@openstax/ts-utils 1.1.28 → 1.1.30

package/dist/esm/config/awsAccountConfig.d.ts

@@ -0,0 +1,5 @@
+import { ConfigValueProvider } from '.';
+export declare const awsAccountConfig: <C extends string>(config: {
+    sandbox: ConfigValueProvider<C>;
+    production: ConfigValueProvider<C>;
+}) => ConfigValueProvider<C>;

package/dist/esm/config/awsAccountConfig.js

@@ -0,0 +1,31 @@
+import { GetCallerIdentityCommand } from '@aws-sdk/client-sts';
+import { assertDefined } from '../assertions';
+import { securityTokenService } from '../aws/securityTokenService';
+import { envConfig } from './envConfig';
+import { resolveConfigValue } from './resolveConfigValue';
+/*
+ * uses a different given value depending on which aws account the code is deployed in.
+ * this resolves the given value recursively, so its composable with more configProviders in the
+ * conditional cases.
+ *
+ * eg:
+ *   const config = {
+ *     configValue: awsAccountConfig({sandbox: 'inTheSandboxConfig', production: 'inProductionConfig'}),
+ *     configValue: awsAccountConfig({sandbox: envConfig('an_environment_variable'), production: 'inProductionConfig'}),
+ *   };
+ * */
+export const awsAccountConfig = (config) => {
+    const production = envConfig('PRODUCTION_AWS');
+    const sandbox = envConfig('SANDBOX_AWS');
+    return async () => {
+        const identity = await securityTokenService().send(new GetCallerIdentityCommand({}));
+        switch (identity.Account) {
+            case await resolveConfigValue(sandbox):
+                return await resolveConfigValue(assertDefined(config.sandbox, 'a sandbox config was not provided'));
+            case await resolveConfigValue(production):
+                return await resolveConfigValue(assertDefined(config.production, 'a production config was not provided'));
+            default:
+                throw new Error('unknown aws account');
+        }
+    };
+};

package/dist/esm/config/awsParameterConfig.d.ts

@@ -0,0 +1,2 @@
+import { ConfigValueProvider } from '.';
+export declare const awsParameterConfig: (parameterName: ConfigValueProvider<string>) => ConfigValueProvider<string>;

package/dist/esm/config/awsParameterConfig.js

@@ -0,0 +1,14 @@
+import { GetParameterCommand } from '@aws-sdk/client-ssm';
+import { assertDefined } from '../assertions';
+import { ssmService } from '../aws/ssmService';
+import { resolveConfigValue } from './resolveConfigValue';
+export const awsParameterConfig = (parameterName) => {
+    return async () => {
+        const command = new GetParameterCommand({ Name: await resolveConfigValue(parameterName), WithDecryption: true });
+        // send() throws ParameterNotFound if the parameter is missing,
+        // so it's not clear what missing Parameter or Value mean
+        const response = await ssmService().send(command);
+        const parameter = assertDefined(response.Parameter, `aws GetParameter response missing Parameter key for ${parameterName}"`);
+        return assertDefined(parameter.Value, `aws GetParameter response missing Parameter.Value key for ${parameterName}"`);
+    };
+};

package/dist/esm/config/envConfig.d.ts

@@ -0,0 +1,3 @@
+import { ConfigValueProvider } from '.';
+export declare const ENV_BUILD_CONFIGS: string[];
+export declare const envConfig: (name: string, type?: 'build' | 'runtime', defaultValue?: string | undefined) => ConfigValueProvider<string>;

package/dist/esm/config/envConfig.js

@@ -0,0 +1,31 @@
+import { assertDefined } from '../assertions';
+import { ifDefined } from '../guards';
+/*
+ * uses a config from the process environment.
+ *
+ * there are two modes for this, by default it expects the value to be provided at build time,
+ * and there is access built in here for webpack to provide the configs. if you pass `runtime`
+ * as the second argument it skips the build logic and will try to literally pull it from
+ * `process.env` when the config is used at runtime
+ *
+ * the value is read from the environment when something tries to use it, not when `envConfig` is called.
+ *
+ * eg:
+ *   const config = {
+ *     configValue: envConfig('environment_variable_name'),
+ *   };
+ * */
+export const ENV_BUILD_CONFIGS = [];
+export const envConfig = (name, type = 'build', defaultValue) => {
+    if (type === 'build') {
+        ENV_BUILD_CONFIGS.push(name);
+    }
+    return () => {
+        /*global __PROCESS_ENV*/
+        // @ts-ignore - hack to get around the way webpack/define works
+        // - https://github.com/webpack/webpack/issues/14800
+        // - https://github.com/webpack/webpack/issues/5392
+        const envs = { ...process.env, ...(typeof __PROCESS_ENV !== 'undefined' ? __PROCESS_ENV : {}) };
+        return assertDefined(ifDefined(envs[name], defaultValue), `expected to find environment variable with name: ${name}`);
+    };
+};

package/dist/esm/config/index.d.ts

@@ -0,0 +1,21 @@
+export declare type ConfigValue = string;
+export declare type Config = {
+    [key: string]: Config | ConfigValue;
+};
+export declare type ConfigValueProvider<V extends ConfigValue = ConfigValue> = (() => Promise<V> | V) | V;
+export declare type ConfigProvider = {
+    [key: string]: ConfigProvider | ConfigValueProvider;
+};
+export declare type ConfigForConfigProvider<T> = T extends ConfigValue ? T : T extends ConfigProvider ? {
+    [key in keyof T]: ConfigForConfigProvider<T[key]>;
+} : T extends ConfigValueProvider<infer R> ? R : never;
+export declare type ConfigProviderForConfig<T> = T extends ConfigValue ? ConfigValueProvider<T> : T extends Config ? {
+    [key in keyof T]: ConfigProviderForConfig<T[key]>;
+} : never;
+export * from './resolveConfigValue';
+export declare const stubConfig: <V extends string>(configValue: V) => ConfigValueProvider<V>;
+export * from './envConfig';
+export * from './replaceConfig';
+export * from './awsAccountConfig';
+export * from './awsParameterConfig';
+export * from './lambdaParameterConfig';

package/dist/esm/config/index.js

@@ -0,0 +1,21 @@
+export * from './resolveConfigValue';
+/*
+ * ===========
+ * re-usable config providers
+ * ===========
+ * */
+/*
+ * stub, mostly for testing. sometimes it helps please typescript to use this if you have
+ * two configs you want to have the same type but one is a fixed string and one is a complicated provider
+ *
+ * eg:
+ *   const config = {
+ *     configValue: stubConfig('just-a-string'),
+ *   };
+ * */
+export const stubConfig = (configValue) => configValue;
+export * from './envConfig';
+export * from './replaceConfig';
+export * from './awsAccountConfig';
+export * from './awsParameterConfig';
+export * from './lambdaParameterConfig';

package/dist/esm/config/lambdaParameterConfig.d.ts

@@ -0,0 +1,2 @@
+import { ConfigValueProvider } from '.';
+export declare const lambdaParameterConfig: (parameterName: ConfigValueProvider<string>) => ConfigValueProvider<string>;

package/dist/esm/config/lambdaParameterConfig.js

@@ -0,0 +1,29 @@
+import fetch from 'node-fetch';
+import { assertDefined } from '../assertions';
+import { envConfig } from './envConfig';
+import { resolveConfigValue } from '.';
+const lambdaExtensionUrl = 'http://localhost:2773';
+let lambdaExtensionReadyPromise;
+// NOTE: Can only be used during in AWS Lambda
+// The AWS Parameters and Secrets Lambda Extension Layer must be included in the Lambda function
+export const lambdaParameterConfig = (parameterName) => async () => {
+    const token = await resolveConfigValue(envConfig('AWS_SESSION_TOKEN', 'runtime'));
+    const name = await resolveConfigValue(parameterName);
+    if (!lambdaExtensionReadyPromise) {
+        // This request will return 400 Bad Request,
+        // but we only care that it'll block until the extension is ready
+        lambdaExtensionReadyPromise = fetch(lambdaExtensionUrl);
+    }
+    await lambdaExtensionReadyPromise;
+    const resp = await fetch(
+    // Port 2773 is the default port for the extension
+    `${lambdaExtensionUrl}/systemsmanager/parameters/get?name=${name}&withDecryption=true`, { headers: { 'X-Aws-Parameters-Secrets-Token': token } });
+    if (resp.ok) {
+        const response = await resp.json();
+        const parameter = assertDefined(response.Parameter, `aws GetParameter response missing Parameter key for ${name}"`);
+        return assertDefined(parameter.Value, `aws GetParameter response missing Parameter.Value key for ${name}"`);
+    }
+    else {
+        throw new Error(`HTTP Error Response ${resp.status} ${resp.statusText} while fetching parameter ${name}`);
+    }
+};

package/dist/esm/config/replaceConfig.d.ts

@@ -0,0 +1,4 @@
+import { ConfigValueProvider } from '.';
+export declare const replaceConfig: (base: ConfigValueProvider<string>, replacements: {
+    [token: string]: ConfigValueProvider<string>;
+}) => ConfigValueProvider<string>;

package/dist/esm/config/replaceConfig.js

@@ -0,0 +1,8 @@
+import { resolveConfigValue } from './resolveConfigValue';
+export const replaceConfig = (base, replacements) => {
+    return async () => {
+        const resolved = await Promise.all(Object.entries(replacements)
+            .map(async ([token, replacement]) => [token, await resolveConfigValue(replacement)]));
+        return resolved.reduce((result, [token, replacement]) => result.replace(token, replacement), await resolveConfigValue(base));
+    };
+};

package/dist/esm/config/resolveConfigValue.d.ts

@@ -0,0 +1,2 @@
+import { ConfigValueProvider } from '.';
+export declare const resolveConfigValue: <V extends string>(provider: ConfigValueProvider<V>) => Promise<V>;

package/dist/esm/config/resolveConfigValue.js

@@ -0,0 +1,8 @@
+/*
+ * resolves a config value into a string, to be used inside of things that are provided configurations
+ * */
+export const resolveConfigValue = async (provider) => {
+    return typeof provider === 'function'
+        ? await provider()
+        : provider;
+};

package/dist/esm/services/authProvider/decryption.js

@@ -1,6 +1,6 @@
 import { compactDecrypt, compactVerify, importSPKI } from 'jose';
 import { once } from '../..';
-import { resolveConfigValue } from '../../config';
+import { resolveConfigValue } from '../../config/resolveConfigValue';
 import { ifDefined } from '../../guards';
 import { getAuthTokenOrCookie } from '.';
 export const decryptionAuthProvider = (initializer) => (configProvider) => {