@optimizely-opal/opal-tool-ocp-sdk 1.0.0-OCP-1441.4 → 1.0.0-OCP-1442.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -0,0 +1,34 @@
1
+ import * as App from '@zaiusinc/app-sdk';
2
+ /**
3
+ * Utility class for logging Opal tool requests and responses with security considerations
4
+ */
5
+ export declare class ToolLogger {
6
+ private static readonly SENSITIVE_FIELDS;
7
+ private static readonly MAX_PARAM_LENGTH;
8
+ private static readonly MAX_ARRAY_ITEMS;
9
+ /**
10
+ * Redacts sensitive data from an object
11
+ */
12
+ private static redactSensitiveData;
13
+ /**
14
+ * Checks if a field name is considered sensitive
15
+ */
16
+ private static isSensitiveField;
17
+ /**
18
+ * Creates a summary of request parameters
19
+ */
20
+ private static createParameterSummary;
21
+ /**
22
+ * Calculates content length of response data
23
+ */
24
+ private static calculateContentLength;
25
+ /**
26
+ * Logs an incoming request
27
+ */
28
+ static logRequest(req: App.Request): void;
29
+ /**
30
+ * Logs a successful response
31
+ */
32
+ static logResponse(req: App.Request, response: App.Response, processingTimeMs?: number): void;
33
+ }
34
+ //# sourceMappingURL=ToolLogger.d.ts.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"ToolLogger.d.ts","sourceRoot":"","sources":["../../src/logging/ToolLogger.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,GAAG,MAAM,mBAAmB,CAAC;AAEzC;;GAEG;AACH,qBAAa,UAAU;IACrB,OAAO,CAAC,MAAM,CAAC,QAAQ,CAAC,gBAAgB,CAyCtC;IAEF,OAAO,CAAC,MAAM,CAAC,QAAQ,CAAC,gBAAgB,CAAO;IAC/C,OAAO,CAAC,MAAM,CAAC,QAAQ,CAAC,eAAe,CAAM;IAE7C;;OAEG;IACH,OAAO,CAAC,MAAM,CAAC,mBAAmB;IA0ClC;;OAEG;IACH,OAAO,CAAC,MAAM,CAAC,gBAAgB;IAO/B;;OAEG;IACH,OAAO,CAAC,MAAM,CAAC,sBAAsB;IAQrC;;OAEG;IACH,OAAO,CAAC,MAAM,CAAC,sBAAsB;IAarC;;OAEG;WACW,UAAU,CACtB,GAAG,EAAE,GAAG,CAAC,OAAO,GACf,IAAI;IAYP;;OAEG;WACW,WAAW,CACvB,GAAG,EAAE,GAAG,CAAC,OAAO,EAChB,QAAQ,EAAE,GAAG,CAAC,QAAQ,EACtB,gBAAgB,CAAC,EAAE,MAAM,GACxB,IAAI;CAeR"}
@@ -0,0 +1,151 @@
1
+ "use strict";
2
+ Object.defineProperty(exports, "__esModule", { value: true });
3
+ exports.ToolLogger = void 0;
4
+ const app_sdk_1 = require("@zaiusinc/app-sdk");
5
+ /**
6
+ * Utility class for logging Opal tool requests and responses with security considerations
7
+ */
8
+ class ToolLogger {
9
+ static SENSITIVE_FIELDS = [
10
+ // Authentication / secrets
11
+ 'password',
12
+ 'pass',
13
+ 'secret',
14
+ 'key',
15
+ 'token',
16
+ 'auth',
17
+ 'credentials',
18
+ 'access_token',
19
+ 'refresh_token',
20
+ 'api_key',
21
+ 'private_key',
22
+ 'client_secret',
23
+ 'session_token',
24
+ 'authorization',
25
+ // Payment-related
26
+ 'card_number',
27
+ 'credit_card',
28
+ 'cvv',
29
+ 'expiry_date',
30
+ // Personal info
31
+ 'ssn', // social security number
32
+ 'nid', // national ID
33
+ 'passport',
34
+ 'dob', // date of birth
35
+ 'email',
36
+ 'phone',
37
+ 'address',
38
+ // Misc / environment
39
+ 'otp',
40
+ 'pin',
41
+ 'security_answer',
42
+ 'security_question',
43
+ 'signing_key',
44
+ 'encryption_key',
45
+ 'jwt',
46
+ 'bearer_token'
47
+ ];
48
+ static MAX_PARAM_LENGTH = 100;
49
+ static MAX_ARRAY_ITEMS = 10;
50
+ /**
51
+ * Redacts sensitive data from an object
52
+ */
53
+ static redactSensitiveData(data, maxDepth = 5) {
54
+ if (maxDepth <= 0 || data === null || data === undefined) {
55
+ return data;
56
+ }
57
+ if (typeof data === 'string') {
58
+ return data.length > this.MAX_PARAM_LENGTH
59
+ ? `${data.substring(0, this.MAX_PARAM_LENGTH)}... (truncated, ${data.length} chars total)`
60
+ : data;
61
+ }
62
+ if (typeof data === 'number' || typeof data === 'boolean') {
63
+ return data;
64
+ }
65
+ if (Array.isArray(data)) {
66
+ const truncated = data.slice(0, this.MAX_ARRAY_ITEMS);
67
+ const result = truncated.map((item) => this.redactSensitiveData(item, maxDepth - 1));
68
+ if (data.length > this.MAX_ARRAY_ITEMS) {
69
+ result.push(`... (${data.length - this.MAX_ARRAY_ITEMS} more items truncated)`);
70
+ }
71
+ return result;
72
+ }
73
+ if (typeof data === 'object') {
74
+ const result = {};
75
+ for (const [key, value] of Object.entries(data)) {
76
+ // Check if this field contains sensitive data
77
+ const isSensitive = this.isSensitiveField(key);
78
+ if (isSensitive) {
79
+ result[key] = '[REDACTED]';
80
+ }
81
+ else {
82
+ result[key] = this.redactSensitiveData(value, maxDepth - 1);
83
+ }
84
+ }
85
+ return result;
86
+ }
87
+ return data;
88
+ }
89
+ /**
90
+ * Checks if a field name is considered sensitive
91
+ */
92
+ static isSensitiveField(fieldName) {
93
+ const lowerKey = fieldName.toLowerCase();
94
+ return this.SENSITIVE_FIELDS.some((sensitiveField) => lowerKey.includes(sensitiveField));
95
+ }
96
+ /**
97
+ * Creates a summary of request parameters
98
+ */
99
+ static createParameterSummary(params) {
100
+ if (!params) {
101
+ return null;
102
+ }
103
+ return this.redactSensitiveData(params);
104
+ }
105
+ /**
106
+ * Calculates content length of response data
107
+ */
108
+ static calculateContentLength(responseData) {
109
+ if (!responseData) {
110
+ return 0;
111
+ }
112
+ try {
113
+ const serialized = JSON.stringify(responseData);
114
+ return serialized.length;
115
+ }
116
+ catch {
117
+ return 'unknown';
118
+ }
119
+ }
120
+ /**
121
+ * Logs an incoming request
122
+ */
123
+ static logRequest(req) {
124
+ const params = req.bodyJSON && req.bodyJSON.parameters ? req.bodyJSON.parameters : req.bodyJSON;
125
+ const requestLog = {
126
+ event: 'opal_tool_request',
127
+ path: req.path,
128
+ parameters: this.createParameterSummary(params)
129
+ };
130
+ // Log with Zaius audience so developers only see requests for accounts they have access to
131
+ app_sdk_1.logger.info(app_sdk_1.LogVisibility.Zaius, JSON.stringify(requestLog));
132
+ }
133
+ /**
134
+ * Logs a successful response
135
+ */
136
+ static logResponse(req, response, processingTimeMs) {
137
+ const responseLog = {
138
+ event: 'opal_tool_response',
139
+ path: req.path,
140
+ duration: processingTimeMs ? `${processingTimeMs}ms` : undefined,
141
+ status: response.status,
142
+ contentType: response.headers?.get('content-type') || 'unknown',
143
+ contentLength: this.calculateContentLength(response.bodyJSON),
144
+ success: response.status >= 200 && response.status < 300
145
+ };
146
+ // Log with Zaius audience so developers only see requests for accounts they have access to
147
+ app_sdk_1.logger.info(app_sdk_1.LogVisibility.Zaius, JSON.stringify(responseLog));
148
+ }
149
+ }
150
+ exports.ToolLogger = ToolLogger;
151
+ //# sourceMappingURL=ToolLogger.js.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"ToolLogger.js","sourceRoot":"","sources":["../../src/logging/ToolLogger.ts"],"names":[],"mappings":";;;AAAA,+CAA0D;AAG1D;;GAEG;AACH,MAAa,UAAU;IACb,MAAM,CAAU,gBAAgB,GAAG;QACzC,2BAA2B;QAC3B,UAAU;QACV,MAAM;QACN,QAAQ;QACR,KAAK;QACL,OAAO;QACP,MAAM;QACN,aAAa;QACb,cAAc;QACd,eAAe;QACf,SAAS;QACT,aAAa;QACb,eAAe;QACf,eAAe;QACf,eAAe;QAEf,kBAAkB;QAClB,aAAa;QACb,aAAa;QACb,KAAK;QACL,aAAa;QAEb,gBAAgB;QAChB,KAAK,EAAE,yBAAyB;QAChC,KAAK,EAAE,cAAc;QACrB,UAAU;QACV,KAAK,EAAE,gBAAgB;QACvB,OAAO;QACP,OAAO;QACP,SAAS;QAET,qBAAqB;QACrB,KAAK;QACL,KAAK;QACL,iBAAiB;QACjB,mBAAmB;QACnB,aAAa;QACb,gBAAgB;QAChB,KAAK;QACL,cAAc;KACf,CAAC;IAEM,MAAM,CAAU,gBAAgB,GAAG,GAAG,CAAC;IACvC,MAAM,CAAU,eAAe,GAAG,EAAE,CAAC;IAE7C;;OAEG;IACK,MAAM,CAAC,mBAAmB,CAAC,IAAS,EAAE,QAAQ,GAAG,CAAC;QACxD,IAAI,QAAQ,IAAI,CAAC,IAAI,IAAI,KAAK,IAAI,IAAI,IAAI,KAAK,SAAS,EAAE,CAAC;YACzD,OAAO,IAAI,CAAC;QACd,CAAC;QAED,IAAI,OAAO,IAAI,KAAK,QAAQ,EAAE,CAAC;YAC7B,OAAO,IAAI,CAAC,MAAM,GAAG,IAAI,CAAC,gBAAgB;gBACxC,CAAC,CAAC,GAAG,IAAI,CAAC,SAAS,CAAC,CAAC,EAAE,IAAI,CAAC,gBAAgB,CAAC,mBAAmB,IAAI,CAAC,MAAM,eAAe;gBAC1F,CAAC,CAAC,IAAI,CAAC;QACX,CAAC;QAED,IAAI,OAAO,IAAI,KAAK,QAAQ,IAAI,OAAO,IAAI,KAAK,SAAS,EAAE,CAAC;YAC1D,OAAO,IAAI,CAAC;QACd,CAAC;QAED,IAAI,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,EAAE,CAAC;YACxB,MAAM,SAAS,GAAG,IAAI,CAAC,KAAK,CAAC,CAAC,EAAE,IAAI,CAAC,eAAe,CAAC,CAAC;YACtD,MAAM,MAAM,GAAG,SAAS,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,mBAAmB,CAAC,IAAI,EAAE,QAAQ,GAAG,CAAC,CAAC,CAAC,CAAC;YACrF,IAAI,IAAI,CAAC,MAAM,GAAG,IAAI,CAAC,eAAe,EAAE,CAAC;gBACvC,MAAM,CAAC,IAAI,CAAC,QAAQ,IAAI,CAAC,MAAM,GAAG,IAAI,CAAC,eAAe,wBAAwB,CAAC,CAAC;YAClF,CAAC;YACD,OAAO,MAAM,CAAC;QAChB,CAAC;QAED,IAAI,OAAO,IAAI,KAAK,QAAQ,EAAE,CAAC;YAC7B,MAAM,MAAM,GAAQ,EAAE,CAAC;YACvB,KAAK,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,EAAE,CAAC;gBAChD,8CAA8C;gBAC9C,MAAM,WAAW,GAAG,IAAI,CAAC,gBAAgB,CAAC,GAAG,CAAC,CAAC;gBAE/C,IAAI,WAAW,EAAE,CAAC;oBAChB,MAAM,CAAC,GAAG,CAAC,GAAG,YAAY,CAAC;gBAC7B,CAAC;qBAAM,CAAC;oBACN,MAAM,CAAC,GAAG,CAAC,GAAG,IAAI,CAAC,mBAAmB,CAAC,KAAK,EAAE,QAAQ,GAAG,CAAC,CAAC,CAAC;gBAC9D,CAAC;YACH,CAAC;YACD,OAAO,MAAM,CAAC;QAChB,CAAC;QAED,OAAO,IAAI,CAAC;IACd,CAAC;IAED;;OAEG;IACK,MAAM,CAAC,gBAAgB,CAAC,SAAiB;QAC/C,MAAM,QAAQ,GAAG,SAAS,CAAC,WAAW,EAAE,CAAC;QACzC,OAAO,IAAI,CAAC,gBAAgB,CAAC,IAAI,CAAC,CAAC,cAAc,EAAE,EAAE,CACnD,QAAQ,CAAC,QAAQ,CAAC,cAAc,CAAC,CAClC,CAAC;IACJ,CAAC;IAED;;OAEG;IACK,MAAM,CAAC,sBAAsB,CAAC,MAAW;QAC/C,IAAI,CAAC,MAAM,EAAE,CAAC;YACZ,OAAO,IAAI,CAAC;QACd,CAAC;QAED,OAAO,IAAI,CAAC,mBAAmB,CAAC,MAAM,CAAC,CAAC;IAC1C,CAAC;IAED;;OAEG;IACK,MAAM,CAAC,sBAAsB,CAAC,YAAkB;QACtD,IAAI,CAAC,YAAY,EAAE,CAAC;YAClB,OAAO,CAAC,CAAC;QACX,CAAC;QAED,IAAI,CAAC;YACH,MAAM,UAAU,GAAG,IAAI,CAAC,SAAS,CAAC,YAAY,CAAC,CAAC;YAChD,OAAO,UAAU,CAAC,MAAM,CAAC;QAC3B,CAAC;QAAC,MAAM,CAAC;YACP,OAAO,SAAS,CAAC;QACnB,CAAC;IACH,CAAC;IAED;;OAEG;IACI,MAAM,CAAC,UAAU,CACtB,GAAgB;QAEhB,MAAM,MAAM,GAAG,GAAG,CAAC,QAAQ,IAAI,GAAG,CAAC,QAAQ,CAAC,UAAU,CAAC,CAAC,CAAC,GAAG,CAAC,QAAQ,CAAC,UAAU,CAAC,CAAC,CAAC,GAAG,CAAC,QAAQ,CAAC;QAChG,MAAM,UAAU,GAAG;YACjB,KAAK,EAAE,mBAAmB;YAC1B,IAAI,EAAE,GAAG,CAAC,IAAI;YACd,UAAU,EAAE,IAAI,CAAC,sBAAsB,CAAC,MAAM,CAAC;SAChD,CAAC;QAEF,2FAA2F;QAC3F,gBAAM,CAAC,IAAI,CAAC,uBAAa,CAAC,KAAK,EAAE,IAAI,CAAC,SAAS,CAAC,UAAU,CAAC,CAAC,CAAC;IAC/D,CAAC;IAED;;OAEG;IACI,MAAM,CAAC,WAAW,CACvB,GAAgB,EAChB,QAAsB,EACtB,gBAAyB;QAGzB,MAAM,WAAW,GAAG;YAClB,KAAK,EAAE,oBAAoB;YAC3B,IAAI,EAAE,GAAG,CAAC,IAAI;YACd,QAAQ,EAAE,gBAAgB,CAAC,CAAC,CAAC,GAAG,gBAAgB,IAAI,CAAC,CAAC,CAAC,SAAS;YAChE,MAAM,EAAE,QAAQ,CAAC,MAAM;YACvB,WAAW,EAAE,QAAQ,CAAC,OAAO,EAAE,GAAG,CAAC,cAAc,CAAC,IAAI,SAAS;YAC/D,aAAa,EAAE,IAAI,CAAC,sBAAsB,CAAC,QAAQ,CAAC,QAAQ,CAAC;YAC7D,OAAO,EAAE,QAAQ,CAAC,MAAM,IAAI,GAAG,IAAI,QAAQ,CAAC,MAAM,GAAG,GAAG;SACzD,CAAC;QAEF,2FAA2F;QAC3F,gBAAM,CAAC,IAAI,CAAC,uBAAa,CAAC,KAAK,EAAE,IAAI,CAAC,SAAS,CAAC,WAAW,CAAC,CAAC,CAAC;IAChE,CAAC;;AAvKH,gCAwKC"}
@@ -0,0 +1,2 @@
1
+ export {};
2
+ //# sourceMappingURL=ToolLogger.test.d.ts.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"ToolLogger.test.d.ts","sourceRoot":"","sources":["../../src/logging/ToolLogger.test.ts"],"names":[],"mappings":""}