npm - @w3-commons/js-build-resources - Versions diffs - 0.0.1-security → 1.0.4 - Mend

@w3-commons/js-build-resources 0.0.1-security → 1.0.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Potentially problematic release.

This version of @w3-commons/js-build-resources might be problematic. Click here for more details.

Files changed (98) hide show

package/settings-service/src/repo/ApiKeyRepo.ts ADDED Viewed

@@ -0,0 +1,135 @@
+import { types } from 'dse-driver';
+import * as _ from 'lodash';
+import { NotFoundError } from 'restify-errors';
+import { settings } from '../config/config';
+import { logger } from '../logger/logger';
+import { ApiKey } from '../types/ApiKey';
+import { createRandomToken, decrypt, encrypt } from '../helpers/commons';
+import * as apiKeyQueries from './apiKeyQueries';
+import { cassandraDBHelpers } from './cassandraDBHelpers';
+export interface ApiKeyRepo {
+  getApiKey(appId: string): Promise<ApiKey>;
+  createApiKey(appId: string, createdBy: string): Promise<string>;
+  updateApiKey(appId: string, updatedBy: string): Promise<string>;
+}
+export class ApiKeyRepoImpl {
+  /**
+   * This method returns the API key for the provided appId stored in Cassandra DB.
+   *
+   * @param appId
+   */
+  public async getApiKey(appId: string): Promise<ApiKey> {
+    return cassandraDBHelpers
+      .execute(apiKeyQueries.selectApiKeyByAppId, apiKeyQueries.appKeyPKeyValues(_.toLower(appId)))
+      .then((result: types.ResultSet) => {
+        const row = result.first();
+        if (row === null) {
+          throw new NotFoundError(`ApiKey for the appId: ${JSON.stringify(appId)} doesn't exist.`);
+        }
+        const apiKey: Promise<ApiKey> = apiKeyQueries.rowToApiKey(JSON.parse(row['[json]']));
+        return apiKey;
+      })
+      .catch((err) => {
+        logger.error(`${ApiKeyRepoImpl.name} | ${this.getApiKey.name}() | Error (getApiKey): ${err}`);
+        throw err;
+      });
+  }
+  /**
+   * This method creates a new api key for the provided appId.
+   *
+   * @param appId
+   * @param createdBy
+   */
+  public async createApiKey(appId: string, createdBy: string): Promise<string> {
+    let apiKey: ApiKey;
+    // Check if api key exists for the provided appId. If exists, return it without
+    // creating new key.
+    try {
+      apiKey = await this.getApiKey(appId);
+      logger.debug(
+        `${ApiKeyRepoImpl.name} | ${this.createApiKey.name}() | API key already exists for the appId: ${appId}`,
+      );
+      logger.debug(`${ApiKeyRepoImpl.name} | ${this.createApiKey.name}() | API key: ${apiKey.key}`);
+      return apiKey.key;
+    } catch (err) {
+      if (err instanceof NotFoundError) {
+        logger.info(
+          `${ApiKeyRepoImpl.name} | ${this.createApiKey.name}() | API key doesn't exist for the appId: ${appId}. Will attempt to create new.`,
+        );
+      } else {
+        logger.error(err);
+        throw Error(`Unable to create API key. Please try again later.`);
+      }
+    }
+    logger.info(`${ApiKeyRepoImpl.name} | ${this.createApiKey.name}() | Creating new API key...`);
+    let apiToken = createRandomToken(); // create new random api token
+    await encrypt(apiToken, settings.aesEncryptionKey).then((value) => {
+      apiToken = value;
+    });
+    apiKey = apiKeyQueries.getApiKeyInstance(appId, apiToken, createdBy);
+    return cassandraDBHelpers
+      .execute(apiKeyQueries.insertApiKeyQuery, apiKeyQueries.apiKeyToDBParams(apiKey))
+      .then(() => {
+        logger.info(
+          `${ApiKeyRepoImpl.name} | ${this.createApiKey.name}() | API key created for appId ${appId}.`,
+        );
+        return decrypt(apiKey.key, settings.aesEncryptionKey);
+      })
+      .catch((error) => {
+        logger.error(
+          `${ApiKeyRepoImpl.name} | ${this.createApiKey.name}() | Error while creating api key ${error}`,
+        );
+        throw Error('Unable to create API key. Please try again later.');
+      });
+  }
+  /**
+   * This method updates api key for the provided appId.
+   *
+   * @param appId
+   * @param updatedBy
+   */
+  public async updateApiKey(appId: string, updatedBy: string): Promise<string> {
+    // Check if api key exists for the provided appId. If exists,
+    // update api key.
+    try {
+      await this.getApiKey(appId);
+    } catch (err) {
+      if (err instanceof NotFoundError) {
+        logger.info(
+          `${ApiKeyRepoImpl.name} | ${this.updateApiKey.name}() | API key does not exist for the appId: ${appId}`,
+        );
+        throw Error(`API key doesn't exist for the appId`);
+      } else {
+        logger.error(`${ApiKeyRepoImpl.name} | ${this.updateApiKey.name}() | Err: ${JSON.stringify(err)}`);
+        throw Error(`Unable to update API key. Please try again later.`);
+      }
+    }
+    logger.info(`${ApiKeyRepoImpl.name} | ${this.updateApiKey.name}() | Updating api key...`);
+    let apiToken = createRandomToken(); // create new random api token
+    await encrypt(apiToken, settings.aesEncryptionKey).then((value) => {
+      apiToken = value;
+    });
+    const apiKey = apiKeyQueries.getApiKeyInstance(appId, apiToken, updatedBy);
+    return cassandraDBHelpers
+      .execute(apiKeyQueries.updateApiKeyQuery, [apiToken, appId])
+      .then(() => {
+        logger.info(
+          `${ApiKeyRepoImpl.name} | ${this.updateApiKey.name}() | API key updated for appId: ${appId}.`,
+        );
+        return decrypt(apiKey.key, settings.aesEncryptionKey);
+      })
+      .catch((error) => {
+        logger.error(
+          `${ApiKeyRepoImpl.name} | ${this.updateApiKey.name}() | Error while updating api key ${error}`,
+        );
+        throw Error(`Unable to update Api key. Please try again later.`);
+      });
+  }
+}

package/settings-service/src/repo/ApiKeyRepoFactory.ts ADDED Viewed

@@ -0,0 +1,10 @@
+import { ApiKeyRepoImpl } from './ApiKeyRepo';
+export class ApiKeyRepoFactory {
+  private static singleton: ApiKeyRepoImpl;
+  static accessOrCreateSingleton(): ApiKeyRepoImpl {
+    this.singleton = this.singleton || new ApiKeyRepoImpl();
+    return this.singleton;
+  }
+}

package/settings-service/src/repo/CassandraClient.ts ADDED Viewed

@@ -0,0 +1,33 @@
+import { Client, types } from 'dse-driver';
+import { logger } from '../logger/logger';
+import { settings } from '../config/config';
+export class CassandraClient {
+  public client: Client;
+  constructor() {
+    const cassandraClientSetup =
+      process.env.NODE_ENV === 'dev'
+        ? {
+            contactPoints: [settings.cassandraLocalHost],
+            keyspace: settings.cassandraLocalKeyspace,
+            protocolOptions: { maxVersion: types.protocolVersion.v4 },
+            localDataCenter: 'datacenter1',
+          }
+        : {
+            cloud: {
+              secureConnectBundle: settings.cassandraCertsFilePath,
+            },
+            credentials: {
+              username: settings.cassandraUsername,
+              password: settings.cassandraPassword,
+            },
+            keyspace: settings.cassandraKeyspace,
+          };
+    try {
+      this.client = new Client(cassandraClientSetup);
+    } catch (err) {
+      logger.error('Error creating Cassandra Client', err);
+    }
+  }
+}

package/settings-service/src/repo/CassandraClientFactory.ts ADDED Viewed

@@ -0,0 +1,11 @@
+import { Client } from 'dse-driver';
+import { CassandraClient } from './CassandraClient';
+export class CassandraClientFactory {
+  private static client: Client;
+  static accessOrCreateSingleton(): Client {
+    this.client = this.client || new CassandraClient().client;
+    return this.client;
+  }
+}

package/settings-service/src/repo/apiKeyQueries.ts ADDED Viewed

@@ -0,0 +1,64 @@
+import { types } from 'dse-driver';
+import { toLower, toUpper } from 'lodash';
+import { settings } from '../config/config';
+import { logger } from '../logger/logger';
+import { ApiKey } from '../types/ApiKey';
+import { decrypt } from '../helpers/commons';
+const CLASS_NAME = 'ApiKeyRepoQueries';
+export function apiKeysTableName(): string {
+  return 'apiKeys';
+}
+export const apiKeyFields = ['app_id', 'key', 'created_by', 'created_date', 'updated_date'];
+export const selectApiKeyByAppId = `select JSON * from apiKeys where app_id= ?`;
+export const apiKeyInsertFields = apiKeyFields.join(',');
+export const apiKeyInsertParams = apiKeyFields.map(() => '?').join(',');
+export const insertApiKeyQuery = `insert into ${apiKeysTableName()}
+(${apiKeyInsertFields}) values
+(${apiKeyInsertParams})`;
+export const updateApiKeyQuery = `update ${apiKeysTableName()} set key = ?
+where app_id = ?`;
+export const deleteApiKeyQuery = `delete from ${apiKeysTableName()} where app_id = ?`;
+export function apiKeyToDBParams(apiKey: ApiKey): Array<string | Date> {
+  return [
+    toLower(apiKey.appId),
+    apiKey.key,
+    toUpper(apiKey.createdBy),
+    apiKey.createdDate,
+    apiKey.updatedDate,
+  ];
+}
+export function appKeyPKeyValues(appId: string): string[] {
+  const pkValues = [toLower(appId)];
+  logger.debug(`${CLASS_NAME} | ${appKeyPKeyValues.name}() | appKeyPKeyValues: ${pkValues}`);
+  return pkValues;
+}
+export async function rowToApiKey(row: types.Row): Promise<ApiKey> {
+  const decryptedKey: string = await decrypt(row.key, settings.aesEncryptionKey);
+  const apiKey: ApiKey = {
+    appId: row.app_id,
+    key: decryptedKey,
+    createdBy: row.createdBy,
+    createdDate: row.createdDate,
+    updatedDate: row.updatedDate,
+  };
+  logger.debug('Returning api key: ', apiKey, 'Row: ', row);
+  return apiKey;
+}
+export function getApiKeyInstance(appId: string, key: string, createdBy: string): ApiKey {
+  const now = new Date();
+  const apiKey: ApiKey = {
+    appId,
+    key,
+    createdBy,
+    createdDate: now,
+    updatedDate: now,
+  };
+  return apiKey;
+}

package/settings-service/src/repo/cassandraDBHelpers.ts ADDED Viewed

@@ -0,0 +1,119 @@
+import * as dotenv from 'dotenv';
+import { merge } from 'lodash';
+import { types, QueryOptions, ArrayOrObject } from 'dse-driver';
+import { BatchQuery, UserSettingsDBRow } from '../types/settingsRepoTypes';
+import { QueryResults } from '../types/QueryResultsTypes';
+import { CassandraClientFactory } from './CassandraClientFactory';
+dotenv.config();
+const client = CassandraClientFactory.accessOrCreateSingleton();
+export async function single(
+  query: string,
+  whereValues: (string | Date)[],
+  options?: QueryOptions,
+): Promise<types.Row> {
+  return new Promise((resolve: (row: types.Row) => void, reject: (err: Error) => void): void => {
+    const queryOptions = merge(
+      {
+        prepare: true,
+        consistency: types.consistencies.localQuorum,
+      },
+      options,
+    );
+    client.execute(query, whereValues, queryOptions, (err: Error, result: types.ResultSet) => {
+      if (err) {
+        reject(err);
+      } else {
+        const row: types.Row | null = result.first();
+        if (row === undefined || row === null) {
+          resolve(row as types.Row);
+        } else if (row !== null) {
+          resolve(row);
+        }
+      }
+    });
+  });
+}
+export async function batch(queries: BatchQuery[], options?: QueryOptions): Promise<types.ResultSet> {
+  const queryOptions = merge(
+    {
+      prepare: true,
+      consistency: types.consistencies.localQuorum,
+    },
+    options,
+  );
+  return client.batch(queries, queryOptions);
+}
+export async function shutdown(): Promise<void> {
+  client.shutdown();
+}
+export async function execute(
+  query: string,
+  params?: ArrayOrObject,
+  options?: QueryOptions,
+): Promise<types.ResultSet> {
+  const queryOptions = merge(
+    {
+      prepare: true,
+      consistency: types.consistencies.localQuorum,
+    },
+    options,
+  );
+  return client.execute(query, params, queryOptions);
+}
+export async function paginate(
+  query: string,
+  params: string[],
+  options?: QueryOptions,
+): Promise<QueryResults> {
+  const queryOptions = merge(
+    {
+      prepare: true,
+      consistency: types.consistencies.localQuorum,
+    },
+    options,
+  );
+  if (options && !options.pageState) {
+    delete queryOptions.pageState;
+  }
+  const queryResults: QueryResults = {};
+  const resultsArray: UserSettingsDBRow[] = [];
+  // tslint:disable-next-line
+  return new Promise<QueryResults>((resolve, reject) => {
+    client.eachRow(
+      query,
+      params,
+      queryOptions,
+      (n, result) => {
+        resultsArray.push(result as unknown as UserSettingsDBRow);
+      },
+      (err, result) => {
+        if (err) {
+          reject(err);
+        } else {
+          queryResults.settings = resultsArray;
+          queryResults.pageState = result.pageState;
+          resolve(queryResults);
+        }
+      },
+    );
+  });
+}
+export const cassandraDBHelpers = {
+  batch,
+  execute,
+  single,
+  shutdown,
+  paginate,
+};