npm - @shushed/helpers - Versions diffs - 0.0.171 → 0.0.172 - Mend

@shushed/helpers 0.0.171 → 0.0.172

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (3) hide show

package/dist/index.d.ts CHANGED Viewed

@@ -33624,6 +33624,7 @@ declare class EnvEngine extends Runtime {
         workflowId: string;
         triggerId: string;
     }): <T extends unknown>(fn: (value: string, requestCacheRefresh?: (() => void) | undefined) => T | Promise<T>) => Promise<T>;
+    resolveEnvName(envName: string): string;
     checkGoogleIdentiyToken(accessToken: string, audience?: {
         workflowId?: string;
         triggerId?: string;
@@ -34172,6 +34173,7 @@ type RequiredTriggerOptions = {
 declare class ActionHelper<C extends Record<string, any>, O extends RequiredTriggerOptions, R> {
     private onExecuteFunction;
     actionOptions: ActionHelperOptions;
+    private envEngine;
     flags: Record<string, boolean>;
     opts: O | null;
     config: C | null;

package/dist/index.js CHANGED Viewed

@@ -106867,6 +106867,14 @@ var EnvEngine = class extends Runtime {
     const expectedAudience = [process.env.GCLOUD_PROJECT, audienceNorm.workflowId, audienceNorm.triggerId].filter((x) => x !== null).join("-");
     return this.with(`google_identity_token_${serviceName}_${expectedAudience}`, "env", { encrypted: true, ephemeralMs: 10 * 60 * 1e3, fetch: () => getIdentityToken(expectedAudience) });
   }
+  resolveEnvName(envName) {
+    if (!this._envCache[this.systemEnvName]) {
+      const jsonEnv = JSON.parse(process.env[`${this.systemEnvName}ProjectEnv`] || "{}");
+      this._envCache[this.systemEnvName] = jsonEnv;
+    }
+    const envObj = this._envCache[this.systemEnvName];
+    return envObj[envName] || envName;
+  }
   async checkGoogleIdentiyToken(accessToken, audience, allowedServiceAccounts = [`runtime@${process.env.GCLOUD_PROJECT}.iam.gserviceaccount.com`]) {
     if (!accessToken) {
       return false;
@@ -108765,6 +108773,7 @@ var import_rate_limiter_flexible = require("rate-limiter-flexible");
 var ActionHelper = class _ActionHelper {
   onExecuteFunction;
   actionOptions;
+  envEngine = null;
   flags = {};
   opts = null;
   config = null;
@@ -108914,15 +108923,7 @@ var ActionHelper = class _ActionHelper {
     return this.getTopicName(false);
   }
   resolveEnvName(envName) {
-    if (!this.runtime) {
-      throw new Error("Invariant. preOnExecute must be called first");
-    }
-    if (!this._envCache[this.runtime.systemEnvName]) {
-      const jsonEnv = JSON.parse(process.env[`${this.runtime.systemEnvName}ProjectEnv`] || "{}");
-      this._envCache[this.runtime.systemEnvName] = jsonEnv;
-    }
-    const envObj = this._envCache[this.runtime.systemEnvName];
-    return envObj[envName] || envName;
+    return this.getEnvEngine().resolveEnvName(envName);
   }
   resolveSecret(secretName) {
     if (!this.runtime) {
@@ -108977,8 +108978,10 @@ var ActionHelper = class _ActionHelper {
     if (!this.runtime) {
       throw new Error("Invariant. Runtime must be set on the context first");
     }
-    const envEngine = new env_default(this.runtime, getFirestore(this.runtime.systemEnvName));
-    return envEngine;
+    if (!this.envEngine) {
+      this.envEngine = new env_default(this.runtime);
+    }
+    return this.envEngine;
   }
   getRespectfulNudgeStatus(topicName, {
     rnWorkflowTriggerId,
@@ -109366,7 +109369,7 @@ var TriggerHelper = class {
       };
       if (reqIsRespectfulNudge) {
         const authHeader = options.request.headers.authorization || options.request.headers.Authorization || "";
-        const allowedServiceAccounts = this.actions[0].resolveEnvName("RESPECTFUL_NUDGE_SERVICE_ACCOUNT");
+        const allowedServiceAccounts = envEngine.resolveEnvName("RESPECTFUL_NUDGE_SERVICE_ACCOUNT");
         const serviceAccount = await envEngine.checkGoogleIdentiyToken(authHeader.slice("Bearer ".length), void 0, [allowedServiceAccounts]);
         if (!serviceAccount) {
           optionsEnchanced.req.throw(401, `Invalid Authorization Header`);
@@ -109411,7 +109414,7 @@ var TriggerHelper = class {
           return;
         }
         if (authHeader.split(".").length === 3) {
-          const allowedServiceAccounts = [defaultServiceAccount, ...this.actions.map((x) => x.actionOptions.routingConditions?.api?.roles.map((y) => y.indexOf("process.env.") === 0 ? x.resolveEnvName(y.slice("process.env.".length)) : y)).flat().filter((x) => x?.includes("@"))];
+          const allowedServiceAccounts = [defaultServiceAccount, ...this.actions.map((x) => x.actionOptions.routingConditions?.api?.roles.map((y) => y.indexOf("process.env.") === 0 ? envEngine.resolveEnvName(y.slice("process.env.".length)) : y)).flat().filter((x) => x?.includes("@"))];
           const serviceAccount = await envEngine.checkGoogleIdentiyToken(authHeader.slice("Bearer ".length), void 0, allowedServiceAccounts);
           if (serviceAccount) {
             if (serviceAccount === defaultServiceAccount) {
@@ -109520,7 +109523,7 @@ var TriggerHelper = class {
                 let name = x;
                 if (x.indexOf("process.env.") === 0) {
                   const envName = name.slice("process.env.".length);
-                  name = action.resolveEnvName(envName);
+                  name = envEngine.resolveEnvName(envName);
                   if (name === envName) {
                     options.logging.log(`The role ${x} is not specified in the environment variables. Ignoring it from the role check.`);
                     return null;

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@shushed/helpers",
-  "version": "0.0.171",
+  "version": "0.0.172",
   "author": "",
   "license": "UNLICENSED",
   "description": "",