config.desOptions) === null || _config$desOptions3 === void 0 ? void 0 : _config$desOptions3.key) || _const.desKey, (_config$desOptions4 = config.desOptions) === null || _config$desOptions4 === void 0 ? void 0 : _config$desOptions4.decrypt);
+  }
+  return str;
+}
+// 统一请求参数加密
+function encrypted(url, opts, type) {
+  var config = arguments.length > 3 && arguments[3] !== undefined ? arguments[3] : {};
+  var reqId = arguments.length > 4 ? arguments[4] : undefined;
+  var isFormData = opts.body instanceof FormData;
+  var headerReqId = reqId ? {
+    'LX-REQ-ID': "LXREQ.".concat(reqId)
+  } : {};
+  // search 部分加密
+  var encryptedUrl = url.indexOf('?') !== -1 ? url.replace(/[^?]+$/g, function (search) {
+    var params = search.split('&').map(function (param) {
+      var _param$split = param.split('='),
+        _param$split2 = _slicedToArray(_param$split, 2),
+        k = _param$split2[0],
+        v = _param$split2[1];
+      return "".concat(encodeURIComponent(k), "=").concat(encodeURIComponent(encryptedStr(v, type, config)));
+    });
+    return params.join('&');
+  }) : url;
+  // body参数加密
+  var encryptedOpts = Object.assign({}, opts);
+  encryptedOpts.headers = _objectSpread(_objectSpread(_objectSpread({}, opts.headers), headerReqId), {}, _defineProperty({}, _const.securityHeaderKey, type));
+  if (isFormData) {
+    // formData 加密
+    var formData = new FormData();
+    var reqBody = opts.body;
+    var _iterator = _createForOfIteratorHelper(reqBody.keys()),
+      _step;
+    try {
+      for (_iterator.s(); !(_step = _iterator.n()).done;) {
+        var key = _step.value;
+        var value = reqBody.get(key);
+        formData.append(key, encryptedStr(value, type, config));
+      }
+    } catch (err) {
+      _iterator.e(err);
+    } finally {
+      _iterator.f();
+    }
+    encryptedOpts.body = formData;
+  } else if (opts.body) {
+    //  文本加密
+    encryptedOpts.body = encryptedStr(opts.body, type, config);
+  }
+  return [encryptedUrl, encryptedOpts];
+}
+// 将解密数据
+// function debugRecords(id: string, value: any) {
+//   // sessionStorage.setItem(id, JSON.stringify(value));
+//   Object.defineProperty(LXREQ, id, {
+//     get() {
+//       // debugData.show(id)
+//       return '';
+//     },
+//   });
+// }
+var fetch = function fetch(url) {
+  var fetchOptions = arguments.length > 1 && arguments[1] !== undefined ? arguments[1] : {};
+  var config = arguments.length > 2 && arguments[2] !== undefined ? arguments[2] : {};
+  var opts = _objectSpread({}, fetchOptions);
+  var optSecurityHeaderKey = (opts.headers || {})[_const.securityHeaderKey];
+  var isDebug = (config === null || config === void 0 ? void 0 : config.debug) || window.lxDebug || !!window.localStorage.getItem('lxDebug') || true;
+  // ------ 参数签名(默认) ------
+  if (
+  // 配置开启加密
+  (config.mode === _const.MODE.SIGN_KEY || config.mode === _const.MODE.SIGN) && (fetchOptions === null || fetchOptions === void 0 ? void 0 : fetchOptions.disabledSignKey) !== true ||
+  // 请求头开启加密
+  optSecurityHeaderKey === '1.0') {
+    var _config$signKeyOption;
+    opts.headers = _objectSpread(_objectSpread({}, opts.headers), {}, _defineProperty({}, (config === null || config === void 0 ? void 0 : (_config$signKeyOption = config.signKeyOptions) === null || _config$signKeyOption === void 0 ? void 0 : _config$signKeyOption.key) || _const.signKey, (0, _sign.createHttpSignStr)(url, fetchOptions)));
+    return originFetch(url, opts);
+  }
+  // ------ 参数加密 ------
+  if ((config.mode === _const.MODE.RSA || config.mode === _const.MODE.AES) && (fetchOptions === null || fetchOptions === void 0 ? void 0 : fetchOptions.disabledEncrypted) !== true || optSecurityHeaderKey === '2.0' || optSecurityHeaderKey === '3.0' || optSecurityHeaderKey === '4.0') {
+    // 标记请求ID，用于获取解密数据
+    var reqId = "XA".concat(+new Date());
+    // search和body加密
+    var _encrypted = encrypted(url, opts, config.mode || optSecurityHeaderKey, config, reqId),
+      _encrypted2 = _slicedToArray(_encrypted, 2),
+      encryptedUrl = _encrypted2[0],
+      encryptedOpts = _encrypted2[1];
+    return originFetch(encryptedUrl, encryptedOpts).then( /*#__PURE__*/function () {
+      var _ref = _asyncToGenerator( /*#__PURE__*/_regeneratorRuntime().mark(function _callee(response) {
+        var securityType, respResult, result, json, blob;
+        return _regeneratorRuntime().wrap(function _callee$(_context) {
+          while (1) {
+            switch (_context.prev = _context.next) {
+              case 0:
+                // 响应解密
+                securityType = response.headers.get(_const.securityHeaderKey);
+                if (!(securityType && response.body)) {
+                  _context.next = 22;
+                  break;
+                }
+                _context.next = 4;
+                return response.text();
+              case 4:
+                respResult = _context.sent;
+                _context.prev = 5;
+                result = decryptedStr(respResult, securityType, config);
+                _context.next = 18;
+                break;
+              case 9:
+                _context.prev = 9;
+                _context.t0 = _context["catch"](5);
+                console.error('--------解密失败--------');
+                console.error("\u8BF7\u6C42ID\uFF1A".concat(reqId));
+                console.error("\u8BF7\u6C42\u5730\u5740\uFF1A".concat(url));
+                console.error("\u89E3\u5BC6\u65B9\u5F0F\uFF1A".concat(securityType));
+                console.error("\u89E3\u5BC6\u62A5\u6587\uFF1A".concat(respResult));
+                console.error("\u5931\u8D25\u539F\u56E0\uFF1A".concat(_context.t0));
+                return _context.abrupt("return", new Response(null, {
+                  status: 400,
+                  statusText: String(_context.t0)
+                }));
+              case 18:
+                // 开启调试模式，记录解密数据
+                if (isDebug || true) {
+                  // debugRecords(reqId, result);
+                }
+                // 覆盖响应值
+
+                try {
+                  json = JSON.parse(result);
+                } catch (e) {
+                  json = result;
+                  console.warn("reqId: ".concat(reqId, " \u8F6C\u6362JSON\u5931\u8D25, \u5185\u5BB9\u4E3A"), result);
+                }
+                blob = new Blob([JSON.stringify(json, null, 2)], {
+                  type: 'application/json'
+                });
+                return _context.abrupt("return", new Response(blob));
+              case 22:
+                return _context.abrupt("return", response);
+              case 23:
+              case "end":
+                return _context.stop();
+            }
+          }
+        }, _callee, null, [[5, 9]]);
+      }));
+      return function (_x2) {
+        return _ref.apply(this, arguments);
+      };
+    }());
+  }
+  // 其他
+  return originFetch(url, opts);
+};
+var _default = fetch;
+exports.default = _default;

package/lib/security/httpEncryption.js

@@ -0,0 +1,83 @@
+"use strict";
+
+Object.defineProperty(exports, "__esModule", {
+  value: true
+});
+exports.default = void 0;
+var _sign = require("./encipher/sign");
+var _fetch = _interopRequireDefault(require("./fetch"));
+function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }
+/* eslint-disable no-console */
+/*
+ * @Author: 张国永 zhang.guoyong2@iwhalecloud.com
+ * @Date: 2022-08-08 15:08:58
+ * @Description: 一个简单的http请求安全加密处理
+ */
+
+// TODO 支持XMLHttpRequest拦截、参数混淆、响应拦截
+
+// 使用方式1: 使用fetch请求模块，start({ mode: signKey })，适应经过封装的fetch模块
+// 使用方式2: 使用fetch请求模块，将window.fetch 替换成 fetch，适应自己封装的fetch模块
+// 使用方式3: 不使用fetch请求模块，使用createHttpSignStr自己获取签名，自行在header上添加参数
+
+// eslint-disable-next-line import/no-named-as-default, import/no-named-as-default-member
+
+var isHttpEncryption = false;
+var originFetch = window.fetch;
+function start(_ref) {
+  var _ref$mode = _ref.mode,
+    mode = _ref$mode === void 0 ? '1.0' : _ref$mode,
+    _ref$signKeyOptions = _ref.signKeyOptions,
+    signKeyOptions = _ref$signKeyOptions === void 0 ? {} : _ref$signKeyOptions,
+    _ref$aesOptions = _ref.aesOptions,
+    aesOptions = _ref$aesOptions === void 0 ? {} : _ref$aesOptions,
+    _ref$desOptions = _ref.desOptions,
+    desOptions = _ref$desOptions === void 0 ? {} : _ref$desOptions,
+    _ref$rsaOptions = _ref.rsaOptions,
+    rsaOptions = _ref$rsaOptions === void 0 ? {} : _ref$rsaOptions;
+  if (!mode) {
+    console.error('http加密开启失败，缺少mode参数');
+    return false;
+  }
+  if (isHttpEncryption) return true;
+  switch (mode) {
+    case 'signKey': // 兼容旧数据
+    case '1.0':
+    case '2.0':
+    case '3.0':
+    case '4.0':
+      {
+        if (typeof window.fetch === 'function') {
+          isHttpEncryption = true;
+          window.fetch = function (url) {
+            var fetchOptions = arguments.length > 1 && arguments[1] !== undefined ? arguments[1] : {};
+            return (0, _fetch.default)(url, fetchOptions, {
+              mode: mode,
+              signKeyOptions: signKeyOptions,
+              aesOptions: aesOptions,
+              desOptions: desOptions,
+              rsaOptions: rsaOptions
+            });
+          };
+        } else {
+          console.error('http加密开启失败，目前仅支持window.fetch方式');
+        }
+        break;
+      }
+    default:
+      console.error("http\u52A0\u5BC6\u5F00\u542F\u5931\u8D25\uFF0C\u4E0D\u652F\u6301".concat(mode, "\u6A21\u5F0F"));
+      break;
+  }
+  return isHttpEncryption;
+}
+function stop() {
+  isHttpEncryption = false;
+  window.fetch = originFetch;
+}
+var _default = {
+  start: start,
+  stop: stop,
+  fetch: _fetch.default,
+  createHttpSignStr: _sign.createHttpSignStr
+};
+exports.default = _default;