@mojaloop/sdk-scheme-adapter 24.14.0 → 24.15.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (13) hide show
  1. package/CHANGELOG.md +20 -0
  2. package/CLAUDE.md +2 -0
  3. package/README.md +17 -0
  4. package/modules/api-svc/src/InboundServer/handlers.js +1 -1
  5. package/modules/api-svc/src/SdkServer.js +560 -0
  6. package/modules/api-svc/src/config.js +4 -0
  7. package/modules/api-svc/src/index.js +8 -529
  8. package/modules/api-svc/src/lib/model/OutboundTransfersModel.js +2 -1
  9. package/modules/api-svc/src/lib/utils.js +27 -3
  10. package/modules/api-svc/test/unit/{index.configPolling.test.js → SdkServer.configPolling.test.js} +11 -11
  11. package/modules/api-svc/test/unit/lib/utils.test.js +71 -1
  12. package/package.json +1 -1
  13. package/{sbom-v24.13.0.csv → sbom-v24.15.0.csv} +37 -37
package/modules/api-svc/src/index.js CHANGED
@@ -27,20 +27,11 @@
27
27
  'use strict';
28
28
 
29
29
  const { hostname } = require('node:os');
30
- const EventEmitter = require('node:events');
31
- const http = require('http');
32
- const https = require('https');
33
- const _ = require('lodash');
30
+ const { merge } = require('lodash');
34
31
  const { name, version } = require('../../../package.json');
35
32
 
33
+ const SdkServer = require('./SdkServer');
36
34
  const config = require('./config');
37
- const InboundServer = require('./InboundServer');
38
- const OutboundServer = require('./OutboundServer');
39
- const OAuthTestServer = require('./OAuthTestServer');
40
- const { BackendEventHandler } = require('./BackendEventHandler');
41
- const { FSPIOPEventHandler } = require('./FSPIOPEventHandler');
42
- const { MetricsServer, MetricsClient } = require('./lib/metrics');
43
- const TestServer = require('./TestServer');
44
35
  const ControlAgent = require('./ControlAgent');
45
36
 
46
37
  // import things we want to expose e.g. for unit tests and users who dont want to use the entire
@@ -51,531 +42,19 @@ const Router = require('./lib/router');
51
42
  const Validate = require('./lib/validate');
52
43
  const Cache = require('./lib/cache');
53
44
  const { SDKStateEnum } = require('./lib/model/common');
54
- const { createAuthClient } = require('./lib/utils');
55
45
  const { logger } = require('./lib/logger');
56
46
 
57
- const PING_INTERVAL_MS = 30_000;
58
-
59
- const createCache = (config) => new Cache({
60
- logger,
61
- cacheUrl: config.cacheUrl,
62
- enableTestFeatures: config.enableTestFeatures,
63
- subscribeTimeoutSeconds: config.requestProcessingTimeoutSeconds,
64
- });
65
-
66
- /**
67
- * Class that creates and manages http servers that expose the scheme adapter APIs.
68
- */
69
- class Server extends EventEmitter {
70
- constructor(conf, logger) {
71
- super({ captureExceptions: true });
72
- this.conf = conf;
73
- this.logger = logger;
74
- this.cache = createCache(conf);
75
-
76
- this.metricsClient = new MetricsClient();
77
- this.metricsServer = new MetricsServer({
78
- port: this.conf.metrics.port,
79
- logger: this.logger
80
- });
81
-
82
- // Create shared Mojaloop agents for switch communication (used by both servers)
83
- this.mojaloopSharedAgents = this._createMojaloopSharedAgents(this.conf);
84
-
85
- this.oidc = createAuthClient(conf, logger);
86
- this.oidc.auth.on('error', (msg) => {
87
- this.emit('error', 'OIDC auth error in InboundApi', msg);
88
- });
89
-
90
- this.inboundServer = new InboundServer(
91
- this.conf,
92
- this.logger,
93
- this.cache,
94
- this.oidc,
95
- this.mojaloopSharedAgents,
96
- );
97
- this.inboundServer.on('error', (...args) => {
98
- this.logger.isErrorEnabled && this.logger.push({ args }).error('Unhandled error in Inbound Server');
99
- this.emit('error', 'Unhandled error in Inbound Server');
100
- });
101
-
102
- this.outboundServer = new OutboundServer(
103
- this.conf,
104
- this.logger,
105
- this.cache,
106
- this.metricsClient,
107
- this.oidc,
108
- this.mojaloopSharedAgents,
109
- );
110
- this.outboundServer.on('error', (...args) => {
111
- this.logger.isErrorEnabled && this.logger.push({ args }).error('Unhandled error in Outbound Server');
112
- this.emit('error', 'Unhandled error in Outbound Server');
113
- });
114
-
115
- if (this.conf.oauthTestServer.enabled) {
116
- this.oauthTestServer = new OAuthTestServer({
117
- clientKey: this.conf.oauthTestServer.clientKey,
118
- clientSecret: this.conf.oauthTestServer.clientSecret,
119
- port: this.conf.oauthTestServer.listenPort,
120
- logger: this.logger,
121
- });
122
- }
123
-
124
- if (this.conf.enableTestFeatures) {
125
- this.testServer = new TestServer({
126
- config: this.conf,
127
- port: this.conf.test.port,
128
- logger: this.logger,
129
- cache: this.cache,
130
- });
131
- }
132
-
133
- if (this.conf.backendEventHandler.enabled) {
134
- this.backendEventHandler = new BackendEventHandler({
135
- config: this.conf,
136
- logger: this.logger,
137
- });
138
- }
139
-
140
- if (this.conf.fspiopEventHandler.enabled) {
141
- this.fspiopEventHandler = new FSPIOPEventHandler({
142
- config: this.conf,
143
- logger: this.logger,
144
- cache: this.cache,
145
- oidc: this.oidc,
146
- });
147
- }
148
- }
149
-
150
- _shouldUpdateInboundServer(newConf) {
151
- const isInboundDifferent = !_.isEqual(this.conf.inbound, newConf.inbound);
152
- const isOutboundDifferent = !_.isEqual(this.conf.outbound, newConf.outbound);
153
- const isPeerJWSKeysDifferent = !_.isEqual(this.conf.peerJWSKeys, newConf.peerJWSKeys);
154
- const isJwsSigningKeyDifferent = !_.isEqual(this.conf.jwsSigningKey, newConf.jwsSigningKey);
155
-
156
- if (isInboundDifferent) {
157
- this.logger.debug('Inbound config is different', {
158
- oldInbound: this.conf.inbound,
159
- newInbound: newConf.inbound
160
- });
161
- }
162
- if (isOutboundDifferent) {
163
- this.logger.debug('Outbound config is different (checked in inbound update)', {
164
- oldOutbound: this.conf.outbound,
165
- newOutbound: newConf.outbound
166
- });
167
- }
168
-
169
- if (isPeerJWSKeysDifferent) {
170
- this.logger.debug('Peer JWS Keys config is different', {
171
- oldPeerJWSKeys: this.conf.peerJWSKeys,
172
- newPeerJWSKeys: newConf.peerJWSKeys
173
- });
174
- }
175
-
176
- if (isJwsSigningKeyDifferent) {
177
- this.logger.debug('JWS Signing Key config is different', {
178
- oldJwsSigningKey: this.conf.jwsSigningKey,
179
- newJwsSigningKey: newConf.jwsSigningKey
180
- });
181
- }
182
-
183
- return isInboundDifferent || isOutboundDifferent || isPeerJWSKeysDifferent || isJwsSigningKeyDifferent;
184
- }
185
-
186
- _shouldUpdateOutboundServer(newConf) {
187
- const isOutboundDifferent = !_.isEqual(this.conf.outbound, newConf.outbound);
188
- const isJwsSigningKeyDifferent = !_.isEqual(this.conf.jwsSigningKey, newConf.jwsSigningKey);
189
-
190
- if (isOutboundDifferent) {
191
- this.logger.debug('Outbound config is different', {
192
- oldOutbound: this.conf.outbound,
193
- newOutbound: newConf.outbound
194
- });
195
- }
196
-
197
- if (isJwsSigningKeyDifferent) {
198
- this.logger.debug('JWS Signing Key config is different', {
199
- oldJwsSigningKey: this.conf.jwsSigningKey,
200
- newJwsSigningKey: newConf.jwsSigningKey
201
- });
202
- }
203
-
204
- return isOutboundDifferent || isJwsSigningKeyDifferent;
205
- }
206
-
207
- /**
208
- * Starts periodic polling of Management API for configuration updates.
209
- * Only runs if PM4ML enabled and a polling interval configured.
210
- */
211
- _startConfigPolling() {
212
- if (!this.conf.pm4mlEnabled || !this.conf.control.mgmtAPIPollIntervalMs) {
213
- this.logger.info('No failsafe config polling configured');
214
- return;
215
- }
216
-
217
- this.logger.info('starting failsafe config polling from Management API...', { intervalMs: this.conf.control.mgmtAPIPollIntervalMs });
218
-
219
- this._configPollInterval = setInterval(
220
- () => this._pollConfigFromMgmtAPI(),
221
- this.conf.control.mgmtAPIPollIntervalMs
222
- );
223
-
224
- // Unref so it doesn't prevent process exit
225
- this._configPollInterval.unref();
226
- }
227
-
228
- /**
229
- * Polls Management API for configuration updates.
230
- * Reuses the existing persistent WebSocket client (this.controlClient).
231
- * Skips polling if:
232
- * - Another config update is in progress
233
- * - WebSocket client is not connected
234
- */
235
- async _pollConfigFromMgmtAPI() {
236
- // Race condition prevention: skip if restart in progress
237
- if (this._configUpdateInProgress) {
238
- this.logger.info('config updating already in progress, skipping poll');
239
- return;
240
- }
241
-
242
- // WebSocket readyState: 0=CONNECTING, 1=OPEN, 2=CLOSING, 3=CLOSED
243
- if (this.controlClient?.readyState !== 1) {
244
- this.logger.warn('Control client not ready (not OPEN), skipping poll', { readyState: this.controlClient?.readyState });
245
- return;
246
- }
247
-
248
- try {
249
- const newConfig = await this.controlClient.getUpdatedConfig();
250
- if (!newConfig) {
251
- this.logger.warn('No config received from polling');
252
- return;
253
- }
254
- this.logger.info('polling config from mgmt-api is done, checking if SDK server restart needed...');
255
-
256
- const mergedConfig = _.merge({}, this.conf, newConfig);
257
- await this.restart(mergedConfig, { source: 'polling' });
258
- } catch (err) {
259
- this.logger.error('error in polling config from Management API: ', err);
260
- }
261
- }
262
-
263
- /** Stops the config polling interval. */
264
- _stopConfigPolling() {
265
- if (this._configPollInterval) {
266
- this.logger.verbose('stopping config polling');
267
- clearInterval(this._configPollInterval);
268
- this._configPollInterval = null;
269
- }
270
- }
271
-
272
- async start() {
273
- await this.cache.connect();
274
- await this.oidc.auth.start();
275
-
276
- // We only start the control client if we're running within Mojaloop Payment Manager.
277
- // The control server is the Payment Manager Management API Service.
278
- // We only start the client to connect to and listen to the Management API service for
279
- // management protocol messages e.g configuration changes, certificate updates etc.
280
- if (this.conf.pm4mlEnabled) {
281
- const RESTART_INTERVAL_MS = 10000;
282
- this.controlClient = await ControlAgent.createConnectedControlAgentWs(this.conf, this.logger);
283
- this.controlClient.on(ControlAgent.EVENT.RECONFIGURE, this.restart.bind(this));
284
-
285
- const schedulePing = () => {
286
- clearTimeout(this.pingTimeout);
287
- this.pingTimeout = setTimeout(() => {
288
- this.logger.error('Ping timeout, possible broken connection. Restarting server...');
289
- this.restart(_.merge({}, this.conf, {
290
- control: { stopped: Date.now() }
291
- }));
292
- }, PING_INTERVAL_MS + this.conf.control.mgmtAPILatencyAssumption);
293
- };
294
-
295
- this.controlClient.on('ping', () => {
296
- this.logger.debug('Received ping from control server');
297
- schedulePing();
298
- });
299
-
300
- this.controlClient.on('close', () => {
301
- clearTimeout(this.pingTimeout);
302
- setTimeout(() => {
303
- this.logger.debug('Control client closed. Restarting server...');
304
- this.restart(_.merge({}, this.conf, {
305
- control: { stopped: Date.now() }
306
- }));
307
- }, RESTART_INTERVAL_MS);
308
- });
309
-
310
- schedulePing();
311
- this._startConfigPolling();
312
- }
313
-
314
- await Promise.all([
315
- this.inboundServer.start(),
316
- this.outboundServer.start(),
317
- this.metricsServer.start(),
318
- this.testServer?.start(),
319
- this.oauthTestServer?.start(),
320
- this.backendEventHandler?.start(),
321
- this.fspiopEventHandler?.start(),
322
- ]);
323
- }
324
-
325
- async restart(newConf, options = {}) {
326
- const source = options.source || 'websocket'; // Track source of restart call - websocket or polling
327
-
328
- // Race condition prevention
329
- if (this._configUpdateInProgress) {
330
- this.logger.info('restart already in progress, skipping', { source });
331
- return;
332
- }
333
-
334
- const restartActionsTaken = {};
335
- this.logger.debug('Server is restarting...', { source });
336
- this._configUpdateInProgress = true;
337
-
338
- try {
339
- let oldCache;
340
- const updateCache = !_.isEqual(this.conf.cacheUrl, newConf.cacheUrl)
341
- || !_.isEqual(this.conf.enableTestFeatures, newConf.enableTestFeatures);
342
- if (updateCache) {
343
- oldCache = this.cache;
344
- await this.cache.disconnect();
345
- this.cache = createCache(newConf);
346
- await this.cache.connect();
347
- restartActionsTaken.updateCache = true;
348
- }
349
-
350
- const updateOIDC = !_.isEqual(this.conf.oidc, newConf.oidc)
351
- || !_.isEqual(this.conf.outbound.tls, newConf.outbound.tls);
352
- if (updateOIDC) {
353
- this.oidc.auth.stop();
354
- this.oidc = createAuthClient(newConf, this.logger);
355
- this.oidc.auth.on('error', (msg) => {
356
- this.emit('error', 'OIDC auth error in InboundApi', msg);
357
- });
358
- await this.oidc.auth.start();
359
- restartActionsTaken.updateOIDC = true;
360
- }
361
-
362
- this.logger.isDebugEnabled && this.logger.push({ oldConf: this.conf.inbound, newConf: newConf.inbound }).debug('Inbound server configuration');
363
- const updateInboundServer = this._shouldUpdateInboundServer(newConf);
364
- if (updateInboundServer) {
365
- const stopStartLabel = 'InboundServer stop/start duration';
366
- // eslint-disable-next-line no-console
367
- console.time(stopStartLabel); // todo: remove console.time
368
- await this.inboundServer.stop();
369
-
370
- this.mojaloopSharedAgents = this._createMojaloopSharedAgents(newConf);
371
- this.inboundServer = new InboundServer(
372
- newConf,
373
- this.logger,
374
- this.cache,
375
- this.oidc,
376
- this.mojaloopSharedAgents,
377
- );
378
- this.inboundServer.on('error', (...args) => {
379
- const errMessage = 'Unhandled error in Inbound Server';
380
- this.logger.push({ args }).error(errMessage);
381
- this.emit('error', errMessage);
382
- });
383
- await this.inboundServer.start();
384
- // eslint-disable-next-line no-console
385
- console.timeEnd(stopStartLabel);
386
- restartActionsTaken.updateInboundServer = true;
387
- }
388
-
389
- this.logger.isDebugEnabled && this.logger.push({ oldConf: this.conf.outbound, newConf: newConf.outbound }).debug('Outbound server configuration');
390
- const updateOutboundServer = this._shouldUpdateOutboundServer(newConf);
391
- if (updateOutboundServer) {
392
- const stopStartLabel = 'OutboundServer stop/start duration';
393
- // eslint-disable-next-line no-console
394
- console.time(stopStartLabel);
395
- await this.outboundServer.stop();
396
-
397
- this.mojaloopSharedAgents = this._createMojaloopSharedAgents(newConf);
398
- this.outboundServer = new OutboundServer(
399
- newConf,
400
- this.logger,
401
- this.cache,
402
- this.metricsClient,
403
- this.oidc,
404
- this.mojaloopSharedAgents,
405
- );
406
- this.outboundServer.on('error', (...args) => {
407
- const errMessage = 'Unhandled error in Outbound Server';
408
- this.logger.push({ args }).error(errMessage);
409
- this.emit('error', errMessage);
410
- });
411
- await this.outboundServer.start();
412
- // eslint-disable-next-line no-console
413
- console.timeEnd(stopStartLabel);
414
- restartActionsTaken.updateOutboundServer = true;
415
- }
416
-
417
- const updateFspiopEventHandler = !_.isEqual(this.conf.outbound, newConf.outbound)
418
- && this.conf.fspiopEventHandler.enabled;
419
- if (updateFspiopEventHandler) {
420
- await this.fspiopEventHandler.stop();
421
- this.fspiopEventHandler = new FSPIOPEventHandler({
422
- config: newConf,
423
- logger: this.logger,
424
- cache: this.cache,
425
- oidc: this.oidc,
426
- });
427
- await this.fspiopEventHandler.start();
428
- restartActionsTaken.updateFspiopEventHandler = true;
429
- }
430
-
431
- const updateControlClient = !_.isEqual(this.conf.control, newConf.control);
432
- if (updateControlClient) {
433
- await this.controlClient?.stop();
434
- if (this.conf.pm4mlEnabled) {
435
- const RESTART_INTERVAL_MS = 10000;
436
-
437
- const schedulePing = () => {
438
- clearTimeout(this.pingTimeout);
439
- this.pingTimeout = setTimeout(() => {
440
- this.logger.error('Ping timeout, possible broken connection. Restarting server...');
441
- this.restart(_.merge({}, newConf, {
442
- control: { stopped: Date.now() }
443
- }));
444
- }, PING_INTERVAL_MS + this.conf.control.mgmtAPILatencyAssumption);
445
- };
446
-
447
- schedulePing();
448
-
449
- this.controlClient = await ControlAgent.createConnectedControlAgentWs(newConf, this.logger);
450
- this.controlClient.on(ControlAgent.EVENT.RECONFIGURE, this.restart.bind(this));
451
-
452
- this.controlClient.on('ping', () => {
453
- this.logger.debug('Received ping from control server');
454
- schedulePing();
455
- });
456
-
457
- this.controlClient.on('close', () => {
458
- clearTimeout(this.pingTimeout);
459
- setTimeout(() => {
460
- this.logger.debug('Control client closed. Restarting server...');
461
- this.restart(_.merge({}, newConf, {
462
- control: { stopped: Date.now() }
463
- }));
464
- }, RESTART_INTERVAL_MS);
465
- });
466
-
467
- restartActionsTaken.updateControlClient = true;
468
- }
469
- }
470
-
471
- const updateOAuthTestServer = !_.isEqual(newConf.oauthTestServer, this.conf.oauthTestServer);
472
- if (updateOAuthTestServer) {
473
- await this.oauthTestServer?.stop();
474
- if (this.conf.oauthTestServer.enabled) {
475
- this.oauthTestServer = new OAuthTestServer({
476
- clientKey: newConf.oauthTestServer.clientKey,
477
- clientSecret: newConf.oauthTestServer.clientSecret,
478
- port: newConf.oauthTestServer.listenPort,
479
- logger: this.logger,
480
- });
481
- await this.oauthTestServer.start();
482
- restartActionsTaken.updateOAuthTestServer = true;
483
- }
484
- }
485
-
486
- const updateTestServer = !_.isEqual(newConf.test.port, this.conf.test.port);
487
- if (updateTestServer) {
488
- await this.testServer?.stop();
489
- if (this.conf.enableTestFeatures) {
490
- this.testServer = new TestServer({
491
- port: newConf.test.port,
492
- logger: this.logger,
493
- cache: this.cache,
494
- });
495
- await this.testServer.start();
496
- restartActionsTaken.updateTestServer = true;
497
- }
498
- }
499
-
500
- this.conf = newConf;
501
-
502
- await oldCache?.disconnect();
503
-
504
- if (Object.keys(restartActionsTaken).length > 0) {
505
- this.logger.info('Server is restarted', { restartActionsTaken, source });
506
- } else {
507
- this.logger.verbose('Server not restarted, no config changes detected', { source });
508
- }
509
- } catch (err) {
510
- this.logger.error('error in Server restart: ', err);
511
- } finally {
512
- this._configUpdateInProgress = false;
513
- }
514
- }
515
-
516
- stop() {
517
- this._stopConfigPolling();
518
-
519
- clearTimeout(this.pingTimeout);
520
- this.oidc.auth.stop();
521
- this.controlClient?.removeAllListeners();
522
- this.inboundServer.removeAllListeners();
523
- return Promise.all([
524
- this.cache.disconnect(),
525
- this.inboundServer.stop(),
526
- this.outboundServer.stop(),
527
- this.metricsServer.stop(),
528
- this.oauthTestServer?.stop(),
529
- this.testServer?.stop(),
530
- this.controlClient?.stop(),
531
- this.backendEventHandler?.stop(),
532
- this.fspiopEventHandler?.stop(),
533
- ]);
534
- }
535
-
536
- _createMojaloopSharedAgents(conf) {
537
- const httpAgent = new http.Agent({
538
- keepAlive: true,
539
- maxSockets: conf.outbound?.maxSockets || 256,
540
- });
541
-
542
- // Create HTTPS agent based on TLS configuration for Mojaloop switch communication
543
- const httpsAgentOptions = {
544
- keepAlive: true,
545
- maxSockets: conf.outbound?.maxSockets || 256,
546
- };
547
-
548
- // Apply TLS configuration if mTLS is enabled for switch communication
549
- if (conf.outbound?.tls?.mutualTLS?.enabled && conf.outbound?.tls?.creds) {
550
- Object.assign(httpsAgentOptions, conf.outbound.tls.creds);
551
- }
552
-
553
- const httpsAgent = new https.Agent(httpsAgentOptions);
554
-
555
- // Prevent accidental logging of agent internals
556
- httpAgent.toJSON = () => ({ type: 'HttpAgent', keepAlive: httpAgent.keepAlive });
557
- httpsAgent.toJSON = () => ({ type: 'HttpsAgent', keepAlive: httpsAgent.keepAlive });
558
-
559
- this.logger.isInfoEnabled && this.logger.info('Created shared HTTP and HTTPS agents for Mojaloop switch communication');
560
-
561
- return {
562
- httpAgent,
563
- httpsAgent
564
- };
565
- }
566
- }
567
-
568
- async function start(config) {
569
- if (config.pm4mlEnabled) {
570
- const controlClient = await ControlAgent.createConnectedControlAgentWs(config, logger);
47
+ async function start(conf) {
48
+ if (conf.pm4mlEnabled) {
49
+ const controlClient = await ControlAgent.createConnectedControlAgentWs(conf, logger);
571
50
  const updatedConfigFromMgmtAPI = await controlClient.getUpdatedConfig();
572
- _.merge(config, updatedConfigFromMgmtAPI);
51
+ merge(conf, updatedConfigFromMgmtAPI);
573
52
  controlClient.terminate();
574
53
  // todo: - clarify, why do we need to terminate the client? (use .stop() method?)
575
54
  // - can we use persistent ws controlClient from Server? (why do we need to establish a brand new ws connection here?)
576
55
  }
577
56
 
578
- const svr = new Server(config, logger);
57
+ const svr = new SdkServer(conf, logger);
579
58
  svr.on('error', (err) => {
580
59
  logger.error('Unhandled server error: ', err);
581
60
  process.exit(2);
@@ -611,7 +90,7 @@ module.exports = {
611
90
  InboundServerMiddleware,
612
91
  OutboundServerMiddleware,
613
92
  Router,
614
- Server,
93
+ Server: SdkServer,
615
94
  Validate,
616
95
  SDKStateEnum,
617
96
  start,
package/modules/api-svc/src/lib/model/OutboundTransfersModel.js CHANGED
@@ -76,6 +76,7 @@ class OutboundTransfersModel {
76
76
  this._sendFinalNotificationIfRequested = config.sendFinalNotificationIfRequested;
77
77
  this._apiType = config.apiType;
78
78
  this._supportedCurrencies = config.supportedCurrencies;
79
+ this._traceFlags = config.traceFlags;
79
80
 
80
81
  if (this._autoAcceptParty && this._multiplePartiesResponse) {
81
82
  throw new Error('Conflicting config options provided: autoAcceptParty and multiplePartiesResponse');
@@ -1512,7 +1513,7 @@ class OutboundTransfersModel {
1512
1513
 
1513
1514
  #createOtelHeaders() {
1514
1515
  return Object.freeze({
1515
- traceparent: generateTraceparent(this.data.traceId),
1516
+ traceparent: generateTraceparent(this.data.traceId, this._traceFlags),
1516
1517
  });
1517
1518
  }
1518
1519
  }
package/modules/api-svc/src/lib/utils.js CHANGED
@@ -63,14 +63,38 @@ const transformHeadersIsoToFspiop = (isoHeaders) => {
63
63
  return fspiopHeaders;
64
64
  };
65
65
 
66
- const generateTraceparent = (traceId = randomBytes(16).toString('hex')) => {
66
+ /**
67
+ * Validates trace flags according to W3C Trace Context specification
68
+ * @param {string} flags - The trace flags to validate
69
+ * @returns {boolean} - True if valid, false otherwise
70
+ */
71
+ const isValidTraceFlags = (flags) => {
72
+ // Must be exactly 2 characters
73
+ if (typeof flags !== 'string' || flags.length !== 2) {
74
+ return false;
75
+ }
76
+ // Must be valid hex characters (0-9, a-f, A-F)
77
+ return /^[0-9a-fA-F]{2}$/.test(flags);
78
+ };
79
+
80
+ /**
81
+ * Generates a W3C Trace Context compliant traceparent header
82
+ * @param {string} [traceId] - Optional 32-character hex trace ID
83
+ * @param {string} [traceFlags='01'] - Optional 2-character hex trace flags (defaults to '01' - sampled)
84
+ * @returns {string} - The traceparent header value in format: version-traceId-spanId-flags
85
+ * @throws {Error} - If traceFlags is invalid according to W3C specification
86
+ */
87
+ const generateTraceparent = (traceId = randomBytes(16).toString('hex'), traceFlags = '01') => {
88
+ if (!isValidTraceFlags(traceFlags)) {
89
+ throw new Error(`Invalid trace flags: '${traceFlags}'. Must be a two-character hex string (00-ff).`);
90
+ }
67
91
  const spanId = randomBytes(8).toString('hex');
68
- const flags = '01';
69
- return `00-${traceId}-${spanId}-${flags}`;
92
+ return `00-${traceId}-${spanId}-${traceFlags.toLowerCase()}`;
70
93
  };
71
94
 
72
95
  module.exports = {
73
96
  createAuthClient,
74
97
  generateTraceparent,
98
+ isValidTraceFlags,
75
99
  transformHeadersIsoToFspiop
76
100
  };