@nsshunt/stsconfig 1.16.0 → 1.17.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (7) hide show
  1. package/.env-default +7 -1
  2. package/.env-test-file-2 +3 -1
  3. package/package.json +4 -4
  4. package/stsconfig-01.test.js +5 -3
  5. package/stsconfig-02.test.js +3 -1
  6. package/stsconfig-default.test.js +4 -2
  7. package/stsconfig.js +38 -4
package/.env-default CHANGED
@@ -104,7 +104,7 @@ AS_HOST_PORT=3002
104
104
  # Auth Server port (client port to access the service)
105
105
  AS_PORT=3002
106
106
  # Auth Server endpoint
107
- AS_APIROOT=/stsauth/v1
107
+ AS_API_ROOT=/stsauth/v1
108
108
  # Auth Server Prometheus metric support
109
109
  AS_PROM_SUPPORT=true
110
110
  # Auth Prometheus Cluster Server port (port used for cluster prometheus scrapes)
@@ -220,3 +220,9 @@ SYSTEM_INFORMATION_INTERVAL=1000
220
220
 
221
221
  # Ignore socket.io REST api calls and/or WebSocket calls when collecting telemetry for instrumentation purposes.
222
222
  IGNORE_SOCKETIO=true
223
+
224
+ # HTTPS server key path.
225
+ HTTPS_SERVER_KEY_PATH=/var/lib/sts/stsglobalresources/keys/server.key
226
+
227
+ # HTTPS server cert path.
228
+ HTTPS_SERVER_CERT_PATH=/var/lib/sts/stsglobalresources/keys/server.cert
package/.env-test-file-2 CHANGED
@@ -70,7 +70,7 @@ TO_CLIENT_SECRET_FILE=testclientsecretfile
70
70
  AS_ENDPOINT=http://localhost-c
71
71
  AS_HOST_PORT=30020
72
72
  AS_PORT=30020
73
- AS_APIROOT=/stsauth/v1-c
73
+ AS_API_ROOT=/stsauth/v1-c
74
74
  AS_API_IDENTIFIER=xyz
75
75
  AS_API_IDENTIFIER_FILE=testapiidentifierFile
76
76
  AS_PROM_SUPPORT=false
@@ -119,3 +119,5 @@ CHILD_PROCESS_EXIT_TIME=5000
119
119
  SYSTEM_INFORMATION_INTERVAL=10000
120
120
  IGNORE_SOCKETIO=false
121
121
  MODEL_PURGE_UPDATE_TIMEOUT=50000
122
+ HTTPS_SERVER_KEY_PATH=/var/lib/sts/stsglobalresources/keys/server.key-c
123
+ HTTPS_SERVER_CERT_PATH=/var/lib/sts/stsglobalresources/keys/server.cert-c
package/package.json CHANGED
@@ -1,22 +1,22 @@
1
1
  {
2
2
  "name": "@nsshunt/stsconfig",
3
- "version": "1.16.0",
3
+ "version": "1.17.2",
4
4
  "description": "",
5
5
  "main": "stsconfig.js",
6
6
  "dependencies": {
7
7
  "colors": "^1.4.0",
8
- "debug": "^4.3.3",
8
+ "debug": "^4.3.4",
9
9
  "dotenv": "^16.0.0"
10
10
  },
11
11
  "standard": {
12
12
  "parser": "@babel/eslint-parser"
13
13
  },
14
14
  "devDependencies": {
15
- "@babel/core": "^7.17.5",
15
+ "@babel/core": "^7.17.8",
16
16
  "@babel/eslint-parser": "^7.17.0",
17
17
  "@babel/plugin-proposal-class-properties": "^7.16.7",
18
18
  "@babel/plugin-proposal-private-methods": "^7.16.11",
19
- "eslint": "^8.10.0",
19
+ "eslint": "^8.11.0",
20
20
  "jest": "^27.5.1"
21
21
  },
22
22
  "scripts": {
package/stsconfig-01.test.js CHANGED
@@ -122,14 +122,14 @@ describe("Test implicit config settings", () =>
122
122
  expect(goptions.asendpoint).toEqual('http://localhost');
123
123
  expect(goptions.ashostport).toEqual('3002');
124
124
  expect(goptions.asport).toEqual('3002');
125
- expect(goptions.asapiroot).toEqual('/stsauth/v1');
125
+ expect(goptions.asapiroot).toEqual('/stsauth/v1.0');
126
126
  expect(goptions.asprometheussupport).toEqual(true);
127
127
  expect(goptions.asprometheusclusterport).toEqual('3012');
128
128
  expect(goptions.asservicename).toEqual('STSAuth');
129
129
  expect(goptions.asserviceversion).toEqual('1.0.0');
130
130
  expect(goptions.asprivatekeypath).toEqual('/var/lib/sts/stsglobalresources/keys/private.key');
131
131
  expect(goptions.aspublickeypath).toEqual('/var/lib/sts/stsglobalresources/keys/public.key');
132
- expect(goptions.asapiidentifier).toEqual(undefined);
132
+ expect(goptions.asapiidentifier).toEqual('https://stsmda.com.au/stsauthapi/v1.0/');
133
133
  expect(goptions.asapiidentifierfile).toEqual(undefined);
134
134
  expect(goptions.asclientid).toEqual(undefined);
135
135
  expect(goptions.asclientidfile).toEqual(undefined);
@@ -161,7 +161,7 @@ describe("Test implicit config settings", () =>
161
161
 
162
162
  test('Checking default additional config items', async () =>
163
163
  {
164
- expect.assertions(20);
164
+ expect.assertions(22);
165
165
 
166
166
  process.env.STSENVFILE = './.env-test-file-1'; // Empty environment file
167
167
  let goptions = require('./stsconfig.js').$options;
@@ -186,6 +186,8 @@ describe("Test implicit config settings", () =>
186
186
  expect(goptions.childProcessExitTime).toEqual(500);
187
187
  expect(goptions.systemInformationInterval).toEqual(1000);
188
188
  expect(goptions.ignoresocketio).toEqual(true);
189
+ expect(goptions.httpsserverkeypath).toEqual('/var/lib/sts/stsglobalresources/keys/server.key');
190
+ expect(goptions.httpsservercertpath).toEqual('/var/lib/sts/stsglobalresources/keys/server.cert');
189
191
  });
190
192
  });
191
193
 
package/stsconfig-02.test.js CHANGED
@@ -161,7 +161,7 @@ describe("Test configured settings", () =>
161
161
 
162
162
  test('Checking default additional config items', async () =>
163
163
  {
164
- expect.assertions(20);
164
+ expect.assertions(22);
165
165
 
166
166
  process.env.STSENVFILE = './.env-test-file-1'; // Empty environment file
167
167
  let goptions = require('./stsconfig.js').$options;
@@ -186,6 +186,8 @@ describe("Test configured settings", () =>
186
186
  expect(goptions.childProcessExitTime).toEqual(5000);
187
187
  expect(goptions.systemInformationInterval).toEqual(10000);
188
188
  expect(goptions.ignoresocketio).toEqual(false);
189
+ expect(goptions.httpsserverkeypath).toEqual('/var/lib/sts/stsglobalresources/keys/server.key-c');
190
+ expect(goptions.httpsservercertpath).toEqual('/var/lib/sts/stsglobalresources/keys/server.cert-c');
189
191
  });
190
192
  });
191
193
 
package/stsconfig-default.test.js CHANGED
@@ -129,7 +129,7 @@ describe("Test explicit default config settings", () =>
129
129
  expect(goptions.asserviceversion).toEqual('1.0.0');
130
130
  expect(goptions.asprivatekeypath).toEqual('/var/lib/sts/stsglobalresources/keys/private.key');
131
131
  expect(goptions.aspublickeypath).toEqual('/var/lib/sts/stsglobalresources/keys/public.key');
132
- expect(goptions.asapiidentifier).toEqual(undefined);
132
+ expect(goptions.asapiidentifier).toEqual('https://stsmda.com.au/stsauthapi/v1.0/');
133
133
  expect(goptions.asapiidentifierfile).toEqual(undefined);
134
134
  expect(goptions.asclientid).toEqual(undefined);
135
135
  expect(goptions.asclientidfile).toEqual(undefined);
@@ -161,7 +161,7 @@ describe("Test explicit default config settings", () =>
161
161
 
162
162
  test('Checking default additional config items', async () =>
163
163
  {
164
- expect.assertions(20);
164
+ expect.assertions(22);
165
165
 
166
166
  process.env.STSENVFILE = './.env-default'; // Empty environment file
167
167
  let goptions = require('./stsconfig.js').$options;
@@ -186,6 +186,8 @@ describe("Test explicit default config settings", () =>
186
186
  expect(goptions.childProcessExitTime).toEqual(500);
187
187
  expect(goptions.systemInformationInterval).toEqual(1000);
188
188
  expect(goptions.ignoresocketio).toEqual(true);
189
+ expect(goptions.httpsserverkeypath).toEqual('/var/lib/sts/stsglobalresources/keys/server.key');
190
+ expect(goptions.httpsservercertpath).toEqual('/var/lib/sts/stsglobalresources/keys/server.cert');
189
191
  });
190
192
  });
191
193
 
package/stsconfig.js CHANGED
@@ -164,11 +164,23 @@ const defconfig =
164
164
  // Auth Server port (client port to access the service)
165
165
  ,asport: (process.env.AS_PORT === undefined ? "3002" : process.env.AS_PORT)
166
166
  // Auth Server endpoint
167
- ,asapiroot: (process.env.AS_APIROOT === undefined ? "/stsauth/v1" : process.env.AS_APIROOT)
168
- // Auth Server API Identifier. This value will be used as the audience parameter on authorization calls (OAuth2 client credentials flow).
169
- ,asapiidentifier: process.env.AS_API_IDENTIFIER
170
- // Auth Server API Identifier file. This value will be used as the audience parameter on authorization calls (OAuth2 client credentials flow).
167
+ ,asapiroot: (process.env.AS_API_ROOT === undefined ? "/stsauth/v1.0" : process.env.AS_API_ROOT)
168
+ // Auth Server API Identifier.
169
+ ,asoauthapiroot: (process.env.AS_OAUTH_API_ROOT === undefined ? "/oauth2/v2.0" : process.env.AS_OAUTH_API_ROOT)
170
+ // Auth Server Admin API Identifier.
171
+ ,asadminapiroot: (process.env.AS_ADMIN_API_ROOT === undefined ? "/admin/v1.0" : process.env.AS_ADMIN_API_ROOT)
172
+ // Auth Server API Identifier.
173
+ ,asapiidentifier: (process.env.AS_API_IDENTIFIER === undefined ? 'https://stsmda.com.au/stsauthapi/v1.0/' : process.env.AS_API_IDENTIFIER)
174
+ // Auth Server API Identifier file.
171
175
  ,asapiidentifierfile: process.env.AS_API_IDENTIFIER_FILE
176
+ // Auth Server OAuth API Identifier.
177
+ ,asoauthapiidentifier: (process.env.AS_OAUTH_API_IDENTIFIER === undefined ? 'https://stsmda.com.au/stsauthoauthapi/v2.0/' : process.env.AS_OAUTH_API_IDENTIFIER)
178
+ // Auth Server OAuth API Identifier file.
179
+ ,asoauthapiidentifierfile: process.env.AS_OAUTH_API_IDENTIFIER_FILE
180
+ // Auth Server Administration API Identifier.
181
+ ,asadminapiidentifier: (process.env.AS_ADMIN_API_IDENTIFIER === undefined ? 'https://stsmda.com.au/stsauthadminapi/v1.0/' : process.env.AS_ADMIN_API_IDENTIFIER)
182
+ // Auth Server Administration API Identifier file.
183
+ ,asadminapiidentifierfile: process.env.AS_ADMIN_API_IDENTIFIER_FILE
172
184
  // Auth Server Prometheus metric support
173
185
  ,asprometheussupport: (process.env.AS_PROM_SUPPORT === undefined ? true : (process.env.AS_PROM_SUPPORT === "true" ? true : false ))
174
186
  // Auth Prometheus Cluster Server port (port used for cluster prometheus scrapes)
@@ -323,6 +335,26 @@ const defconfig =
323
335
  // activity has been detected. Default 5 seconds.
324
336
  ,modelPurgeUpdateTimeout: (process.env.MODEL_PURGE_UPDATE_TIMEOUT === undefined ? 5000 : parseInt(process.env.MODEL_PURGE_UPDATE_TIMEOUT))
325
337
  */
338
+
339
+ // Use command below to create self signed cert;
340
+ // openssl req -nodes -new -x509 -keyout server.key -out server.cert
341
+ // Ref: https://www.geeksforgeeks.org/how-to-create-https-server-with-node-js/
342
+ // HTTPS server key path.
343
+ ,httpsserverkeypath: (process.env.HTTPS_SERVER_KEY_PATH === undefined ? "/var/lib/sts/stsglobalresources/keys/server.key" : process.env.HTTPS_SERVER_KEY_PATH)
344
+ // HTTPS server cert path.
345
+ ,httpsservercertpath: (process.env.HTTPS_SERVER_CERT_PATH === undefined ? "/var/lib/sts/stsglobalresources/keys/server.cert" : process.env.HTTPS_SERVER_CERT_PATH)
346
+
347
+ // Token Service Settings
348
+ // ----------------------
349
+ // Maximum number of RSA keys in the JWKS store
350
+ ,tsjwkskeys: (process.env.TS_JWKS_KEYS === undefined ? 3 : parseInt(process.env.TS_JWKS_KEYS))
351
+
352
+ // File path for JWKS store data. This file will contain the public and private keys for the JWKS store.
353
+ ,tsjwksstorepath: (process.env.TS_JWKS_STORE_PATH === undefined ? "/var/lib/sts/stsglobalresources/.stsauthprivate/jwks-private.json" : process.env.TS_JWKS_STORE_PATH)
354
+ // File path for JWKS store path config setting (tsjwksstorepath). Use this config item with Docker/Kubernetes secrets.
355
+ ,tsjwksstorepathfile: process.env.TS_JWKS_STORE_PATH_FILE
356
+ // File path for JWKS public store data. This file will contain only the public signing keys for the JWKS store.
357
+ ,tsjwksstorepublicpath: (process.env.TS_JWKS_STORE_PUBLIC_PATH === undefined ? "/var/lib/sts/stsglobalresources/.well-known/jwks.json" : process.env.TS_JWKS_STORE_PUBLIC_PATH)
326
358
  }
327
359
 
328
360
  const ReadFile = (passwordFile) => {
@@ -357,6 +389,8 @@ const fileconfig = [
357
389
  { fileprop: 'toclientsecretfile', prop: 'toclientsecret' },
358
390
  { fileprop: 'imclientsecretfile', prop: 'imclientsecret' },
359
391
  { fileprop: 'trclientsecretfile', prop: 'trclientsecret' },
392
+ // JWKS secret file processing
393
+ { fileprop: 'tsjwksstorepathfile', prop: 'tsjwksstorepath' },
360
394
  ]
361
395
 
362
396
  fileconfig.forEach((v) => {