@webex/internal-plugin-encryption 3.0.0-beta.4 → 3.0.0-beta.400

package/dist/kms.js

@@ -1,77 +1,47 @@
 "use strict";
 
 var _typeof = require("@babel/runtime-corejs2/helpers/typeof");
-
 var _WeakMap2 = require("@babel/runtime-corejs2/core-js/weak-map");
-
 var _Object$defineProperty = require("@babel/runtime-corejs2/core-js/object/define-property");
-
 var _Object$getOwnPropertyDescriptor2 = require("@babel/runtime-corejs2/core-js/object/get-own-property-descriptor");
-
 var _interopRequireDefault = require("@babel/runtime-corejs2/helpers/interopRequireDefault");
-
 _Object$defineProperty(exports, "__esModule", {
   value: true
 });
-
 exports.default = void 0;
-
 var _slicedToArray2 = _interopRequireDefault(require("@babel/runtime-corejs2/helpers/slicedToArray"));
-
 var _applyDecoratedDescriptor2 = _interopRequireDefault(require("@babel/runtime-corejs2/helpers/applyDecoratedDescriptor"));
-
 var _weakMap = _interopRequireDefault(require("@babel/runtime-corejs2/core-js/weak-map"));
-
 var _promise = _interopRequireDefault(require("@babel/runtime-corejs2/core-js/promise"));
-
 var _stringify = _interopRequireDefault(require("@babel/runtime-corejs2/core-js/json/stringify"));
-
 var _now = _interopRequireDefault(require("@babel/runtime-corejs2/core-js/date/now"));
-
 var _getOwnPropertyDescriptor = _interopRequireDefault(require("@babel/runtime-corejs2/core-js/object/get-own-property-descriptor"));
-
 var _omit2 = _interopRequireDefault(require("lodash/omit"));
-
 var _querystring = _interopRequireDefault(require("querystring"));
-
 var _util = _interopRequireDefault(require("util"));
-
 var _commonTimers = require("@webex/common-timers");
-
 var _common = require("@webex/common");
-
 var _webexCore = require("@webex/webex-core");
-
 var _nodeKms = require("node-kms");
-
 var _nodeJose = _interopRequireDefault(require("node-jose"));
-
 var _uuid = _interopRequireDefault(require("uuid"));
-
 var _kmsBatcher = _interopRequireWildcard(require("./kms-batcher"));
-
 var _kmsCertificateValidation = _interopRequireWildcard(require("./kms-certificate-validation"));
-
 var _dec, _obj;
-
 function _getRequireWildcardCache(nodeInterop) { if (typeof _WeakMap2 !== "function") return null; var cacheBabelInterop = new _WeakMap2(); var cacheNodeInterop = new _WeakMap2(); return (_getRequireWildcardCache = function _getRequireWildcardCache(nodeInterop) { return nodeInterop ? cacheNodeInterop : cacheBabelInterop; })(nodeInterop); }
-
 function _interopRequireWildcard(obj, nodeInterop) { if (!nodeInterop && obj && obj.__esModule) { return obj; } if (obj === null || _typeof(obj) !== "object" && typeof obj !== "function") { return { default: obj }; } var cache = _getRequireWildcardCache(nodeInterop); if (cache && cache.has(obj)) { return cache.get(obj); } var newObj = {}; var hasPropertyDescriptor = _Object$defineProperty && _Object$getOwnPropertyDescriptor2; for (var key in obj) { if (key !== "default" && Object.prototype.hasOwnProperty.call(obj, key)) { var desc = hasPropertyDescriptor ? _Object$getOwnPropertyDescriptor2(obj, key) : null; if (desc && (desc.get || desc.set)) { _Object$defineProperty(newObj, key, desc); } else { newObj[key] = obj[key]; } } } newObj.default = obj; if (cache) { cache.set(obj, newObj); } return newObj; }
-
 var contexts = new _weakMap.default();
 var kmsDetails = new _weakMap.default();
 var partialContexts = new _weakMap.default();
-
 var consoleDebug = require('debug')('kms');
+
 /**
  * @class
  */
-
-
 var KMS = _webexCore.WebexPlugin.extend((_dec = (0, _common.oneFlight)({
   keyFactory: function keyFactory(_ref) {
     var uri = _ref.uri,
-        onBehalfOf = _ref.onBehalfOf;
+      onBehalfOf = _ref.onBehalfOf;
     return "".concat(uri, "/").concat(onBehalfOf);
   }
 }), (_obj = {
@@ -79,7 +49,6 @@ var KMS = _webexCore.WebexPlugin.extend((_dec = (0, _common.oneFlight)({
   children: {
     batcher: _kmsBatcher.default
   },
-
   /**
    * Binds a key to a resource
    * @param {Object} options
@@ -91,37 +60,32 @@ var KMS = _webexCore.WebexPlugin.extend((_dec = (0, _common.oneFlight)({
    */
   bindKey: function bindKey(_ref2) {
     var _this = this;
-
     var kro = _ref2.kro,
-        kroUri = _ref2.kroUri,
-        key = _ref2.key,
-        keyUri = _ref2.keyUri;
+      kroUri = _ref2.kroUri,
+      key = _ref2.key,
+      keyUri = _ref2.keyUri;
     kroUri = kroUri || kro.uri;
     keyUri = keyUri || key.uri;
     this.logger.info('kms: binding key to resource');
-    /* istanbul ignore if */
 
+    /* istanbul ignore if */
     if (!kroUri) {
       return _promise.default.reject(new Error('`kro` or `kroUri` is required'));
     }
-    /* istanbul ignore if */
-
 
+    /* istanbul ignore if */
     if (!keyUri) {
       return _promise.default.reject(new Error('`key` or `keyUri` is required'));
     }
-
     return this.request({
       method: 'update',
       resourceUri: kroUri,
       uri: keyUri
     }).then(function (res) {
       _this.logger.info('kms: bound key to resource');
-
       return res.key;
     });
   },
-
   /**
    * Creates a new KMS Resource
    * @param {Object} options
@@ -133,33 +97,28 @@ var KMS = _webexCore.WebexPlugin.extend((_dec = (0, _common.oneFlight)({
    */
   createResource: function createResource(_ref3) {
     var _this2 = this;
-
     var userIds = _ref3.userIds,
-        keyUris = _ref3.keyUris,
-        key = _ref3.key,
-        keys = _ref3.keys;
+      keyUris = _ref3.keyUris,
+      key = _ref3.key,
+      keys = _ref3.keys;
     keyUris = keyUris || [];
     /* istanbul ignore if */
-
     if (keys) {
       keyUris = keys.reduce(function (uris, k) {
         uris.push(k.uri);
         return uris;
       }, keyUris);
     }
-    /* istanbul ignore else */
-
 
+    /* istanbul ignore else */
     if (key) {
       keyUris.push(key.uri);
     }
-    /* istanbul ignore if */
-
 
+    /* istanbul ignore if */
     if (keyUris.length === 0) {
       return _promise.default.reject(new Error('Cannot create KMS Resource without at least one keyUri'));
     }
-
     this.logger.info('kms: creating resource');
     return this.request({
       method: 'create',
@@ -168,11 +127,9 @@ var KMS = _webexCore.WebexPlugin.extend((_dec = (0, _common.oneFlight)({
       keyUris: keyUris
     }).then(function (res) {
       _this2.logger.info('kms: created resource');
-
       return res.resource;
     });
   },
-
   /**
    * Authorizes a user or KRO to a KRO
    * @param {Object} options
@@ -184,30 +141,25 @@ var KMS = _webexCore.WebexPlugin.extend((_dec = (0, _common.oneFlight)({
    */
   addAuthorization: function addAuthorization(_ref4) {
     var _this3 = this;
-
     var userIds = _ref4.userIds,
-        authIds = _ref4.authIds,
-        kro = _ref4.kro,
-        kroUri = _ref4.kroUri;
+      authIds = _ref4.authIds,
+      kro = _ref4.kro,
+      kroUri = _ref4.kroUri;
     userIds = userIds || [];
     kroUri = kroUri || kro.uri;
-
     if (authIds) {
       userIds = userIds.concat(authIds);
     }
-    /* istanbul ignore if */
-
 
+    /* istanbul ignore if */
     if (userIds.length === 0) {
       return _promise.default.reject(new Error('Cannot add authorization without userIds or authIds'));
     }
-    /* istanbul ignore if */
-
 
+    /* istanbul ignore if */
     if (!kroUri) {
       return _promise.default.reject(new Error('`kro` or `kroUri` is required'));
     }
-
     this.logger.info('kms: adding authorization to kms resource');
     return this.request({
       method: 'create',
@@ -216,11 +168,9 @@ var KMS = _webexCore.WebexPlugin.extend((_dec = (0, _common.oneFlight)({
       userIds: userIds
     }).then(function (res) {
       _this3.logger.info('kms: added authorization');
-
       return res.authorizations;
     });
   },
-
   /**
    * Retrieve a list of users that have been authorized to the KRO
    * @param {Object} options
@@ -230,26 +180,21 @@ var KMS = _webexCore.WebexPlugin.extend((_dec = (0, _common.oneFlight)({
    */
   listAuthorizations: function listAuthorizations(_ref5) {
     var _this4 = this;
-
     var kro = _ref5.kro,
-        kroUri = _ref5.kroUri;
+      kroUri = _ref5.kroUri;
     kroUri = kroUri || kro.uri;
     /* istanbul ignore if */
-
     if (!kroUri) {
       return _promise.default.reject(new Error('`kro` or `kroUri` is required'));
     }
-
     return this.request({
       method: 'retrieve',
       uri: "".concat(kroUri, "/authorizations")
     }).then(function (res) {
       _this4.logger.info('kms: retrieved authorization list');
-
       return res.authorizations;
     });
   },
-
   /**
    * Deauthorizes a user or KRO from a KRO
    * @param {Object} options
@@ -261,25 +206,22 @@ var KMS = _webexCore.WebexPlugin.extend((_dec = (0, _common.oneFlight)({
    */
   removeAuthorization: function removeAuthorization(_ref6) {
     var _this5 = this;
-
     var authId = _ref6.authId,
-        userId = _ref6.userId,
-        kro = _ref6.kro,
-        kroUri = _ref6.kroUri;
+      userId = _ref6.userId,
+      kro = _ref6.kro,
+      kroUri = _ref6.kroUri;
     authId = authId || userId;
     kroUri = kroUri || kro.uri;
-    /* istanbul ignore if */
 
+    /* istanbul ignore if */
     if (!authId) {
       return _promise.default.reject(new Error('Cannot remove authorization without authId'));
     }
-    /* istanbul ignore if */
-
 
+    /* istanbul ignore if */
     if (!kroUri) {
       return _promise.default.reject(new Error('`kro` or `kroUri` is required'));
     }
-
     this.logger.info('kms: removing authorization from kms resource');
     return this.request({
       method: 'delete',
@@ -288,11 +230,9 @@ var KMS = _webexCore.WebexPlugin.extend((_dec = (0, _common.oneFlight)({
       }))
     }).then(function (res) {
       _this5.logger.info('kms: removed authorization');
-
       return res.authorizations;
     });
   },
-
   /**
    * Requests `count` unbound keys from the kms
    * @param {Object} options
@@ -301,33 +241,28 @@ var KMS = _webexCore.WebexPlugin.extend((_dec = (0, _common.oneFlight)({
    */
   createUnboundKeys: function createUnboundKeys(_ref7) {
     var _this6 = this;
-
     var count = _ref7.count;
     this.logger.info("kms: request ".concat(count, " unbound keys"));
-    /* istanbul ignore if */
 
+    /* istanbul ignore if */
     if (!count) {
       return _promise.default.reject(new Error('`options.count` is required'));
     }
-
     return this.request({
       method: 'create',
       uri: '/keys',
       count: count
     }).then(function (res) {
       _this6.logger.info('kms: received unbound keys');
-
       return _promise.default.all(res.keys.map(_this6.asKey));
     });
   },
-
   /**
-  * @typedef {Object} FetchPublicKeyResponse
-  * @property {number} status 200,400(Bad Request: Request payload missing info),404(Not Found: HSM Public Key not found),501(Not Implemented: This KMS does not support BYOK),502(Bad Gateway: KMS could not communicate with HSM)
-  * @property {UUID} requestId this is should be unique, used for debug.
-  * @property {string} publicKey
-  */
-
+   * @typedef {Object} FetchPublicKeyResponse
+   * @property {number} status 200,400(Bad Request: Request payload missing info),404(Not Found: HSM Public Key not found),501(Not Implemented: This KMS does not support BYOK),502(Bad Gateway: KMS could not communicate with HSM)
+   * @property {UUID} requestId this is should be unique, used for debug.
+   * @property {string} publicKey
+   */
   /**
    * get public key from kms
    * @param {Object} options
@@ -336,7 +271,6 @@ var KMS = _webexCore.WebexPlugin.extend((_dec = (0, _common.oneFlight)({
    */
   fetchPublicKey: function fetchPublicKey(_ref8) {
     var _this7 = this;
-
     var assignedOrgId = _ref8.assignedOrgId;
     this.logger.info('kms: fetch public key for byok');
     return this.request({
@@ -345,75 +279,71 @@ var KMS = _webexCore.WebexPlugin.extend((_dec = (0, _common.oneFlight)({
       assignedOrgId: assignedOrgId
     }).then(function (res) {
       _this7.logger.info('kms: received public key');
-
       return res.publicKey;
     });
   },
-
   /**
-  * @typedef {Object} UploadCmkResponse
-  * @property {number} status
-  * @property {UUID} requestId
-  * @property {string} uri
-  * @property {string} keysState
-  */
-
+   * @typedef {Object} UploadCmkResponse
+   * @property {number} status
+   * @property {UUID} requestId
+   * @property {string} uri
+   * @property {string} keysState
+   */
   /**
    * upload master key for one org.
    * @param {Object} options
    * @param {UUID} options.assignedOrgId the orgId
    * @param {string} options.customerMasterKey the master key
+   * @param {boolean} options.awsKms enable amazon aws keys
    * @returns {Promise.<UploadCmkResponse>} response of upload CMK api
    */
   uploadCustomerMasterKey: function uploadCustomerMasterKey(_ref9) {
     var _this8 = this;
-
     var assignedOrgId = _ref9.assignedOrgId,
-        customerMasterKey = _ref9.customerMasterKey;
+      customerMasterKey = _ref9.customerMasterKey,
+      _ref9$awsKms = _ref9.awsKms,
+      awsKms = _ref9$awsKms === void 0 ? false : _ref9$awsKms;
     this.logger.info('kms: upload customer master key for byok');
     return this.request({
       method: 'create',
-      uri: '/cmk',
+      uri: awsKms ? '/awsKmsCmk' : '/cmk',
       assignedOrgId: assignedOrgId,
       customerMasterKey: customerMasterKey,
       requestId: _uuid.default.v4()
     }).then(function (res) {
       _this8.logger.info('kms: finish to upload customer master key');
-
       return res;
     });
   },
-
   /**
    * get all customer master keys for one org.
    * @param {Object} options
    * @param {UUID} options.assignedOrgId the orgId
+   * @param {boolean} options.awsKms enable amazon aws keys
    * @returns {Promise.<ActivateCmkResponse>} response of list CMKs api
    */
   listAllCustomerMasterKey: function listAllCustomerMasterKey(_ref10) {
     var _this9 = this;
-
-    var assignedOrgId = _ref10.assignedOrgId;
+    var assignedOrgId = _ref10.assignedOrgId,
+      _ref10$awsKms = _ref10.awsKms,
+      awsKms = _ref10$awsKms === void 0 ? false : _ref10$awsKms;
     this.logger.info('kms: get all customer master keys for byok');
     return this.request({
       method: 'retrieve',
-      uri: '/cmk',
+      uri: awsKms ? '/awsKmsCmk' : '/cmk',
       assignedOrgId: assignedOrgId,
       requestId: _uuid.default.v4()
     }).then(function (res) {
       _this9.logger.info('kms: finish to get all customer master keys');
-
       return res;
     });
   },
-
   /**
-  * @typedef {Object} ActivateCmkResponse
-  * @property {number} status
-  * @property {UUID} requestId
-  * @property {Array<CMK>} customerMasterKeys
-  */
-
+   * @typedef {Object} ActivateCmkResponse
+   * @property {number} status
+   * @property {UUID} requestId
+   * @property {Array<CMK>} customerMasterKeys
+   */
   /**
    *
    * @typedef {Object} CMK
@@ -424,7 +354,6 @@ var KMS = _webexCore.WebexPlugin.extend((_dec = (0, _common.oneFlight)({
    * @property {Date | undefined} stateUpdatedOn
    * @property {Date | undefined} rotation
    */
-
   /**
    * change one customer master key state for one org.
    * delete pending key, then the keyState should be 'removedclean';
@@ -438,10 +367,9 @@ var KMS = _webexCore.WebexPlugin.extend((_dec = (0, _common.oneFlight)({
    */
   changeCustomerMasterKeyState: function changeCustomerMasterKeyState(_ref11) {
     var _this10 = this;
-
     var keyId = _ref11.keyId,
-        keyState = _ref11.keyState,
-        assignedOrgId = _ref11.assignedOrgId;
+      keyState = _ref11.keyState,
+      assignedOrgId = _ref11.assignedOrgId;
     this.logger.info('kms: change one customer master key state for byok');
     return this.request({
       method: 'update',
@@ -451,34 +379,32 @@ var KMS = _webexCore.WebexPlugin.extend((_dec = (0, _common.oneFlight)({
       requestId: _uuid.default.v4()
     }).then(function (res) {
       _this10.logger.info('kms: finish to change the customer master key state to {}', keyState);
-
       return res;
     });
   },
-
   /**
    * this is for test case. it will delete all CMKs, no matter what their status is. This is mainly for test purpose
    * @param {Object} options
    * @param {UUID} options.assignedOrgId the orgId
+   * @param {boolean} options.awsKms enable amazon aws keys
    * @returns {Promise.<{status, requestId}>}
    */
   deleteAllCustomerMasterKeys: function deleteAllCustomerMasterKeys(_ref12) {
     var _this11 = this;
-
-    var assignedOrgId = _ref12.assignedOrgId;
+    var assignedOrgId = _ref12.assignedOrgId,
+      _ref12$awsKms = _ref12.awsKms,
+      awsKms = _ref12$awsKms === void 0 ? false : _ref12$awsKms;
     this.logger.info('kms: delete all customer master keys at the same time');
     return this.request({
       method: 'delete',
-      uri: '/cmk',
+      uri: awsKms ? '/awsKmsCmk' : '/cmk',
       assignedOrgId: assignedOrgId,
       requestId: _uuid.default.v4()
     }).then(function (res) {
       _this11.logger.info('kms: finish to delete all customer master keys');
-
       return res;
     });
   },
-
   /**
    * return to use global master key for one org.
    * @param {Object} options
@@ -487,7 +413,6 @@ var KMS = _webexCore.WebexPlugin.extend((_dec = (0, _common.oneFlight)({
    */
   useGlobalMasterKey: function useGlobalMasterKey(_ref13) {
     var _this12 = this;
-
     var assignedOrgId = _ref13.assignedOrgId;
     this.logger.info('kms: return to use global master key');
     return this.request({
@@ -498,21 +423,17 @@ var KMS = _webexCore.WebexPlugin.extend((_dec = (0, _common.oneFlight)({
       requestId: _uuid.default.v4()
     }).then(function (res) {
       _this12.logger.info('kms: finish to return to global master key');
-
       return res;
     });
   },
   fetchKey: function fetchKey(_ref14) {
     var _this13 = this;
-
     var uri = _ref14.uri,
-        onBehalfOf = _ref14.onBehalfOf;
-
+      onBehalfOf = _ref14.onBehalfOf;
     /* istanbul ignore if */
     if (!uri) {
       return _promise.default.reject(new Error('`options.uri` is required'));
     }
-
     this.logger.info('kms: fetching key');
     return this.request({
       method: 'retrieve',
@@ -521,11 +442,9 @@ var KMS = _webexCore.WebexPlugin.extend((_dec = (0, _common.oneFlight)({
       onBehalfOf: onBehalfOf
     }).then(function (res) {
       _this13.logger.info('kms: fetched key');
-
       return _this13.asKey(res.key);
     });
   },
-
   /**
    * Pings the kms. Mostly for testing
    * @returns {Promise}
@@ -536,7 +455,6 @@ var KMS = _webexCore.WebexPlugin.extend((_dec = (0, _common.oneFlight)({
       uri: '/ping'
     });
   },
-
   /**
    * Ensures a key obect is Key instance
    * @param {Object} key
@@ -548,7 +466,6 @@ var KMS = _webexCore.WebexPlugin.extend((_dec = (0, _common.oneFlight)({
       return key;
     });
   },
-
   /**
    * Adds appropriate metadata to the KMS request
    * @param {Object} payload
@@ -557,18 +474,14 @@ var KMS = _webexCore.WebexPlugin.extend((_dec = (0, _common.oneFlight)({
    */
   prepareRequest: function prepareRequest(payload, onBehalfOf) {
     var _this14 = this;
-
     var isECDHRequest = payload.method === 'create' && payload.uri.includes('/ecdhe');
     return _promise.default.resolve(isECDHRequest ? partialContexts.get(this) : this._getContext()).then(function (context) {
       _this14.logger.info("kms: wrapping ".concat(isECDHRequest ? 'ephemeral key' : 'kms', " request"));
-
       var req = new _nodeKms.Request(payload);
       var requestContext = context;
-
       if (onBehalfOf) {
         requestContext = _this14._contextOnBehalfOf(context, onBehalfOf);
       }
-
       return req.wrap(requestContext, {
         serverKey: isECDHRequest
       }).then(function () {
@@ -578,12 +491,10 @@ var KMS = _webexCore.WebexPlugin.extend((_dec = (0, _common.oneFlight)({
             depth: null
           }));
         }
-
         return req;
       });
     });
   },
-
   /**
    * Accepts a kms message event, decrypts it, and passes it to the batcher
    * @param {Object} event
@@ -591,27 +502,29 @@ var KMS = _webexCore.WebexPlugin.extend((_dec = (0, _common.oneFlight)({
    */
   processKmsMessageEvent: function processKmsMessageEvent(event) {
     var _this15 = this;
-
     this.logger.info('kms: received kms message');
     return _promise.default.all(event.encryption.kmsMessages.map(function (kmsMessage, index) {
       return _this15._isECDHEMessage(kmsMessage).then(function (isECDHMessage) {
         _this15.logger.info("kms: received ".concat(isECDHMessage ? 'ecdhe' : 'normal', " message"));
-
         var res = new _nodeKms.Response(kmsMessage);
-        return _promise.default.resolve(isECDHMessage ? partialContexts.get(_this15) : contexts.get(_this15)) // eslint-disable-next-line max-nested-callbacks
+        return _promise.default.resolve(isECDHMessage ? partialContexts.get(_this15) : contexts.get(_this15))
+        // eslint-disable-next-line max-nested-callbacks
         .then(function (context) {
           return res.unwrap(context);
-        }) // eslint-disable-next-line max-nested-callbacks
+        })
+        // eslint-disable-next-line max-nested-callbacks
         .then(function () {
           if (process.env.NODE_ENV !== 'production') {
             _this15.logger.info('kms: response payload', _util.default.inspect((0, _omit2.default)(JSON.parse((0, _stringify.default)(res)), 'wrapped'), {
               depth: null
             }));
           }
-        }) // eslint-disable-next-line max-nested-callbacks
+        })
+        // eslint-disable-next-line max-nested-callbacks
         .then(function () {
           event.encryption.kmsMessages[index] = res;
-        }) // eslint-disable-next-line max-nested-callbacks
+        })
+        // eslint-disable-next-line max-nested-callbacks
         .then(function () {
           return res;
         });
@@ -620,13 +533,11 @@ var KMS = _webexCore.WebexPlugin.extend((_dec = (0, _common.oneFlight)({
       return _this15.batcher.processKmsMessageEvent(event);
     }).catch(function (reason) {
       _this15.logger.error('kms: decrypt failed', reason.stack);
-
       return _promise.default.reject(reason);
     }).then(function () {
       return event;
     });
   },
-
   /**
    * Decrypts a kms message
    * @param {Object} kmsMessage
@@ -640,7 +551,6 @@ var KMS = _webexCore.WebexPlugin.extend((_dec = (0, _common.oneFlight)({
       return res.body;
     });
   },
-
   /**
    * Determines if the kms message is an ecdhe message or a normal message
    * @param {Object} kmsMessage
@@ -649,16 +559,13 @@ var KMS = _webexCore.WebexPlugin.extend((_dec = (0, _common.oneFlight)({
   _isECDHEMessage: function _isECDHEMessage(kmsMessage) {
     return this._getKMSStaticPubKey().then(function (kmsStaticPubKey) {
       var fields = kmsMessage.split('.');
-
       if (fields.length !== 3) {
         return false;
       }
-
       var header = JSON.parse(_nodeJose.default.util.base64url.decode(fields[0]));
       return header.kid === kmsStaticPubKey.kid;
     });
   },
-
   /**
    * Sends a request to the kms
    * @param {Object} payload
@@ -669,83 +576,72 @@ var KMS = _webexCore.WebexPlugin.extend((_dec = (0, _common.oneFlight)({
    */
   request: function request(payload) {
     var _this16 = this;
-
     var _ref15 = arguments.length > 1 && arguments[1] !== undefined ? arguments[1] : {},
-        timeout = _ref15.timeout,
-        onBehalfOf = _ref15.onBehalfOf;
+      timeout = _ref15.timeout,
+      onBehalfOf = _ref15.onBehalfOf;
+    timeout = timeout || this.config.kmsInitialTimeout;
 
-    timeout = timeout || this.config.kmsInitialTimeout; // Note: this should only happen when we're using the async kms batcher;
+    // Note: this should only happen when we're using the async kms batcher;
     // once we implement the sync batcher, this'll need to be smarter.
-
     return this.webex.internal.mercury.connect().then(function () {
       return _this16.prepareRequest(payload, onBehalfOf);
     }).then(function (req) {
       req[_kmsBatcher.TIMEOUT_SYMBOL] = timeout;
       return _this16.batcher.request(req);
-    }) // High complexity is due to attempt at test mode resiliency
+    })
+    // High complexity is due to attempt at test mode resiliency
     // eslint-disable-next-line complexity
     .catch(function (reason) {
       if (process.env.NODE_ENV === 'test' && (reason.status === 403 || reason.statusCode === 403) && reason.message.match(/Failed to resolve authorization token in KmsMessage request for user/)) {
         _this16.logger.warn('kms: rerequested key due to test-mode kms auth failure');
-
         return _this16.request(payload, {
           onBehalfOf: onBehalfOf
         });
-      } // KMS Error. Notify the user
-
+      }
 
+      // KMS Error. Notify the user
       if (reason instanceof _kmsCertificateValidation.KMSError) {
         _this16.webex.trigger('client:InvalidRequestError');
-
         return _promise.default.reject(reason);
-      } // Ideally, most or all of the code below would go in kms-batcher, but
+      }
+
+      // Ideally, most or all of the code below would go in kms-batcher, but
       // but batching needs at least one more round of refactoring for that to
       // work.
-
-
       if (!reason.statusCode && !reason.status) {
         /* istanbul ignore else */
         if (process.env.NODE_ENV !== 'production') {
           /* istanbul ignore next: reason.stack vs stack difficult to control in test */
           _this16.logger.info('kms: request error', reason.stack || reason);
         }
-
         consoleDebug("timeout ".concat(timeout));
         timeout *= 2;
-
         if (timeout >= _this16.config.ecdhMaxTimeout) {
           _this16.logger.info('kms: exceeded maximum KMS request retries');
-
           return _promise.default.reject(reason);
-        } // Peek ahead to make sure we don't reset the timeout if the next timeout
-        // will exceed the maximum timeout for renegotiating ECDH keys.
-
+        }
 
+        // Peek ahead to make sure we don't reset the timeout if the next timeout
+        // will exceed the maximum timeout for renegotiating ECDH keys.
         var nextTimeout = timeout * 2;
-
         if (timeout >= _this16.config.kmsMaxTimeout && nextTimeout < _this16.config.ecdhMaxTimeout) {
           _this16.logger.info('kms: exceeded maximum KMS request retries; negotiating new ecdh key');
-          /* istanbul ignore else */
-
 
+          /* istanbul ignore else */
           if (process.env.NODE_ENV !== 'production') {
             _this16.logger.info('kms: timeout/maxtimeout', timeout, _this16.config.kmsMaxTimeout);
           }
-
           contexts.delete(_this16);
           timeout = 0;
         }
-
         return _this16.request(payload, {
           timeout: timeout,
           onBehalfOf: onBehalfOf
         });
       }
-
       return _promise.default.reject(reason);
     });
   },
-
   /**
    * @private
    * @returns {Promise<string>}
@@ -755,7 +651,6 @@ var KMS = _webexCore.WebexPlugin.extend((_dec = (0, _common.oneFlight)({
       return token.access_token;
     });
   },
-
   /**
    * @private
    * @param {String} onBehalfOf create context on behalf of another user, undefined when this is not necessary
@@ -763,9 +658,7 @@ var KMS = _webexCore.WebexPlugin.extend((_dec = (0, _common.oneFlight)({
    */
   _getContext: function _getContext() {
     var _this17 = this;
-
     var promise = contexts.get(this);
-
     if (!promise) {
       promise = this._prepareContext();
       contexts.set(this, promise);
@@ -776,17 +669,14 @@ var KMS = _webexCore.WebexPlugin.extend((_dec = (0, _common.oneFlight)({
         }, expiresIn);
       });
     }
-
     return _promise.default.all([promise, this._getAuthorization()]).then(function (_ref16) {
       var _ref17 = (0, _slicedToArray2.default)(_ref16, 2),
-          context = _ref17[0],
-          authorization = _ref17[1];
-
+        context = _ref17[0],
+        authorization = _ref17[1];
       context.clientInfo.credential.bearer = authorization;
       return context;
     });
   },
-
   /**
    * @private
    * @returns {Promise<Object>}
@@ -798,16 +688,13 @@ var KMS = _webexCore.WebexPlugin.extend((_dec = (0, _common.oneFlight)({
       return kmsCluster;
     });
   },
-
   /**
    * @private
    * @returns {Promise<Object>}
    */
   _getKMSDetails: function _getKMSDetails() {
     var _this18 = this;
-
     var details = kmsDetails.get(this);
-
     if (!details) {
       this.logger.info('kms: fetching KMS details');
       details = this.webex.request({
@@ -815,21 +702,17 @@ var KMS = _webexCore.WebexPlugin.extend((_dec = (0, _common.oneFlight)({
         resource: "/kms/".concat(this.webex.internal.device.userId)
       }).then(function (res) {
         _this18.logger.info('kms: fetched KMS details');
-
         var body = res.body;
         body.rsaPublicKey = JSON.parse(body.rsaPublicKey);
         return body;
       }).catch(function (reason) {
         _this18.logger.error('kms: failed to fetch KMS details', reason);
-
         return _promise.default.reject(reason);
       });
       kmsDetails.set(this, details);
     }
-
     return details;
   },
-
   /**
    * @private
    * @returns {Promise<Object>}
@@ -841,21 +724,18 @@ var KMS = _webexCore.WebexPlugin.extend((_dec = (0, _common.oneFlight)({
       return rsaPublicKey;
     });
   },
-
   /**
    * @private
    * @returns {Promise<Object>}
    */
   _prepareContext: function _prepareContext() {
     var _this19 = this;
-
     this.logger.info('kms: creating context');
     var context = new _nodeKms.Context();
     return _promise.default.all([this._getKMSStaticPubKey().then((0, _kmsCertificateValidation.default)(this.config.caroots)), this._getAuthorization()]).then(function (_ref20) {
       var _ref21 = (0, _slicedToArray2.default)(_ref20, 2),
-          kmsStaticPubKey = _ref21[0],
-          authorization = _ref21[1];
-
+        kmsStaticPubKey = _ref21[0],
+        authorization = _ref21[1];
       context.clientInfo = {
         clientId: _this19.webex.internal.device.url,
         credential: {
@@ -866,9 +746,7 @@ var KMS = _webexCore.WebexPlugin.extend((_dec = (0, _common.oneFlight)({
       context.serverInfo = {
         key: kmsStaticPubKey
       };
-
       _this19.logger.info('kms: creating local ephemeral key');
-
       return context.createECDHKey();
     }).then(function (localECDHKey) {
       context.ephemeralKey = localECDHKey;
@@ -876,11 +754,9 @@ var KMS = _webexCore.WebexPlugin.extend((_dec = (0, _common.oneFlight)({
       return _promise.default.all([localECDHKey.asKey(), _this19._getKMSCluster()]);
     }).then(function (_ref22) {
       var _ref23 = (0, _slicedToArray2.default)(_ref22, 2),
-          localECDHKey = _ref23[0],
-          cluster = _ref23[1];
-
+        localECDHKey = _ref23[0],
+        cluster = _ref23[1];
       _this19.logger.info('kms: submitting ephemeral key request');
-
       return _this19.request({
         uri: "".concat(cluster, "/ecdhe"),
         method: 'create',
@@ -888,22 +764,17 @@ var KMS = _webexCore.WebexPlugin.extend((_dec = (0, _common.oneFlight)({
       });
     }).then(function (res) {
       _this19.logger.info('kms: deriving final ephemeral key');
-
       return context.deriveEphemeralKey(res.key);
     }).then(function (key) {
       context.ephemeralKey = key;
       partialContexts.delete(_this19);
-
       _this19.logger.info('kms: derived final ephemeral key');
-
       return context;
     }).catch(function (reason) {
       _this19.logger.error('kms: failed to negotiate ephemeral key', reason);
-
       return _promise.default.reject(reason);
     });
   },
-
   /**
    * KMS 'retrieve' requests can be made on behalf of another user. This is useful
    * for scenarios such as eDiscovery. i.e. Where an authorized compliance officer is
@@ -931,9 +802,8 @@ var KMS = _webexCore.WebexPlugin.extend((_dec = (0, _common.oneFlight)({
     context.ephemeralKey = originalContext.ephemeralKey;
     return context;
   },
-  version: "3.0.0-beta.4"
+  version: "3.0.0-beta.400"
 }, ((0, _applyDecoratedDescriptor2.default)(_obj, "fetchKey", [_dec], (0, _getOwnPropertyDescriptor.default)(_obj, "fetchKey"), _obj), (0, _applyDecoratedDescriptor2.default)(_obj, "_getContext", [_common.oneFlight], (0, _getOwnPropertyDescriptor.default)(_obj, "_getContext"), _obj)), _obj)));
-
 var _default = KMS;
 exports.default = _default;
 //# sourceMappingURL=kms.js.map