@riocrypto/common-server 1.0.2756 → 1.0.2758
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
|
@@ -1,8 +1,9 @@
|
|
|
1
1
|
declare class CosignerClient {
|
|
2
2
|
private apiKey;
|
|
3
3
|
private webhookSecret;
|
|
4
|
+
private requestToken;
|
|
4
5
|
private axiosClient;
|
|
5
|
-
constructor(apiKey: string, webhookSecret: string);
|
|
6
|
+
constructor(apiKey: string, webhookSecret: string, requestToken: string);
|
|
6
7
|
sendRequest(title: string, description: string, minApprovers: number, notificationUrl: string, approverGroupId: string, metadata?: Object, alternativeActions?: {
|
|
7
8
|
label: string;
|
|
8
9
|
value: string;
|
|
@@ -17,9 +17,10 @@ const secret_manager_client_1 = require("./secret-manager-client");
|
|
|
17
17
|
const axios_with_logging_1 = require("./axios-with-logging");
|
|
18
18
|
const crypto_1 = __importDefault(require("crypto"));
|
|
19
19
|
class CosignerClient {
|
|
20
|
-
constructor(apiKey, webhookSecret) {
|
|
20
|
+
constructor(apiKey, webhookSecret, requestToken) {
|
|
21
21
|
this.apiKey = apiKey;
|
|
22
22
|
this.webhookSecret = webhookSecret;
|
|
23
|
+
this.requestToken = requestToken;
|
|
23
24
|
this.axiosClient = (0, axios_with_logging_1.buildAxiosWithLogging)();
|
|
24
25
|
}
|
|
25
26
|
sendRequest(title, description, minApprovers, notificationUrl, approverGroupId, metadata, alternativeActions) {
|
|
@@ -35,6 +36,7 @@ class CosignerClient {
|
|
|
35
36
|
}, {
|
|
36
37
|
headers: {
|
|
37
38
|
"x-api-key": this.apiKey,
|
|
39
|
+
"x-cosigner-token": this.requestToken,
|
|
38
40
|
},
|
|
39
41
|
});
|
|
40
42
|
});
|
|
@@ -58,6 +60,10 @@ const buildCosignerClient = () => __awaiter(void 0, void 0, void 0, function* ()
|
|
|
58
60
|
if (!COSIGNER_WEBHOOK_SECRET) {
|
|
59
61
|
throw new Error("Unable to get COSIGNER_WEBHOOK_SECRET");
|
|
60
62
|
}
|
|
61
|
-
|
|
63
|
+
const COSIGNER_REQUEST_TOKEN = yield secret_manager_client_1.secretManagerClient.getSecretValue("COSIGNER_REQUEST_TOKEN");
|
|
64
|
+
if (!COSIGNER_REQUEST_TOKEN) {
|
|
65
|
+
throw new Error("Unable to get COSIGNER_REQUEST_TOKEN");
|
|
66
|
+
}
|
|
67
|
+
return new CosignerClient(COSIGNER_API_KEY, COSIGNER_WEBHOOK_SECRET, COSIGNER_REQUEST_TOKEN);
|
|
62
68
|
});
|
|
63
69
|
exports.buildCosignerClient = buildCosignerClient;
|
|
@@ -58,6 +58,22 @@ const authorize = (req, res, next, mongoose, authorizationTypes) => __awaiter(vo
|
|
|
58
58
|
}))());
|
|
59
59
|
}
|
|
60
60
|
}
|
|
61
|
+
// Check for FX price pusher API key - only if needed
|
|
62
|
+
if (authorizationTypes.includes(common_1.AuthorizationType.FXPricePusher)) {
|
|
63
|
+
const fxPricePusherApiKey = req.header("x-fx-price-pusher-api-key");
|
|
64
|
+
if (fxPricePusherApiKey) {
|
|
65
|
+
promises.push((() => __awaiter(void 0, void 0, void 0, function* () {
|
|
66
|
+
const FX_PRICE_PUSHER_API_KEY = yield secret_manager_client_1.secretManagerClient.getSecretValue("FX_PRICE_PUSHER_API_KEY");
|
|
67
|
+
if (!FX_PRICE_PUSHER_API_KEY) {
|
|
68
|
+
throw new common_1.SecretManagerError();
|
|
69
|
+
}
|
|
70
|
+
if (fxPricePusherApiKey.length === FX_PRICE_PUSHER_API_KEY.length &&
|
|
71
|
+
crypto_1.default.timingSafeEqual(Buffer.from(fxPricePusherApiKey), Buffer.from(FX_PRICE_PUSHER_API_KEY))) {
|
|
72
|
+
req.validFXPricePusherApiKey = true;
|
|
73
|
+
}
|
|
74
|
+
}))());
|
|
75
|
+
}
|
|
76
|
+
}
|
|
61
77
|
// Check for admin auth - only if needed
|
|
62
78
|
if (authorizationTypes.includes(common_1.AuthorizationType.AdminAuth)) {
|
|
63
79
|
const adminApiKey = req.header("x-admin-api-key");
|
|
@@ -266,6 +282,8 @@ const authorize = (req, res, next, mongoose, authorizationTypes) => __awaiter(vo
|
|
|
266
282
|
req.validClusterApiKey) ||
|
|
267
283
|
(authorizationTypes.includes(common_1.AuthorizationType.GenesisAdmin) &&
|
|
268
284
|
req.validGenisisAdminKey) ||
|
|
285
|
+
(authorizationTypes.includes(common_1.AuthorizationType.FXPricePusher) &&
|
|
286
|
+
req.validFXPricePusherApiKey) ||
|
|
269
287
|
(authorizationTypes.includes(common_1.AuthorizationType.Auth) && req.auth) ||
|
|
270
288
|
(authorizationTypes.includes(common_1.AuthorizationType.AuthMissing2FA) &&
|
|
271
289
|
req.auth &&
|
package/package.json
CHANGED
|
@@ -1,16 +1,12 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@riocrypto/common-server",
|
|
3
|
-
"version": "1.0.
|
|
3
|
+
"version": "1.0.2758",
|
|
4
4
|
"description": "",
|
|
5
5
|
"main": "./build/index.js",
|
|
6
6
|
"types": "./build/index.d.ts",
|
|
7
7
|
"files": [
|
|
8
8
|
"build/**/*"
|
|
9
9
|
],
|
|
10
|
-
"scripts": {
|
|
11
|
-
"clean": "rm -rf ./build/*",
|
|
12
|
-
"build": "npm run clean && tsc"
|
|
13
|
-
},
|
|
14
10
|
"keywords": [],
|
|
15
11
|
"author": "",
|
|
16
12
|
"license": "ISC",
|
|
@@ -28,7 +24,7 @@
|
|
|
28
24
|
"@google-cloud/secret-manager": "^5.6.0",
|
|
29
25
|
"@google-cloud/storage": "^7.19.0",
|
|
30
26
|
"@hyperdx/node-opentelemetry": "^0.10.3",
|
|
31
|
-
"@riocrypto/common": "^1.0.
|
|
27
|
+
"@riocrypto/common": "^1.0.2552",
|
|
32
28
|
"@slack/web-api": "^7.15.0",
|
|
33
29
|
"@types/express": "^4.17.25",
|
|
34
30
|
"axios": "1.13.6",
|
|
@@ -42,10 +38,15 @@
|
|
|
42
38
|
"jose": "^6.2.2",
|
|
43
39
|
"jsonwebtoken": "^9.0.3",
|
|
44
40
|
"lodash": "^4.17.23",
|
|
41
|
+
"logform": "2.7.0",
|
|
45
42
|
"mongoose": "^8.23.0",
|
|
46
43
|
"node-cache": "^5.1.2",
|
|
47
44
|
"uuid": "^9.0.1",
|
|
48
45
|
"winston": "^3.19.0",
|
|
49
46
|
"xss": "^1.0.15"
|
|
47
|
+
},
|
|
48
|
+
"scripts": {
|
|
49
|
+
"clean": "rm -rf ./build/*",
|
|
50
|
+
"build": "npm run clean && tsc"
|
|
50
51
|
}
|
|
51
|
-
}
|
|
52
|
+
}
|