@optimizely-opal/opal-tool-ocp-sdk 1.0.0-OCP-1441.4 → 1.0.0-OCP-1442.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +72 -0
- package/dist/function/GlobalToolFunction.d.ts +1 -0
- package/dist/function/GlobalToolFunction.d.ts.map +1 -1
- package/dist/function/GlobalToolFunction.js +8 -0
- package/dist/function/GlobalToolFunction.js.map +1 -1
- package/dist/function/GlobalToolFunction.test.js +3 -0
- package/dist/function/GlobalToolFunction.test.js.map +1 -1
- package/dist/function/ToolFunction.d.ts +7 -1
- package/dist/function/ToolFunction.d.ts.map +1 -1
- package/dist/function/ToolFunction.js +16 -2
- package/dist/function/ToolFunction.js.map +1 -1
- package/dist/function/ToolFunction.test.d.ts +2 -0
- package/dist/function/ToolFunction.test.d.ts.map +1 -0
- package/dist/function/ToolFunction.test.js +317 -0
- package/dist/function/ToolFunction.test.js.map +1 -0
- package/dist/logging/ToolLogger.d.ts +34 -0
- package/dist/logging/ToolLogger.d.ts.map +1 -0
- package/dist/logging/ToolLogger.js +151 -0
- package/dist/logging/ToolLogger.js.map +1 -0
- package/dist/logging/ToolLogger.test.d.ts +2 -0
- package/dist/logging/ToolLogger.test.d.ts.map +1 -0
- package/dist/logging/ToolLogger.test.js +533 -0
- package/dist/logging/ToolLogger.test.js.map +1 -0
- package/package.json +1 -1
- package/src/function/GlobalToolFunction.test.ts +3 -0
- package/src/function/GlobalToolFunction.ts +11 -0
- package/src/function/ToolFunction.test.ts +377 -0
- package/src/function/ToolFunction.ts +21 -2
- package/src/logging/ToolLogger.test.ts +623 -0
- package/src/logging/ToolLogger.ts +175 -0
|
@@ -0,0 +1,34 @@
|
|
|
1
|
+
import * as App from '@zaiusinc/app-sdk';
|
|
2
|
+
/**
|
|
3
|
+
* Utility class for logging Opal tool requests and responses with security considerations
|
|
4
|
+
*/
|
|
5
|
+
export declare class ToolLogger {
|
|
6
|
+
private static readonly SENSITIVE_FIELDS;
|
|
7
|
+
private static readonly MAX_PARAM_LENGTH;
|
|
8
|
+
private static readonly MAX_ARRAY_ITEMS;
|
|
9
|
+
/**
|
|
10
|
+
* Redacts sensitive data from an object
|
|
11
|
+
*/
|
|
12
|
+
private static redactSensitiveData;
|
|
13
|
+
/**
|
|
14
|
+
* Checks if a field name is considered sensitive
|
|
15
|
+
*/
|
|
16
|
+
private static isSensitiveField;
|
|
17
|
+
/**
|
|
18
|
+
* Creates a summary of request parameters
|
|
19
|
+
*/
|
|
20
|
+
private static createParameterSummary;
|
|
21
|
+
/**
|
|
22
|
+
* Calculates content length of response data
|
|
23
|
+
*/
|
|
24
|
+
private static calculateContentLength;
|
|
25
|
+
/**
|
|
26
|
+
* Logs an incoming request
|
|
27
|
+
*/
|
|
28
|
+
static logRequest(req: App.Request): void;
|
|
29
|
+
/**
|
|
30
|
+
* Logs a successful response
|
|
31
|
+
*/
|
|
32
|
+
static logResponse(req: App.Request, response: App.Response, processingTimeMs?: number): void;
|
|
33
|
+
}
|
|
34
|
+
//# sourceMappingURL=ToolLogger.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"ToolLogger.d.ts","sourceRoot":"","sources":["../../src/logging/ToolLogger.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,GAAG,MAAM,mBAAmB,CAAC;AAEzC;;GAEG;AACH,qBAAa,UAAU;IACrB,OAAO,CAAC,MAAM,CAAC,QAAQ,CAAC,gBAAgB,CAyCtC;IAEF,OAAO,CAAC,MAAM,CAAC,QAAQ,CAAC,gBAAgB,CAAO;IAC/C,OAAO,CAAC,MAAM,CAAC,QAAQ,CAAC,eAAe,CAAM;IAE7C;;OAEG;IACH,OAAO,CAAC,MAAM,CAAC,mBAAmB;IA0ClC;;OAEG;IACH,OAAO,CAAC,MAAM,CAAC,gBAAgB;IAO/B;;OAEG;IACH,OAAO,CAAC,MAAM,CAAC,sBAAsB;IAQrC;;OAEG;IACH,OAAO,CAAC,MAAM,CAAC,sBAAsB;IAarC;;OAEG;WACW,UAAU,CACtB,GAAG,EAAE,GAAG,CAAC,OAAO,GACf,IAAI;IAYP;;OAEG;WACW,WAAW,CACvB,GAAG,EAAE,GAAG,CAAC,OAAO,EAChB,QAAQ,EAAE,GAAG,CAAC,QAAQ,EACtB,gBAAgB,CAAC,EAAE,MAAM,GACxB,IAAI;CAeR"}
|
|
@@ -0,0 +1,151 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.ToolLogger = void 0;
|
|
4
|
+
const app_sdk_1 = require("@zaiusinc/app-sdk");
|
|
5
|
+
/**
|
|
6
|
+
* Utility class for logging Opal tool requests and responses with security considerations
|
|
7
|
+
*/
|
|
8
|
+
class ToolLogger {
|
|
9
|
+
static SENSITIVE_FIELDS = [
|
|
10
|
+
// Authentication / secrets
|
|
11
|
+
'password',
|
|
12
|
+
'pass',
|
|
13
|
+
'secret',
|
|
14
|
+
'key',
|
|
15
|
+
'token',
|
|
16
|
+
'auth',
|
|
17
|
+
'credentials',
|
|
18
|
+
'access_token',
|
|
19
|
+
'refresh_token',
|
|
20
|
+
'api_key',
|
|
21
|
+
'private_key',
|
|
22
|
+
'client_secret',
|
|
23
|
+
'session_token',
|
|
24
|
+
'authorization',
|
|
25
|
+
// Payment-related
|
|
26
|
+
'card_number',
|
|
27
|
+
'credit_card',
|
|
28
|
+
'cvv',
|
|
29
|
+
'expiry_date',
|
|
30
|
+
// Personal info
|
|
31
|
+
'ssn', // social security number
|
|
32
|
+
'nid', // national ID
|
|
33
|
+
'passport',
|
|
34
|
+
'dob', // date of birth
|
|
35
|
+
'email',
|
|
36
|
+
'phone',
|
|
37
|
+
'address',
|
|
38
|
+
// Misc / environment
|
|
39
|
+
'otp',
|
|
40
|
+
'pin',
|
|
41
|
+
'security_answer',
|
|
42
|
+
'security_question',
|
|
43
|
+
'signing_key',
|
|
44
|
+
'encryption_key',
|
|
45
|
+
'jwt',
|
|
46
|
+
'bearer_token'
|
|
47
|
+
];
|
|
48
|
+
static MAX_PARAM_LENGTH = 100;
|
|
49
|
+
static MAX_ARRAY_ITEMS = 10;
|
|
50
|
+
/**
|
|
51
|
+
* Redacts sensitive data from an object
|
|
52
|
+
*/
|
|
53
|
+
static redactSensitiveData(data, maxDepth = 5) {
|
|
54
|
+
if (maxDepth <= 0 || data === null || data === undefined) {
|
|
55
|
+
return data;
|
|
56
|
+
}
|
|
57
|
+
if (typeof data === 'string') {
|
|
58
|
+
return data.length > this.MAX_PARAM_LENGTH
|
|
59
|
+
? `${data.substring(0, this.MAX_PARAM_LENGTH)}... (truncated, ${data.length} chars total)`
|
|
60
|
+
: data;
|
|
61
|
+
}
|
|
62
|
+
if (typeof data === 'number' || typeof data === 'boolean') {
|
|
63
|
+
return data;
|
|
64
|
+
}
|
|
65
|
+
if (Array.isArray(data)) {
|
|
66
|
+
const truncated = data.slice(0, this.MAX_ARRAY_ITEMS);
|
|
67
|
+
const result = truncated.map((item) => this.redactSensitiveData(item, maxDepth - 1));
|
|
68
|
+
if (data.length > this.MAX_ARRAY_ITEMS) {
|
|
69
|
+
result.push(`... (${data.length - this.MAX_ARRAY_ITEMS} more items truncated)`);
|
|
70
|
+
}
|
|
71
|
+
return result;
|
|
72
|
+
}
|
|
73
|
+
if (typeof data === 'object') {
|
|
74
|
+
const result = {};
|
|
75
|
+
for (const [key, value] of Object.entries(data)) {
|
|
76
|
+
// Check if this field contains sensitive data
|
|
77
|
+
const isSensitive = this.isSensitiveField(key);
|
|
78
|
+
if (isSensitive) {
|
|
79
|
+
result[key] = '[REDACTED]';
|
|
80
|
+
}
|
|
81
|
+
else {
|
|
82
|
+
result[key] = this.redactSensitiveData(value, maxDepth - 1);
|
|
83
|
+
}
|
|
84
|
+
}
|
|
85
|
+
return result;
|
|
86
|
+
}
|
|
87
|
+
return data;
|
|
88
|
+
}
|
|
89
|
+
/**
|
|
90
|
+
* Checks if a field name is considered sensitive
|
|
91
|
+
*/
|
|
92
|
+
static isSensitiveField(fieldName) {
|
|
93
|
+
const lowerKey = fieldName.toLowerCase();
|
|
94
|
+
return this.SENSITIVE_FIELDS.some((sensitiveField) => lowerKey.includes(sensitiveField));
|
|
95
|
+
}
|
|
96
|
+
/**
|
|
97
|
+
* Creates a summary of request parameters
|
|
98
|
+
*/
|
|
99
|
+
static createParameterSummary(params) {
|
|
100
|
+
if (!params) {
|
|
101
|
+
return null;
|
|
102
|
+
}
|
|
103
|
+
return this.redactSensitiveData(params);
|
|
104
|
+
}
|
|
105
|
+
/**
|
|
106
|
+
* Calculates content length of response data
|
|
107
|
+
*/
|
|
108
|
+
static calculateContentLength(responseData) {
|
|
109
|
+
if (!responseData) {
|
|
110
|
+
return 0;
|
|
111
|
+
}
|
|
112
|
+
try {
|
|
113
|
+
const serialized = JSON.stringify(responseData);
|
|
114
|
+
return serialized.length;
|
|
115
|
+
}
|
|
116
|
+
catch {
|
|
117
|
+
return 'unknown';
|
|
118
|
+
}
|
|
119
|
+
}
|
|
120
|
+
/**
|
|
121
|
+
* Logs an incoming request
|
|
122
|
+
*/
|
|
123
|
+
static logRequest(req) {
|
|
124
|
+
const params = req.bodyJSON && req.bodyJSON.parameters ? req.bodyJSON.parameters : req.bodyJSON;
|
|
125
|
+
const requestLog = {
|
|
126
|
+
event: 'opal_tool_request',
|
|
127
|
+
path: req.path,
|
|
128
|
+
parameters: this.createParameterSummary(params)
|
|
129
|
+
};
|
|
130
|
+
// Log with Zaius audience so developers only see requests for accounts they have access to
|
|
131
|
+
app_sdk_1.logger.info(app_sdk_1.LogVisibility.Zaius, JSON.stringify(requestLog));
|
|
132
|
+
}
|
|
133
|
+
/**
|
|
134
|
+
* Logs a successful response
|
|
135
|
+
*/
|
|
136
|
+
static logResponse(req, response, processingTimeMs) {
|
|
137
|
+
const responseLog = {
|
|
138
|
+
event: 'opal_tool_response',
|
|
139
|
+
path: req.path,
|
|
140
|
+
duration: processingTimeMs ? `${processingTimeMs}ms` : undefined,
|
|
141
|
+
status: response.status,
|
|
142
|
+
contentType: response.headers?.get('content-type') || 'unknown',
|
|
143
|
+
contentLength: this.calculateContentLength(response.bodyJSON),
|
|
144
|
+
success: response.status >= 200 && response.status < 300
|
|
145
|
+
};
|
|
146
|
+
// Log with Zaius audience so developers only see requests for accounts they have access to
|
|
147
|
+
app_sdk_1.logger.info(app_sdk_1.LogVisibility.Zaius, JSON.stringify(responseLog));
|
|
148
|
+
}
|
|
149
|
+
}
|
|
150
|
+
exports.ToolLogger = ToolLogger;
|
|
151
|
+
//# sourceMappingURL=ToolLogger.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"ToolLogger.js","sourceRoot":"","sources":["../../src/logging/ToolLogger.ts"],"names":[],"mappings":";;;AAAA,+CAA0D;AAG1D;;GAEG;AACH,MAAa,UAAU;IACb,MAAM,CAAU,gBAAgB,GAAG;QACzC,2BAA2B;QAC3B,UAAU;QACV,MAAM;QACN,QAAQ;QACR,KAAK;QACL,OAAO;QACP,MAAM;QACN,aAAa;QACb,cAAc;QACd,eAAe;QACf,SAAS;QACT,aAAa;QACb,eAAe;QACf,eAAe;QACf,eAAe;QAEf,kBAAkB;QAClB,aAAa;QACb,aAAa;QACb,KAAK;QACL,aAAa;QAEb,gBAAgB;QAChB,KAAK,EAAE,yBAAyB;QAChC,KAAK,EAAE,cAAc;QACrB,UAAU;QACV,KAAK,EAAE,gBAAgB;QACvB,OAAO;QACP,OAAO;QACP,SAAS;QAET,qBAAqB;QACrB,KAAK;QACL,KAAK;QACL,iBAAiB;QACjB,mBAAmB;QACnB,aAAa;QACb,gBAAgB;QAChB,KAAK;QACL,cAAc;KACf,CAAC;IAEM,MAAM,CAAU,gBAAgB,GAAG,GAAG,CAAC;IACvC,MAAM,CAAU,eAAe,GAAG,EAAE,CAAC;IAE7C;;OAEG;IACK,MAAM,CAAC,mBAAmB,CAAC,IAAS,EAAE,QAAQ,GAAG,CAAC;QACxD,IAAI,QAAQ,IAAI,CAAC,IAAI,IAAI,KAAK,IAAI,IAAI,IAAI,KAAK,SAAS,EAAE,CAAC;YACzD,OAAO,IAAI,CAAC;QACd,CAAC;QAED,IAAI,OAAO,IAAI,KAAK,QAAQ,EAAE,CAAC;YAC7B,OAAO,IAAI,CAAC,MAAM,GAAG,IAAI,CAAC,gBAAgB;gBACxC,CAAC,CAAC,GAAG,IAAI,CAAC,SAAS,CAAC,CAAC,EAAE,IAAI,CAAC,gBAAgB,CAAC,mBAAmB,IAAI,CAAC,MAAM,eAAe;gBAC1F,CAAC,CAAC,IAAI,CAAC;QACX,CAAC;QAED,IAAI,OAAO,IAAI,KAAK,QAAQ,IAAI,OAAO,IAAI,KAAK,SAAS,EAAE,CAAC;YAC1D,OAAO,IAAI,CAAC;QACd,CAAC;QAED,IAAI,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,EAAE,CAAC;YACxB,MAAM,SAAS,GAAG,IAAI,CAAC,KAAK,CAAC,CAAC,EAAE,IAAI,CAAC,eAAe,CAAC,CAAC;YACtD,MAAM,MAAM,GAAG,SAAS,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,mBAAmB,CAAC,IAAI,EAAE,QAAQ,GAAG,CAAC,CAAC,CAAC,CAAC;YACrF,IAAI,IAAI,CAAC,MAAM,GAAG,IAAI,CAAC,eAAe,EAAE,CAAC;gBACvC,MAAM,CAAC,IAAI,CAAC,QAAQ,IAAI,CAAC,MAAM,GAAG,IAAI,CAAC,eAAe,wBAAwB,CAAC,CAAC;YAClF,CAAC;YACD,OAAO,MAAM,CAAC;QAChB,CAAC;QAED,IAAI,OAAO,IAAI,KAAK,QAAQ,EAAE,CAAC;YAC7B,MAAM,MAAM,GAAQ,EAAE,CAAC;YACvB,KAAK,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,EAAE,CAAC;gBAChD,8CAA8C;gBAC9C,MAAM,WAAW,GAAG,IAAI,CAAC,gBAAgB,CAAC,GAAG,CAAC,CAAC;gBAE/C,IAAI,WAAW,EAAE,CAAC;oBAChB,MAAM,CAAC,GAAG,CAAC,GAAG,YAAY,CAAC;gBAC7B,CAAC;qBAAM,CAAC;oBACN,MAAM,CAAC,GAAG,CAAC,GAAG,IAAI,CAAC,mBAAmB,CAAC,KAAK,EAAE,QAAQ,GAAG,CAAC,CAAC,CAAC;gBAC9D,CAAC;YACH,CAAC;YACD,OAAO,MAAM,CAAC;QAChB,CAAC;QAED,OAAO,IAAI,CAAC;IACd,CAAC;IAED;;OAEG;IACK,MAAM,CAAC,gBAAgB,CAAC,SAAiB;QAC/C,MAAM,QAAQ,GAAG,SAAS,CAAC,WAAW,EAAE,CAAC;QACzC,OAAO,IAAI,CAAC,gBAAgB,CAAC,IAAI,CAAC,CAAC,cAAc,EAAE,EAAE,CACnD,QAAQ,CAAC,QAAQ,CAAC,cAAc,CAAC,CAClC,CAAC;IACJ,CAAC;IAED;;OAEG;IACK,MAAM,CAAC,sBAAsB,CAAC,MAAW;QAC/C,IAAI,CAAC,MAAM,EAAE,CAAC;YACZ,OAAO,IAAI,CAAC;QACd,CAAC;QAED,OAAO,IAAI,CAAC,mBAAmB,CAAC,MAAM,CAAC,CAAC;IAC1C,CAAC;IAED;;OAEG;IACK,MAAM,CAAC,sBAAsB,CAAC,YAAkB;QACtD,IAAI,CAAC,YAAY,EAAE,CAAC;YAClB,OAAO,CAAC,CAAC;QACX,CAAC;QAED,IAAI,CAAC;YACH,MAAM,UAAU,GAAG,IAAI,CAAC,SAAS,CAAC,YAAY,CAAC,CAAC;YAChD,OAAO,UAAU,CAAC,MAAM,CAAC;QAC3B,CAAC;QAAC,MAAM,CAAC;YACP,OAAO,SAAS,CAAC;QACnB,CAAC;IACH,CAAC;IAED;;OAEG;IACI,MAAM,CAAC,UAAU,CACtB,GAAgB;QAEhB,MAAM,MAAM,GAAG,GAAG,CAAC,QAAQ,IAAI,GAAG,CAAC,QAAQ,CAAC,UAAU,CAAC,CAAC,CAAC,GAAG,CAAC,QAAQ,CAAC,UAAU,CAAC,CAAC,CAAC,GAAG,CAAC,QAAQ,CAAC;QAChG,MAAM,UAAU,GAAG;YACjB,KAAK,EAAE,mBAAmB;YAC1B,IAAI,EAAE,GAAG,CAAC,IAAI;YACd,UAAU,EAAE,IAAI,CAAC,sBAAsB,CAAC,MAAM,CAAC;SAChD,CAAC;QAEF,2FAA2F;QAC3F,gBAAM,CAAC,IAAI,CAAC,uBAAa,CAAC,KAAK,EAAE,IAAI,CAAC,SAAS,CAAC,UAAU,CAAC,CAAC,CAAC;IAC/D,CAAC;IAED;;OAEG;IACI,MAAM,CAAC,WAAW,CACvB,GAAgB,EAChB,QAAsB,EACtB,gBAAyB;QAGzB,MAAM,WAAW,GAAG;YAClB,KAAK,EAAE,oBAAoB;YAC3B,IAAI,EAAE,GAAG,CAAC,IAAI;YACd,QAAQ,EAAE,gBAAgB,CAAC,CAAC,CAAC,GAAG,gBAAgB,IAAI,CAAC,CAAC,CAAC,SAAS;YAChE,MAAM,EAAE,QAAQ,CAAC,MAAM;YACvB,WAAW,EAAE,QAAQ,CAAC,OAAO,EAAE,GAAG,CAAC,cAAc,CAAC,IAAI,SAAS;YAC/D,aAAa,EAAE,IAAI,CAAC,sBAAsB,CAAC,QAAQ,CAAC,QAAQ,CAAC;YAC7D,OAAO,EAAE,QAAQ,CAAC,MAAM,IAAI,GAAG,IAAI,QAAQ,CAAC,MAAM,GAAG,GAAG;SACzD,CAAC;QAEF,2FAA2F;QAC3F,gBAAM,CAAC,IAAI,CAAC,uBAAa,CAAC,KAAK,EAAE,IAAI,CAAC,SAAS,CAAC,WAAW,CAAC,CAAC,CAAC;IAChE,CAAC;;AAvKH,gCAwKC"}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"ToolLogger.test.d.ts","sourceRoot":"","sources":["../../src/logging/ToolLogger.test.ts"],"names":[],"mappings":""}
|