@shushed/helpers 0.0.23 → 0.0.24

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (3) hide show
  1. package/dist/index.d.ts +5 -4
  2. package/dist/index.js +110 -20
  3. package/package.json +1 -1
package/dist/index.d.ts CHANGED
@@ -28715,19 +28715,20 @@ declare class Runtime {
28715
28715
  constructor(opts: Opts);
28716
28716
  }
28717
28717
 
28718
+ type Level = 'env' | 'workflow' | 'trigger';
28718
28719
  declare class EnvEngine extends Runtime {
28719
- docRef: DocumentReference;
28720
+ docRef: Record<Level, DocumentReference>;
28720
28721
  private store;
28721
28722
  constructor(opts: Opts, firestore: Firestore);
28722
28723
  set(envs: Array<{
28723
28724
  name: string;
28724
28725
  value: string;
28725
- }>): Promise<undefined>;
28726
+ }>, level?: Level, encryptWithValue?: string): Promise<undefined>;
28726
28727
  private initializeIfNeeded;
28727
- get<T extends ReadonlyArray<string>>(keys: T): Promise<{
28728
+ get<T extends ReadonlyArray<string>>(keys: T, level?: Level, decryptWithValue?: string): Promise<{
28728
28729
  [K in T[number]]: string;
28729
28730
  }>;
28730
- get(key: string): Promise<string>;
28731
+ get(key: string, level?: Level, decryptWithValue?: string): Promise<string>;
28731
28732
  }
28732
28733
 
28733
28734
  declare class PubSubHelper extends Runtime {
package/dist/index.js CHANGED
@@ -346,6 +346,9 @@ var sanitize = new import_deep_redact.DeepRedact({
346
346
  replaceStringByLength: true
347
347
  });
348
348
 
349
+ // src-public/env.ts
350
+ var crypto = __toESM(require("crypto"));
351
+
349
352
  // src-public/runtime.ts
350
353
  var DEFAULT_BRANCH = "migratedprod";
351
354
  var Runtime = class {
@@ -373,20 +376,39 @@ var Runtime = class {
373
376
  // src-public/env.ts
374
377
  var EnvEngine = class extends Runtime {
375
378
  docRef;
376
- store = {};
379
+ store;
377
380
  constructor(opts, firestore) {
378
381
  super(opts);
379
- this.docRef = firestore?.doc(`${this.workflowId}/${this.triggerId}/${this.envName}`);
382
+ this.docRef = {
383
+ env: firestore?.doc(`0/0/${this.envName}`),
384
+ workflow: firestore?.doc(`${this.workflowId}/0/${this.envName}`),
385
+ trigger: firestore?.doc(`${this.workflowId}/${this.triggerId}/${this.envName}`)
386
+ };
387
+ this.store = {
388
+ env: null,
389
+ workflow: null,
390
+ trigger: null
391
+ };
380
392
  }
381
- async set(envs) {
382
- await this.initializeIfNeeded();
393
+ async set(envs, level = "trigger", encryptWithValue) {
394
+ await this.initializeIfNeeded(level);
395
+ let aes = null;
396
+ if (encryptWithValue) {
397
+ aes = new AES256GCM(Buffer.from(encryptWithValue, "utf8"));
398
+ }
383
399
  const obj = envs.filter((env) => env.name).reduce(
384
- (prev, curr) => ({ ...prev, [curr.name]: curr.value }),
400
+ (prev, curr) => {
401
+ let value = curr.value;
402
+ if (aes) {
403
+ value = aes.encrypt(curr.value);
404
+ }
405
+ return { ...prev, [curr.name]: value };
406
+ },
385
407
  {}
386
408
  );
387
- if (this.docRef) {
409
+ if (this.docRef[level]) {
388
410
  try {
389
- await this.docRef.set(
411
+ await this.docRef[level].set(
390
412
  obj,
391
413
  { merge: true }
392
414
  );
@@ -394,36 +416,104 @@ var EnvEngine = class extends Runtime {
394
416
  throw new Error(`Failed to set the ${envs.map((x) => x.name).join(", ")}. Error: ${err.message}`);
395
417
  }
396
418
  }
397
- Object.assign(this.store, obj);
419
+ Object.assign(this.store[level], obj);
398
420
  return void 0;
399
421
  }
400
- async initializeIfNeeded() {
401
- if (!this.store) {
402
- if (this.docRef) {
403
- const docSnapshot = await this.docRef.get();
422
+ async initializeIfNeeded(level = "trigger") {
423
+ if (!this.store[level]) {
424
+ if (this.docRef[level]) {
425
+ const docSnapshot = await this.docRef[level].get();
404
426
  const data = docSnapshot.data();
405
- this.store = {};
427
+ this.store[level] = {};
406
428
  for (const k in data) {
407
429
  const v = data[k];
408
- this.store[k] = typeof v !== "string" ? `${v === null || typeof v === "undefined" ? "" : `${v}`}` : v;
430
+ this.store[level][k] = typeof v !== "string" ? `${v === null || typeof v === "undefined" ? "" : `${v}`}` : v;
409
431
  }
410
432
  } else {
411
- this.store = {};
433
+ this.store[level] = {};
412
434
  }
413
435
  }
414
436
  }
415
- async get(keys) {
416
- await this.initializeIfNeeded();
437
+ async get(keys, level = "trigger", decryptWithValue) {
438
+ await this.initializeIfNeeded(level);
439
+ let aes = null;
440
+ if (decryptWithValue) {
441
+ aes = new AES256GCM(Buffer.from(decryptWithValue, "utf8"));
442
+ }
417
443
  if (typeof keys === "string") {
418
- return this.store?.[keys] || "";
444
+ try {
445
+ if (aes) {
446
+ return aes.decrypt(this.store[level]?.[keys] || "");
447
+ }
448
+ } catch (err) {
449
+ return "";
450
+ }
451
+ return this.store[level]?.[keys] || "";
419
452
  }
420
453
  return keys.reduce((acc, k) => {
421
- const v = this.store?.[k];
422
- acc[k] = typeof v !== "string" ? `${v === null || typeof v === "undefined" ? "" : `${v}`}` : v;
454
+ const v = this.store[level]?.[k];
455
+ if (aes && typeof v === "string") {
456
+ try {
457
+ acc[k] = aes.decrypt(v);
458
+ } catch (err) {
459
+ acc[k] = "";
460
+ }
461
+ } else {
462
+ acc[k] = typeof v !== "string" ? `${v === null || typeof v === "undefined" ? "" : `${v}`}` : v;
463
+ }
423
464
  return acc;
424
465
  }, {});
425
466
  }
426
467
  };
468
+ var AES256GCM = class {
469
+ normalizedKey;
470
+ constructor(key) {
471
+ this.normalizedKey = crypto.createHash("sha256").update(key).digest().slice(0, 32);
472
+ }
473
+ // Pad payload to a multiple of 8 bytes
474
+ pad(payload) {
475
+ const padLength = 8 - payload.length % 8;
476
+ return Buffer.concat([payload, Buffer.alloc(padLength, padLength)]);
477
+ }
478
+ getNormalizedKey() {
479
+ return this.getNormalizedKey;
480
+ }
481
+ // Wrapping function
482
+ encrypt(payload) {
483
+ const normalizedWrappingKey = this.normalizedKey;
484
+ const paddedPayload = this.pad(Buffer.from(payload));
485
+ const iv = crypto.randomBytes(12);
486
+ const cipher = crypto.createCipheriv(
487
+ "aes-256-gcm",
488
+ normalizedWrappingKey,
489
+ iv
490
+ );
491
+ const encryptedPayload = Buffer.concat([
492
+ cipher.update(paddedPayload),
493
+ cipher.final()
494
+ ]);
495
+ const authTag = cipher.getAuthTag();
496
+ return encryptedPayload.toString("base64") + "." + iv.toString("base64") + "." + authTag.toString("base64");
497
+ }
498
+ decrypt(payload) {
499
+ const [encryptedKey64, iv64, authTag64] = payload.split(".");
500
+ const encryptedPayload = Buffer.from(encryptedKey64, "base64");
501
+ const iv = Buffer.from(iv64, "base64");
502
+ const authTag = Buffer.from(authTag64, "base64");
503
+ const decipher = crypto.createDecipheriv(
504
+ "aes-256-gcm",
505
+ this.normalizedKey,
506
+ iv
507
+ );
508
+ decipher.setAuthTag(authTag);
509
+ const paddedKey = Buffer.concat([
510
+ decipher.update(encryptedPayload),
511
+ decipher.final()
512
+ ]);
513
+ const padLength = paddedKey[paddedKey.length - 1];
514
+ return paddedKey.slice(0, -padLength).toString();
515
+ }
516
+ };
427
517
  var env_default = EnvEngine;
428
518
 
429
519
  // src-public/pubsub.ts
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@shushed/helpers",
3
- "version": "0.0.23",
3
+ "version": "0.0.24",
4
4
  "author": "",
5
5
  "license": "UNLICENSED",
6
6
  "description": "",