@webex/internal-plugin-encryption 3.0.0-beta.9 → 3.0.0-bnr.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (47) hide show
  1. package/README.md +1 -3
  2. package/dist/config.js +0 -9
  3. package/dist/config.js.map +1 -1
  4. package/dist/encryption.js +9 -60
  5. package/dist/encryption.js.map +1 -1
  6. package/dist/ensure-buffer.browser.js +0 -12
  7. package/dist/ensure-buffer.browser.js.map +1 -1
  8. package/dist/ensure-buffer.js +5 -12
  9. package/dist/ensure-buffer.js.map +1 -1
  10. package/dist/index.js +7 -33
  11. package/dist/index.js.map +1 -1
  12. package/dist/kms-batcher.js +6 -30
  13. package/dist/kms-batcher.js.map +1 -1
  14. package/dist/kms-certificate-validation.js +20 -88
  15. package/dist/kms-certificate-validation.js.map +1 -1
  16. package/dist/kms-dry-error-interceptor.js +1 -23
  17. package/dist/kms-dry-error-interceptor.js.map +1 -1
  18. package/dist/kms-errors.js +3 -50
  19. package/dist/kms-errors.js.map +1 -1
  20. package/dist/kms.js +74 -213
  21. package/dist/kms.js.map +1 -1
  22. package/dist/types/config.d.ts +16 -0
  23. package/dist/types/encryption.d.ts +2 -0
  24. package/dist/types/ensure-buffer.browser.d.ts +10 -0
  25. package/dist/types/ensure-buffer.d.ts +7 -0
  26. package/dist/types/index.d.ts +3 -0
  27. package/dist/types/kms-batcher.d.ts +6 -0
  28. package/dist/types/kms-certificate-validation.d.ts +24 -0
  29. package/dist/types/kms-dry-error-interceptor.d.ts +25 -0
  30. package/dist/types/kms-errors.d.ts +33 -0
  31. package/dist/types/kms.d.ts +5 -0
  32. package/package.json +15 -15
  33. package/src/config.js +3 -3
  34. package/src/encryption.js +66 -56
  35. package/src/ensure-buffer.browser.js +0 -1
  36. package/src/ensure-buffer.js +5 -5
  37. package/src/index.js +120 -96
  38. package/src/kms-batcher.js +50 -44
  39. package/src/kms-certificate-validation.js +45 -47
  40. package/src/kms-dry-error-interceptor.js +8 -4
  41. package/src/kms-errors.js +19 -16
  42. package/src/kms.js +210 -206
  43. package/test/integration/spec/encryption.js +311 -230
  44. package/test/integration/spec/kms.js +532 -404
  45. package/test/integration/spec/payload-transfom.js +69 -69
  46. package/test/unit/spec/encryption.js +16 -13
  47. package/test/unit/spec/kms-certificate-validation.js +41 -32
package/dist/kms-certificate-validation.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"names":["setEngine","crypto","CryptoEngine","name","subtle","VALID_KTY","VALID_KID_PROTOCOL","X509_COMMON_NAME_KEY","X509_SUBJECT_ALT_NAME_KEY","KMSError","message","kmsError","Error","throwError","err","decodeCert","pem","der","Buffer","from","ber","Uint8Array","buffer","asn1","fromBER","Certificate","schema","result","validateKtyHeader","kty","validateKidHeader","kid","isUri","parseUrl","protocol","validateCommonName","certificate","kidHostname","hostname","validationSuccessful","extensions","extension","extnID","altNames","parsedValue","entry","san","value","subjectAttributes","subject","typesAndValues","attribute","type","commonName","valueBlock","validatePublicCertificate","publicExponent","e","modulus","n","encode","jose","util","base64url","publicKey","subjectPublicKeyInfo","subjectPublicKey","asn1PublicCert","valueHex","publicCert","RSAPublicKey","publicExponentHex","modulusHex","validateCertificatesSignature","certificates","caroots","certificateEngine","CertificateChainValidationEngine","trustedCerts","map","certs","verify","then","resultCode","resultMessage","validateKMS","jwt","resolve","x5c","length","promise"],"sources":["kms-certificate-validation.js"],"sourcesContent":["import {parse as parseUrl} from 'url';\n\nimport {isUri} from 'valid-url';\nimport {fromBER} from 'asn1js';\nimport {\n Certificate,\n RSAPublicKey,\n CertificateChainValidationEngine,\n CryptoEngine,\n setEngine\n} from 'pkijs';\nimport {isArray} from 'lodash';\nimport jose from 'node-jose';\nimport crypto from 'isomorphic-webcrypto';\nimport {Buffer} from 'safe-buffer';\n\nsetEngine(\n 'newEngine',\n crypto,\n new CryptoEngine({\n name: '',\n crypto,\n subtle: crypto.subtle\n })\n);\n\nconst VALID_KTY = 'RSA';\nconst VALID_KID_PROTOCOL = 'kms:';\n\nconst X509_COMMON_NAME_KEY = '2.5.4.3';\n\nconst X509_SUBJECT_ALT_NAME_KEY = '2.5.29.17';\n\n/**\n * Customize Error so the SDK knows to quit retrying and notify\n * the user\n */\nexport class KMSError extends Error {\n /**\n * add kmsError field to notify\n * @param {string} message\n */\n constructor(message) {\n super(message);\n this.kmsError = true;\n }\n}\n\nconst throwError = (err) => {\n throw new KMSError(`INVALID KMS: ${err}`);\n};\n\n/**\n * Converts the PEM string to a pkijs certificate object\n * @param {string} pem PEM representation of a certificate\n * @returns {Certificate} pkijs object of the certificate\n */\nconst decodeCert = (pem) => {\n if (typeof pem !== 'string') {\n throwError('certificate needs to be a string');\n }\n\n const der = Buffer.from(pem, 'base64');\n const ber = new Uint8Array(der).buffer;\n\n const asn1 = fromBER(ber);\n\n return new Certificate({schema: asn1.result});\n};\n\n/**\n * Validate the 'kty' property of the KMS credentials\n * @param {Object} JWT KMS credentials\n * @param {string} JWT.kty type of certificate\n * @throws {KMSError} if kty is not a valid type\n * @returns {void}\n */\nconst validateKtyHeader = ({kty}) => {\n if (kty !== VALID_KTY) {\n throwError(`'kty' header must be '${VALID_KTY}'`);\n }\n};\n\nconst validateKidHeader = ({kid}) => {\n if (!isUri(kid)) {\n throwError('\\'kid\\' is not a valid URI');\n }\n\n if (parseUrl(kid).protocol !== VALID_KID_PROTOCOL) {\n throwError(`'kid' protocol must be '${VALID_KID_PROTOCOL}'`);\n }\n};\n\n/**\n * Checks the first certificate matches the 'kid' in the JWT.\n * It first checks the Subject Alternative Name then it checks\n * the Common Name\n * @param {Certificate} certificate represents the KMS\n * @param {Object} JWT KMS credentials\n * @param {string} JWT.kid the uri of the KMS\n * @throws {KMSError} if unable to validate certificate against KMS credentials\n * @returns {void}\n */\nconst validateCommonName = ([certificate], {kid}) => {\n const kidHostname = parseUrl(kid).hostname;\n let validationSuccessful = false;\n\n if (certificate.extensions) {\n // Subject Alt Names are in here\n for (const extension of certificate.extensions) {\n if (extension.extnID === X509_SUBJECT_ALT_NAME_KEY) {\n const {altNames} = extension.parsedValue;\n\n for (const entry of altNames) {\n const san = entry.value;\n\n validationSuccessful = san === kidHostname;\n if (validationSuccessful) {\n break;\n }\n }\n\n if (validationSuccessful) {\n break;\n }\n }\n }\n }\n\n if (!validationSuccessful) {\n // Didn't match kid in the Subject Alt Names, checking the Common Name\n const subjectAttributes = certificate.subject.typesAndValues;\n\n for (const attribute of subjectAttributes) {\n if (attribute.type === X509_COMMON_NAME_KEY) {\n const commonName = attribute.value.valueBlock.value;\n\n validationSuccessful = commonName === kidHostname;\n if (validationSuccessful) {\n break;\n }\n }\n }\n }\n\n if (!validationSuccessful) {\n throwError('hostname of the 1st certificate does not match \\'kid\\'');\n }\n};\n\n/**\n * Validate the first KMS certificate against the information\n * provided in the JWT\n * @param {Certificate} certificate first certificate the identifies the KMS\n * @param {Object} JWT credentials of the KMS\n * @param {string} JWT.e Public exponent of the first certificate\n * @param {string} KWT.n Modulus of the first certificate\n * @throws {KMSError} if e or n doesn't match the first certificate\n * @returns {void}\n */\nconst validatePublicCertificate =\n ([certificate], {e: publicExponent, n: modulus}) => {\n const {encode} = jose.util.base64url;\n\n const publicKey = certificate.subjectPublicKeyInfo.subjectPublicKey;\n const asn1PublicCert = fromBER(publicKey.valueBlock.valueHex);\n const publicCert = new RSAPublicKey({schema: asn1PublicCert.result});\n const publicExponentHex = publicCert.publicExponent.valueBlock.valueHex;\n const modulusHex = publicCert.modulus.valueBlock.valueHex;\n\n if (publicExponent !== encode(publicExponentHex)) {\n throwError('Public exponent is invalid');\n }\n if (modulus !== encode(modulusHex)) {\n throwError('Modulus is invalid');\n }\n };\n\n/**\n * Validates the list of certificates against the CAs provided\n * @param {certificate[]} certificates list of certificates provided\n * by the KMS to certify itself\n * @param {string[]} [caroots=[]] list of Certificate Authorities used to\n * validate the KMS's certificates\n * @returns {Promise} rejects if unable to validate the certificates\n */\nconst validateCertificatesSignature = (certificates, caroots = []) => {\n const certificateEngine = new CertificateChainValidationEngine({\n trustedCerts: caroots.map(decodeCert),\n certs: certificates\n });\n\n return certificateEngine.verify()\n .then(({result, resultCode, resultMessage}) => {\n if (!result) {\n throwError(\n `Certificate Validation failed [${resultCode}]: ${resultMessage}`\n );\n }\n });\n};\n\n/**\n * Validates the information provided by the KMS. This is a curried function.\n * The first function takes the caroots param and returns a second function.\n * The second function takes the credentials of the KMS and validates it\n * @param {string[]} caroots PEM encoded certificates that will be used\n * as Certificate Authorities\n * @param {Object} jwt Object containing the fields necessary to\n * validate the KMS\n * @returns {Promise} when resolved will return the jwt\n */\nconst validateKMS = (caroots) => (jwt = {}) => Promise.resolve()\n .then(() => {\n validateKtyHeader(jwt);\n validateKidHeader(jwt);\n\n if (!(isArray(jwt.x5c) && jwt.x5c.length > 0)) {\n throwError('JWK does not contain a list of certificates');\n }\n const certificates = jwt.x5c.map(decodeCert);\n\n validateCommonName(certificates, jwt);\n validatePublicCertificate(certificates, jwt);\n\n // Skip validating signatures if no CA roots were provided\n const promise = caroots ?\n validateCertificatesSignature(certificates, caroots) : Promise.resolve();\n\n return promise\n .then(() => jwt);\n });\n\nexport default validateKMS;\n"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA;;AAEA;;AACA;;AACA;;AAQA;;AACA;;AACA;;;;;;;;;;;;AAEA,IAAAA,gBAAA,EACE,WADF,EAEEC,4BAFF,EAGE,IAAIC,mBAAJ,CAAiB;EACfC,IAAI,EAAE,EADS;EAEfF,MAAM,EAANA,4BAFe;EAGfG,MAAM,EAAEH,4BAAA,CAAOG;AAHA,CAAjB,CAHF;AAUA,IAAMC,SAAS,GAAG,KAAlB;AACA,IAAMC,kBAAkB,GAAG,MAA3B;AAEA,IAAMC,oBAAoB,GAAG,SAA7B;AAEA,IAAMC,yBAAyB,GAAG,WAAlC;AAEA;AACA;AACA;AACA;;IACaC,Q;;;;;EACX;AACF;AACA;AACA;EACE,kBAAYC,OAAZ,EAAqB;IAAA;;IAAA;IACnB,0BAAMA,OAAN;IACA,MAAKC,QAAL,GAAgB,IAAhB;IAFmB;EAGpB;;;+CAR2BC,K;;;;AAW9B,IAAMC,UAAU,GAAG,SAAbA,UAAa,CAACC,GAAD,EAAS;EAC1B,MAAM,IAAIL,QAAJ,wBAA6BK,GAA7B,EAAN;AACD,CAFD;AAIA;AACA;AACA;AACA;AACA;;;AACA,IAAMC,UAAU,GAAG,SAAbA,UAAa,CAACC,GAAD,EAAS;EAC1B,IAAI,OAAOA,GAAP,KAAe,QAAnB,EAA6B;IAC3BH,UAAU,CAAC,kCAAD,CAAV;EACD;;EAED,IAAMI,GAAG,GAAGC,kBAAA,CAAOC,IAAP,CAAYH,GAAZ,EAAiB,QAAjB,CAAZ;;EACA,IAAMI,GAAG,GAAG,IAAIC,UAAJ,CAAeJ,GAAf,EAAoBK,MAAhC;EAEA,IAAMC,IAAI,GAAG,IAAAC,eAAA,EAAQJ,GAAR,CAAb;EAEA,OAAO,IAAIK,kBAAJ,CAAgB;IAACC,MAAM,EAAEH,IAAI,CAACI;EAAd,CAAhB,CAAP;AACD,CAXD;AAaA;AACA;AACA;AACA;AACA;AACA;AACA;;;AACA,IAAMC,iBAAiB,GAAG,SAApBA,iBAAoB,OAAW;EAAA,IAATC,GAAS,QAATA,GAAS;;EACnC,IAAIA,GAAG,KAAKxB,SAAZ,EAAuB;IACrBQ,UAAU,iCAA0BR,SAA1B,OAAV;EACD;AACF,CAJD;;AAMA,IAAMyB,iBAAiB,GAAG,SAApBA,iBAAoB,QAAW;EAAA,IAATC,GAAS,SAATA,GAAS;;EACnC,IAAI,CAAC,IAAAC,eAAA,EAAMD,GAAN,CAAL,EAAiB;IACflB,UAAU,CAAC,4BAAD,CAAV;EACD;;EAED,IAAI,IAAAoB,UAAA,EAASF,GAAT,EAAcG,QAAd,KAA2B5B,kBAA/B,EAAmD;IACjDO,UAAU,mCAA4BP,kBAA5B,OAAV;EACD;AACF,CARD;AAUA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;AACA,IAAM6B,kBAAkB,GAAG,SAArBA,kBAAqB,eAA0B;EAAA;EAAA,IAAxBC,WAAwB;;EAAA,IAATL,GAAS,SAATA,GAAS;EACnD,IAAMM,WAAW,GAAG,IAAAJ,UAAA,EAASF,GAAT,EAAcO,QAAlC;EACA,IAAIC,oBAAoB,GAAG,KAA3B;;EAEA,IAAIH,WAAW,CAACI,UAAhB,EAA4B;IAC1B;IAD0B,2CAEFJ,WAAW,CAACI,UAFV;IAAA;;IAAA;MAE1B,oDAAgD;QAAA,IAArCC,SAAqC;;QAC9C,IAAIA,SAAS,CAACC,MAAV,KAAqBlC,yBAAzB,EAAoD;UAClD,IAAOmC,QAAP,GAAmBF,SAAS,CAACG,WAA7B,CAAOD,QAAP;;UADkD,4CAG9BA,QAH8B;UAAA;;UAAA;YAGlD,uDAA8B;cAAA,IAAnBE,KAAmB;cAC5B,IAAMC,GAAG,GAAGD,KAAK,CAACE,KAAlB;cAEAR,oBAAoB,GAAGO,GAAG,KAAKT,WAA/B;;cACA,IAAIE,oBAAJ,EAA0B;gBACxB;cACD;YACF;UAViD;YAAA;UAAA;YAAA;UAAA;;UAYlD,IAAIA,oBAAJ,EAA0B;YACxB;UACD;QACF;MACF;IAnByB;MAAA;IAAA;MAAA;IAAA;EAoB3B;;EAED,IAAI,CAACA,oBAAL,EAA2B;IACzB;IACA,IAAMS,iBAAiB,GAAGZ,WAAW,CAACa,OAAZ,CAAoBC,cAA9C;;IAFyB,4CAIDF,iBAJC;IAAA;;IAAA;MAIzB,uDAA2C;QAAA,IAAhCG,SAAgC;;QACzC,IAAIA,SAAS,CAACC,IAAV,KAAmB7C,oBAAvB,EAA6C;UAC3C,IAAM8C,UAAU,GAAGF,SAAS,CAACJ,KAAV,CAAgBO,UAAhB,CAA2BP,KAA9C;UAEAR,oBAAoB,GAAGc,UAAU,KAAKhB,WAAtC;;UACA,IAAIE,oBAAJ,EAA0B;YACxB;UACD;QACF;MACF;IAbwB;MAAA;IAAA;MAAA;IAAA;EAc1B;;EAED,IAAI,CAACA,oBAAL,EAA2B;IACzB1B,UAAU,CAAC,wDAAD,CAAV;EACD;AACF,CA7CD;AA+CA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;AACA,IAAM0C,yBAAyB,GAC7B,SADIA,yBACJ,eAAoD;EAAA;EAAA,IAAlDnB,WAAkD;;EAAA,IAAhCoB,cAAgC,SAAnCC,CAAmC;EAAA,IAAbC,OAAa,SAAhBC,CAAgB;EAClD,IAAOC,MAAP,GAAiBC,iBAAA,CAAKC,IAAL,CAAUC,SAA3B,CAAOH,MAAP;EAEA,IAAMI,SAAS,GAAG5B,WAAW,CAAC6B,oBAAZ,CAAiCC,gBAAnD;EACA,IAAMC,cAAc,GAAG,IAAA3C,eAAA,EAAQwC,SAAS,CAACV,UAAV,CAAqBc,QAA7B,CAAvB;EACA,IAAMC,UAAU,GAAG,IAAIC,mBAAJ,CAAiB;IAAC5C,MAAM,EAAEyC,cAAc,CAACxC;EAAxB,CAAjB,CAAnB;EACA,IAAM4C,iBAAiB,GAAGF,UAAU,CAACb,cAAX,CAA0BF,UAA1B,CAAqCc,QAA/D;EACA,IAAMI,UAAU,GAAGH,UAAU,CAACX,OAAX,CAAmBJ,UAAnB,CAA8Bc,QAAjD;;EAEA,IAAIZ,cAAc,KAAKI,MAAM,CAACW,iBAAD,CAA7B,EAAkD;IAChD1D,UAAU,CAAC,4BAAD,CAAV;EACD;;EACD,IAAI6C,OAAO,KAAKE,MAAM,CAACY,UAAD,CAAtB,EAAoC;IAClC3D,UAAU,CAAC,oBAAD,CAAV;EACD;AACF,CAhBH;AAkBA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;AACA,IAAM4D,6BAA6B,GAAG,SAAhCA,6BAAgC,CAACC,YAAD,EAAgC;EAAA,IAAjBC,OAAiB,uEAAP,EAAO;EACpE,IAAMC,iBAAiB,GAAG,IAAIC,uCAAJ,CAAqC;IAC7DC,YAAY,EAAEH,OAAO,CAACI,GAAR,CAAYhE,UAAZ,CAD+C;IAE7DiE,KAAK,EAAEN;EAFsD,CAArC,CAA1B;EAKA,OAAOE,iBAAiB,CAACK,MAAlB,GACJC,IADI,CACC,iBAAyC;IAAA,IAAvCvD,MAAuC,SAAvCA,MAAuC;IAAA,IAA/BwD,UAA+B,SAA/BA,UAA+B;IAAA,IAAnBC,aAAmB,SAAnBA,aAAmB;;IAC7C,IAAI,CAACzD,MAAL,EAAa;MACXd,UAAU,0CAC0BsE,UAD1B,gBAC0CC,aAD1C,EAAV;IAGD;EACF,CAPI,CAAP;AAQD,CAdD;AAgBA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;AACA,IAAMC,WAAW,GAAG,SAAdA,WAAc,CAACV,OAAD;EAAA,OAAa;IAAA,IAACW,GAAD,uEAAO,EAAP;IAAA,OAAc,iBAAQC,OAAR,GAC5CL,IAD4C,CACvC,YAAM;MACVtD,iBAAiB,CAAC0D,GAAD,CAAjB;MACAxD,iBAAiB,CAACwD,GAAD,CAAjB;;MAEA,IAAI,EAAE,uBAAQA,GAAG,CAACE,GAAZ,KAAoBF,GAAG,CAACE,GAAJ,CAAQC,MAAR,GAAiB,CAAvC,CAAJ,EAA+C;QAC7C5E,UAAU,CAAC,6CAAD,CAAV;MACD;;MACD,IAAM6D,YAAY,GAAGY,GAAG,CAACE,GAAJ,CAAQT,GAAR,CAAYhE,UAAZ,CAArB;MAEAoB,kBAAkB,CAACuC,YAAD,EAAeY,GAAf,CAAlB;MACA/B,yBAAyB,CAACmB,YAAD,EAAeY,GAAf,CAAzB,CAVU,CAYV;;MACA,IAAMI,OAAO,GAAGf,OAAO,GACrBF,6BAA6B,CAACC,YAAD,EAAeC,OAAf,CADR,GACkC,iBAAQY,OAAR,EADzD;MAGA,OAAOG,OAAO,CACXR,IADI,CACC;QAAA,OAAMI,GAAN;MAAA,CADD,CAAP;IAED,CAnB4C,CAAd;EAAA,CAAb;AAAA,CAApB;;eAqBeD,W"}
1
+ {"version":3,"names":["setEngine","crypto","CryptoEngine","name","subtle","VALID_KTY","VALID_KID_PROTOCOL","X509_COMMON_NAME_KEY","X509_SUBJECT_ALT_NAME_KEY","KMSError","message","kmsError","Error","throwError","err","decodeCert","pem","der","Buffer","from","ber","Uint8Array","buffer","asn1","fromBER","Certificate","schema","result","validateKtyHeader","kty","validateKidHeader","kid","isUri","parseUrl","protocol","validateCommonName","certificate","kidHostname","hostname","validationSuccessful","extensions","extension","extnID","altNames","parsedValue","entry","san","value","subjectAttributes","subject","typesAndValues","attribute","type","commonName","valueBlock","validatePublicCertificate","publicExponent","e","modulus","n","encode","jose","util","base64url","publicKey","subjectPublicKeyInfo","subjectPublicKey","asn1PublicCert","valueHex","publicCert","RSAPublicKey","publicExponentHex","modulusHex","validateCertificatesSignature","certificates","caroots","certificateEngine","CertificateChainValidationEngine","trustedCerts","map","certs","verify","then","resultCode","resultMessage","validateKMS","jwt","resolve","x5c","length","promise"],"sources":["kms-certificate-validation.js"],"sourcesContent":["import {parse as parseUrl} from 'url';\n\nimport {isUri} from 'valid-url';\nimport {fromBER} from 'asn1js';\nimport {\n Certificate,\n RSAPublicKey,\n CertificateChainValidationEngine,\n CryptoEngine,\n setEngine,\n} from 'pkijs';\nimport {isArray} from 'lodash';\nimport jose from 'node-jose';\nimport crypto from 'isomorphic-webcrypto';\nimport {Buffer} from 'safe-buffer';\n\nsetEngine(\n 'newEngine',\n crypto,\n new CryptoEngine({\n name: '',\n crypto,\n subtle: crypto.subtle,\n })\n);\n\nconst VALID_KTY = 'RSA';\nconst VALID_KID_PROTOCOL = 'kms:';\n\nconst X509_COMMON_NAME_KEY = '2.5.4.3';\n\nconst X509_SUBJECT_ALT_NAME_KEY = '2.5.29.17';\n\n/**\n * Customize Error so the SDK knows to quit retrying and notify\n * the user\n */\nexport class KMSError extends Error {\n /**\n * add kmsError field to notify\n * @param {string} message\n */\n constructor(message) {\n super(message);\n this.kmsError = true;\n }\n}\n\nconst throwError = (err) => {\n throw new KMSError(`INVALID KMS: ${err}`);\n};\n\n/**\n * Converts the PEM string to a pkijs certificate object\n * @param {string} pem PEM representation of a certificate\n * @returns {Certificate} pkijs object of the certificate\n */\nconst decodeCert = (pem) => {\n if (typeof pem !== 'string') {\n throwError('certificate needs to be a string');\n }\n\n const der = Buffer.from(pem, 'base64');\n const ber = new Uint8Array(der).buffer;\n\n const asn1 = fromBER(ber);\n\n return new Certificate({schema: asn1.result});\n};\n\n/**\n * Validate the 'kty' property of the KMS credentials\n * @param {Object} JWT KMS credentials\n * @param {string} JWT.kty type of certificate\n * @throws {KMSError} if kty is not a valid type\n * @returns {void}\n */\nconst validateKtyHeader = ({kty}) => {\n if (kty !== VALID_KTY) {\n throwError(`'kty' header must be '${VALID_KTY}'`);\n }\n};\n\nconst validateKidHeader = ({kid}) => {\n if (!isUri(kid)) {\n throwError(\"'kid' is not a valid URI\");\n }\n\n if (parseUrl(kid).protocol !== VALID_KID_PROTOCOL) {\n throwError(`'kid' protocol must be '${VALID_KID_PROTOCOL}'`);\n }\n};\n\n/**\n * Checks the first certificate matches the 'kid' in the JWT.\n * It first checks the Subject Alternative Name then it checks\n * the Common Name\n * @param {Certificate} certificate represents the KMS\n * @param {Object} JWT KMS credentials\n * @param {string} JWT.kid the uri of the KMS\n * @throws {KMSError} if unable to validate certificate against KMS credentials\n * @returns {void}\n */\nconst validateCommonName = ([certificate], {kid}) => {\n const kidHostname = parseUrl(kid).hostname;\n let validationSuccessful = false;\n\n if (certificate.extensions) {\n // Subject Alt Names are in here\n for (const extension of certificate.extensions) {\n if (extension.extnID === X509_SUBJECT_ALT_NAME_KEY) {\n const {altNames} = extension.parsedValue;\n\n for (const entry of altNames) {\n const san = entry.value;\n\n validationSuccessful = san === kidHostname;\n if (validationSuccessful) {\n break;\n }\n }\n\n if (validationSuccessful) {\n break;\n }\n }\n }\n }\n\n if (!validationSuccessful) {\n // Didn't match kid in the Subject Alt Names, checking the Common Name\n const subjectAttributes = certificate.subject.typesAndValues;\n\n for (const attribute of subjectAttributes) {\n if (attribute.type === X509_COMMON_NAME_KEY) {\n const commonName = attribute.value.valueBlock.value;\n\n validationSuccessful = commonName === kidHostname;\n if (validationSuccessful) {\n break;\n }\n }\n }\n }\n\n if (!validationSuccessful) {\n throwError(\"hostname of the 1st certificate does not match 'kid'\");\n }\n};\n\n/**\n * Validate the first KMS certificate against the information\n * provided in the JWT\n * @param {Certificate} certificate first certificate the identifies the KMS\n * @param {Object} JWT credentials of the KMS\n * @param {string} JWT.e Public exponent of the first certificate\n * @param {string} KWT.n Modulus of the first certificate\n * @throws {KMSError} if e or n doesn't match the first certificate\n * @returns {void}\n */\nconst validatePublicCertificate = ([certificate], {e: publicExponent, n: modulus}) => {\n const {encode} = jose.util.base64url;\n\n const publicKey = certificate.subjectPublicKeyInfo.subjectPublicKey;\n const asn1PublicCert = fromBER(publicKey.valueBlock.valueHex);\n const publicCert = new RSAPublicKey({schema: asn1PublicCert.result});\n const publicExponentHex = publicCert.publicExponent.valueBlock.valueHex;\n const modulusHex = publicCert.modulus.valueBlock.valueHex;\n\n if (publicExponent !== encode(publicExponentHex)) {\n throwError('Public exponent is invalid');\n }\n if (modulus !== encode(modulusHex)) {\n throwError('Modulus is invalid');\n }\n};\n\n/**\n * Validates the list of certificates against the CAs provided\n * @param {certificate[]} certificates list of certificates provided\n * by the KMS to certify itself\n * @param {string[]} [caroots=[]] list of Certificate Authorities used to\n * validate the KMS's certificates\n * @returns {Promise} rejects if unable to validate the certificates\n */\nconst validateCertificatesSignature = (certificates, caroots = []) => {\n const certificateEngine = new CertificateChainValidationEngine({\n trustedCerts: caroots.map(decodeCert),\n certs: certificates,\n });\n\n return certificateEngine.verify().then(({result, resultCode, resultMessage}) => {\n if (!result) {\n throwError(`Certificate Validation failed [${resultCode}]: ${resultMessage}`);\n }\n });\n};\n\n/**\n * Validates the information provided by the KMS. This is a curried function.\n * The first function takes the caroots param and returns a second function.\n * The second function takes the credentials of the KMS and validates it\n * @param {string[]} caroots PEM encoded certificates that will be used\n * as Certificate Authorities\n * @param {Object} jwt Object containing the fields necessary to\n * validate the KMS\n * @returns {Promise} when resolved will return the jwt\n */\nconst validateKMS =\n (caroots) =>\n (jwt = {}) =>\n Promise.resolve().then(() => {\n validateKtyHeader(jwt);\n validateKidHeader(jwt);\n\n if (!(isArray(jwt.x5c) && jwt.x5c.length > 0)) {\n throwError('JWK does not contain a list of certificates');\n }\n const certificates = jwt.x5c.map(decodeCert);\n\n validateCommonName(certificates, jwt);\n validatePublicCertificate(certificates, jwt);\n\n // Skip validating signatures if no CA roots were provided\n const promise = caroots\n ? validateCertificatesSignature(certificates, caroots)\n : Promise.resolve();\n\n return promise.then(() => jwt);\n });\n\nexport default validateKMS;\n"],"mappings":";;;;;;;;;;;;;;;;;;;;;;AAAA;AAEA;AACA;AACA;AAQA;AACA;AACA;AAAmC;AAAA;AAAA;AAAA;AAAA;AAEnC,IAAAA,gBAAS,EACP,WAAW,EACXC,4BAAM,EACN,IAAIC,mBAAY,CAAC;EACfC,IAAI,EAAE,EAAE;EACRF,MAAM,EAANA,4BAAM;EACNG,MAAM,EAAEH,4BAAM,CAACG;AACjB,CAAC,CAAC,CACH;AAED,IAAMC,SAAS,GAAG,KAAK;AACvB,IAAMC,kBAAkB,GAAG,MAAM;AAEjC,IAAMC,oBAAoB,GAAG,SAAS;AAEtC,IAAMC,yBAAyB,GAAG,WAAW;;AAE7C;AACA;AACA;AACA;AAHA,IAIaC,QAAQ;EAAA;EAAA;EACnB;AACF;AACA;AACA;EACE,kBAAYC,OAAO,EAAE;IAAA;IAAA;IACnB,0BAAMA,OAAO;IACb,MAAKC,QAAQ,GAAG,IAAI;IAAC;EACvB;EAAC;AAAA,+CAR2BC,KAAK;AAAA;AAWnC,IAAMC,UAAU,GAAG,SAAbA,UAAU,CAAIC,GAAG,EAAK;EAC1B,MAAM,IAAIL,QAAQ,wBAAiBK,GAAG,EAAG;AAC3C,CAAC;;AAED;AACA;AACA;AACA;AACA;AACA,IAAMC,UAAU,GAAG,SAAbA,UAAU,CAAIC,GAAG,EAAK;EAC1B,IAAI,OAAOA,GAAG,KAAK,QAAQ,EAAE;IAC3BH,UAAU,CAAC,kCAAkC,CAAC;EAChD;EAEA,IAAMI,GAAG,GAAGC,kBAAM,CAACC,IAAI,CAACH,GAAG,EAAE,QAAQ,CAAC;EACtC,IAAMI,GAAG,GAAG,IAAIC,UAAU,CAACJ,GAAG,CAAC,CAACK,MAAM;EAEtC,IAAMC,IAAI,GAAG,IAAAC,eAAO,EAACJ,GAAG,CAAC;EAEzB,OAAO,IAAIK,kBAAW,CAAC;IAACC,MAAM,EAAEH,IAAI,CAACI;EAAM,CAAC,CAAC;AAC/C,CAAC;;AAED;AACA;AACA;AACA;AACA;AACA;AACA;AACA,IAAMC,iBAAiB,GAAG,SAApBA,iBAAiB,OAAc;EAAA,IAATC,GAAG,QAAHA,GAAG;EAC7B,IAAIA,GAAG,KAAKxB,SAAS,EAAE;IACrBQ,UAAU,iCAA0BR,SAAS,OAAI;EACnD;AACF,CAAC;AAED,IAAMyB,iBAAiB,GAAG,SAApBA,iBAAiB,QAAc;EAAA,IAATC,GAAG,SAAHA,GAAG;EAC7B,IAAI,CAAC,IAAAC,eAAK,EAACD,GAAG,CAAC,EAAE;IACflB,UAAU,CAAC,0BAA0B,CAAC;EACxC;EAEA,IAAI,IAAAoB,UAAQ,EAACF,GAAG,CAAC,CAACG,QAAQ,KAAK5B,kBAAkB,EAAE;IACjDO,UAAU,mCAA4BP,kBAAkB,OAAI;EAC9D;AACF,CAAC;;AAED;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,IAAM6B,kBAAkB,GAAG,SAArBA,kBAAkB,eAA6B;EAAA;IAAxBC,WAAW;EAAA,IAAIL,GAAG,SAAHA,GAAG;EAC7C,IAAMM,WAAW,GAAG,IAAAJ,UAAQ,EAACF,GAAG,CAAC,CAACO,QAAQ;EAC1C,IAAIC,oBAAoB,GAAG,KAAK;EAEhC,IAAIH,WAAW,CAACI,UAAU,EAAE;IAC1B;IAAA,2CACwBJ,WAAW,CAACI,UAAU;MAAA;IAAA;MAA9C,oDAAgD;QAAA,IAArCC,SAAS;QAClB,IAAIA,SAAS,CAACC,MAAM,KAAKlC,yBAAyB,EAAE;UAClD,IAAOmC,QAAQ,GAAIF,SAAS,CAACG,WAAW,CAAjCD,QAAQ;UAA0B,4CAErBA,QAAQ;YAAA;UAAA;YAA5B,uDAA8B;cAAA,IAAnBE,KAAK;cACd,IAAMC,GAAG,GAAGD,KAAK,CAACE,KAAK;cAEvBR,oBAAoB,GAAGO,GAAG,KAAKT,WAAW;cAC1C,IAAIE,oBAAoB,EAAE;gBACxB;cACF;YACF;UAAC;YAAA;UAAA;YAAA;UAAA;UAED,IAAIA,oBAAoB,EAAE;YACxB;UACF;QACF;MACF;IAAC;MAAA;IAAA;MAAA;IAAA;EACH;EAEA,IAAI,CAACA,oBAAoB,EAAE;IACzB;IACA,IAAMS,iBAAiB,GAAGZ,WAAW,CAACa,OAAO,CAACC,cAAc;IAAC,4CAErCF,iBAAiB;MAAA;IAAA;MAAzC,uDAA2C;QAAA,IAAhCG,SAAS;QAClB,IAAIA,SAAS,CAACC,IAAI,KAAK7C,oBAAoB,EAAE;UAC3C,IAAM8C,UAAU,GAAGF,SAAS,CAACJ,KAAK,CAACO,UAAU,CAACP,KAAK;UAEnDR,oBAAoB,GAAGc,UAAU,KAAKhB,WAAW;UACjD,IAAIE,oBAAoB,EAAE;YACxB;UACF;QACF;MACF;IAAC;MAAA;IAAA;MAAA;IAAA;EACH;EAEA,IAAI,CAACA,oBAAoB,EAAE;IACzB1B,UAAU,CAAC,sDAAsD,CAAC;EACpE;AACF,CAAC;;AAED;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,IAAM0C,yBAAyB,GAAG,SAA5BA,yBAAyB,eAAuD;EAAA;IAAlDnB,WAAW;EAAA,IAAOoB,cAAc,SAAjBC,CAAC;IAAqBC,OAAO,SAAVC,CAAC;EACrE,IAAOC,MAAM,GAAIC,iBAAI,CAACC,IAAI,CAACC,SAAS,CAA7BH,MAAM;EAEb,IAAMI,SAAS,GAAG5B,WAAW,CAAC6B,oBAAoB,CAACC,gBAAgB;EACnE,IAAMC,cAAc,GAAG,IAAA3C,eAAO,EAACwC,SAAS,CAACV,UAAU,CAACc,QAAQ,CAAC;EAC7D,IAAMC,UAAU,GAAG,IAAIC,mBAAY,CAAC;IAAC5C,MAAM,EAAEyC,cAAc,CAACxC;EAAM,CAAC,CAAC;EACpE,IAAM4C,iBAAiB,GAAGF,UAAU,CAACb,cAAc,CAACF,UAAU,CAACc,QAAQ;EACvE,IAAMI,UAAU,GAAGH,UAAU,CAACX,OAAO,CAACJ,UAAU,CAACc,QAAQ;EAEzD,IAAIZ,cAAc,KAAKI,MAAM,CAACW,iBAAiB,CAAC,EAAE;IAChD1D,UAAU,CAAC,4BAA4B,CAAC;EAC1C;EACA,IAAI6C,OAAO,KAAKE,MAAM,CAACY,UAAU,CAAC,EAAE;IAClC3D,UAAU,CAAC,oBAAoB,CAAC;EAClC;AACF,CAAC;;AAED;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,IAAM4D,6BAA6B,GAAG,SAAhCA,6BAA6B,CAAIC,YAAY,EAAmB;EAAA,IAAjBC,OAAO,uEAAG,EAAE;EAC/D,IAAMC,iBAAiB,GAAG,IAAIC,uCAAgC,CAAC;IAC7DC,YAAY,EAAEH,OAAO,CAACI,GAAG,CAAChE,UAAU,CAAC;IACrCiE,KAAK,EAAEN;EACT,CAAC,CAAC;EAEF,OAAOE,iBAAiB,CAACK,MAAM,EAAE,CAACC,IAAI,CAAC,iBAAyC;IAAA,IAAvCvD,MAAM,SAANA,MAAM;MAAEwD,UAAU,SAAVA,UAAU;MAAEC,aAAa,SAAbA,aAAa;IACxE,IAAI,CAACzD,MAAM,EAAE;MACXd,UAAU,0CAAmCsE,UAAU,gBAAMC,aAAa,EAAG;IAC/E;EACF,CAAC,CAAC;AACJ,CAAC;;AAED;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,IAAMC,WAAW,GACf,SADIA,WAAW,CACdV,OAAO;EAAA,OACR;IAAA,IAACW,GAAG,uEAAG,CAAC,CAAC;IAAA,OACP,iBAAQC,OAAO,EAAE,CAACL,IAAI,CAAC,YAAM;MAC3BtD,iBAAiB,CAAC0D,GAAG,CAAC;MACtBxD,iBAAiB,CAACwD,GAAG,CAAC;MAEtB,IAAI,EAAE,uBAAQA,GAAG,CAACE,GAAG,CAAC,IAAIF,GAAG,CAACE,GAAG,CAACC,MAAM,GAAG,CAAC,CAAC,EAAE;QAC7C5E,UAAU,CAAC,6CAA6C,CAAC;MAC3D;MACA,IAAM6D,YAAY,GAAGY,GAAG,CAACE,GAAG,CAACT,GAAG,CAAChE,UAAU,CAAC;MAE5CoB,kBAAkB,CAACuC,YAAY,EAAEY,GAAG,CAAC;MACrC/B,yBAAyB,CAACmB,YAAY,EAAEY,GAAG,CAAC;;MAE5C;MACA,IAAMI,OAAO,GAAGf,OAAO,GACnBF,6BAA6B,CAACC,YAAY,EAAEC,OAAO,CAAC,GACpD,iBAAQY,OAAO,EAAE;MAErB,OAAOG,OAAO,CAACR,IAAI,CAAC;QAAA,OAAMI,GAAG;MAAA,EAAC;IAChC,CAAC,CAAC;EAAA;AAAA;AAAC,eAEQD,WAAW;AAAA"}
package/dist/kms-dry-error-interceptor.js CHANGED
@@ -1,37 +1,22 @@
1
1
  "use strict";
2
2
 
3
3
  var _Reflect$construct = require("@babel/runtime-corejs2/core-js/reflect/construct");
4
-
5
4
  var _Object$defineProperty = require("@babel/runtime-corejs2/core-js/object/define-property");
6
-
7
5
  var _interopRequireDefault = require("@babel/runtime-corejs2/helpers/interopRequireDefault");
8
-
9
6
  _Object$defineProperty(exports, "__esModule", {
10
7
  value: true
11
8
  });
12
-
13
9
  exports.default = void 0;
14
-
15
10
  var _promise = _interopRequireDefault(require("@babel/runtime-corejs2/core-js/promise"));
16
-
17
11
  var _classCallCheck2 = _interopRequireDefault(require("@babel/runtime-corejs2/helpers/classCallCheck"));
18
-
19
12
  var _createClass2 = _interopRequireDefault(require("@babel/runtime-corejs2/helpers/createClass"));
20
-
21
13
  var _inherits2 = _interopRequireDefault(require("@babel/runtime-corejs2/helpers/inherits"));
22
-
23
14
  var _possibleConstructorReturn2 = _interopRequireDefault(require("@babel/runtime-corejs2/helpers/possibleConstructorReturn"));
24
-
25
15
  var _getPrototypeOf2 = _interopRequireDefault(require("@babel/runtime-corejs2/helpers/getPrototypeOf"));
26
-
27
16
  var _httpCore = require("@webex/http-core");
28
-
29
17
  var _kmsErrors = require("./kms-errors");
30
-
31
18
  function _createSuper(Derived) { var hasNativeReflectConstruct = _isNativeReflectConstruct(); return function _createSuperInternal() { var Super = (0, _getPrototypeOf2.default)(Derived), result; if (hasNativeReflectConstruct) { var NewTarget = (0, _getPrototypeOf2.default)(this).constructor; result = _Reflect$construct(Super, arguments, NewTarget); } else { result = Super.apply(this, arguments); } return (0, _possibleConstructorReturn2.default)(this, result); }; }
32
-
33
19
  function _isNativeReflectConstruct() { if (typeof Reflect === "undefined" || !_Reflect$construct) return false; if (_Reflect$construct.sham) return false; if (typeof Proxy === "function") return true; try { Boolean.prototype.valueOf.call(_Reflect$construct(Boolean, [], function () {})); return true; } catch (e) { return false; } }
34
-
35
20
  /**
36
21
  * Interceptor (only to be used in test mode) intended to replay requests that
37
22
  * fail as a result of the test-user incompatibility in KMS.
@@ -39,14 +24,11 @@ function _isNativeReflectConstruct() { if (typeof Reflect === "undefined" || !_R
39
24
  */
40
25
  var KmsDryErrorInterceptor = /*#__PURE__*/function (_Interceptor) {
41
26
  (0, _inherits2.default)(KmsDryErrorInterceptor, _Interceptor);
42
-
43
27
  var _super = _createSuper(KmsDryErrorInterceptor);
44
-
45
28
  function KmsDryErrorInterceptor() {
46
29
  (0, _classCallCheck2.default)(this, KmsDryErrorInterceptor);
47
30
  return _super.apply(this, arguments);
48
31
  }
49
-
50
32
  (0, _createClass2.default)(KmsDryErrorInterceptor, [{
51
33
  key: "onResponseError",
52
34
  value:
@@ -61,16 +43,15 @@ var KmsDryErrorInterceptor = /*#__PURE__*/function (_Interceptor) {
61
43
  this.webex.logger.error(reason);
62
44
  return this.replay(options, reason);
63
45
  }
64
-
65
46
  return _promise.default.reject(reason);
66
47
  }
48
+
67
49
  /**
68
50
  * Replays the request
69
51
  * @param {Object} options
70
52
  * @param {DryError} reason
71
53
  * @returns {Object}
72
54
  */
73
-
74
55
  }, {
75
56
  key: "replay",
76
57
  value: function replay(options, reason) {
@@ -79,12 +60,10 @@ var KmsDryErrorInterceptor = /*#__PURE__*/function (_Interceptor) {
79
60
  } else {
80
61
  options.replayCount = 1;
81
62
  }
82
-
83
63
  if (options.replayCount > this.webex.config.maxAuthenticationReplays) {
84
64
  this.webex.logger.error("kms: failed after ".concat(this.webex.config.maxAuthenticationReplays, " replay attempts"));
85
65
  return _promise.default.reject(reason);
86
66
  }
87
-
88
67
  this.webex.logger.info("kms: replaying request ".concat(options.replayCount, " time"));
89
68
  return this.webex.request(options);
90
69
  }
@@ -102,6 +81,5 @@ var KmsDryErrorInterceptor = /*#__PURE__*/function (_Interceptor) {
102
81
  }]);
103
82
  return KmsDryErrorInterceptor;
104
83
  }(_httpCore.Interceptor);
105
-
106
84
  exports.default = KmsDryErrorInterceptor;
107
85
  //# sourceMappingURL=kms-dry-error-interceptor.js.map
package/dist/kms-dry-error-interceptor.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"names":["KmsDryErrorInterceptor","options","reason","DryError","message","match","webex","logger","error","replay","reject","replayCount","config","maxAuthenticationReplays","info","request","Interceptor"],"sources":["kms-dry-error-interceptor.js"],"sourcesContent":["/*!\n * Copyright (c) 2015-2020 Cisco Systems, Inc. See LICENSE file.\n */\n\nimport {Interceptor} from '@webex/http-core';\n\nimport {DryError} from './kms-errors';\n/**\n * Interceptor (only to be used in test mode) intended to replay requests that\n * fail as a result of the test-user incompatibility in KMS.\n * @class\n */\nexport default class KmsDryErrorInterceptor extends Interceptor {\n /**\n * @returns {KmsDryErrorInterceptor}\n */\n static create() {\n return new KmsDryErrorInterceptor({webex: this});\n }\n\n /**\n * @param {Object} options\n * @param {Exception} reason\n * @returns {Promise}\n */\n onResponseError(options, reason) {\n if (reason instanceof DryError && reason.message.match(/Failed to resolve authorization token in KmsMessage request for user/)) {\n this.webex.logger.error('DRY Request Failed due to kms/test-user flakiness');\n this.webex.logger.error(reason);\n\n return this.replay(options, reason);\n }\n\n return Promise.reject(reason);\n }\n\n /**\n * Replays the request\n * @param {Object} options\n * @param {DryError} reason\n * @returns {Object}\n */\n replay(options, reason) {\n if (options.replayCount) {\n options.replayCount += 1;\n }\n else {\n options.replayCount = 1;\n }\n\n if (options.replayCount > this.webex.config.maxAuthenticationReplays) {\n this.webex.logger.error(`kms: failed after ${this.webex.config.maxAuthenticationReplays} replay attempts`);\n\n return Promise.reject(reason);\n }\n\n this.webex.logger.info(`kms: replaying request ${options.replayCount} time`);\n\n return this.webex.request(options);\n }\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;AAIA;;AAEA;;;;;;AACA;AACA;AACA;AACA;AACA;IACqBA,sB;;;;;;;;;;;;;IAQnB;AACF;AACA;AACA;AACA;IACE,yBAAgBC,OAAhB,EAAyBC,MAAzB,EAAiC;MAC/B,IAAIA,MAAM,YAAYC,mBAAlB,IAA8BD,MAAM,CAACE,OAAP,CAAeC,KAAf,CAAqB,sEAArB,CAAlC,EAAgI;QAC9H,KAAKC,KAAL,CAAWC,MAAX,CAAkBC,KAAlB,CAAwB,mDAAxB;QACA,KAAKF,KAAL,CAAWC,MAAX,CAAkBC,KAAlB,CAAwBN,MAAxB;QAEA,OAAO,KAAKO,MAAL,CAAYR,OAAZ,EAAqBC,MAArB,CAAP;MACD;;MAED,OAAO,iBAAQQ,MAAR,CAAeR,MAAf,CAAP;IACD;IAED;AACF;AACA;AACA;AACA;AACA;;;;WACE,gBAAOD,OAAP,EAAgBC,MAAhB,EAAwB;MACtB,IAAID,OAAO,CAACU,WAAZ,EAAyB;QACvBV,OAAO,CAACU,WAAR,IAAuB,CAAvB;MACD,CAFD,MAGK;QACHV,OAAO,CAACU,WAAR,GAAsB,CAAtB;MACD;;MAED,IAAIV,OAAO,CAACU,WAAR,GAAsB,KAAKL,KAAL,CAAWM,MAAX,CAAkBC,wBAA5C,EAAsE;QACpE,KAAKP,KAAL,CAAWC,MAAX,CAAkBC,KAAlB,6BAA6C,KAAKF,KAAL,CAAWM,MAAX,CAAkBC,wBAA/D;QAEA,OAAO,iBAAQH,MAAR,CAAeR,MAAf,CAAP;MACD;;MAED,KAAKI,KAAL,CAAWC,MAAX,CAAkBO,IAAlB,kCAAiDb,OAAO,CAACU,WAAzD;MAEA,OAAO,KAAKL,KAAL,CAAWS,OAAX,CAAmBd,OAAnB,CAAP;IACD;;;;IA9CD;AACF;AACA;IACE,kBAAgB;MACd,OAAO,IAAID,sBAAJ,CAA2B;QAACM,KAAK,EAAE;MAAR,CAA3B,CAAP;IACD;;;EANiDU,qB"}
1
+ {"version":3,"names":["KmsDryErrorInterceptor","options","reason","DryError","message","match","webex","logger","error","replay","reject","replayCount","config","maxAuthenticationReplays","info","request","Interceptor"],"sources":["kms-dry-error-interceptor.js"],"sourcesContent":["/*!\n * Copyright (c) 2015-2020 Cisco Systems, Inc. See LICENSE file.\n */\n\nimport {Interceptor} from '@webex/http-core';\n\nimport {DryError} from './kms-errors';\n/**\n * Interceptor (only to be used in test mode) intended to replay requests that\n * fail as a result of the test-user incompatibility in KMS.\n * @class\n */\nexport default class KmsDryErrorInterceptor extends Interceptor {\n /**\n * @returns {KmsDryErrorInterceptor}\n */\n static create() {\n return new KmsDryErrorInterceptor({webex: this});\n }\n\n /**\n * @param {Object} options\n * @param {Exception} reason\n * @returns {Promise}\n */\n onResponseError(options, reason) {\n if (\n reason instanceof DryError &&\n reason.message.match(/Failed to resolve authorization token in KmsMessage request for user/)\n ) {\n this.webex.logger.error('DRY Request Failed due to kms/test-user flakiness');\n this.webex.logger.error(reason);\n\n return this.replay(options, reason);\n }\n\n return Promise.reject(reason);\n }\n\n /**\n * Replays the request\n * @param {Object} options\n * @param {DryError} reason\n * @returns {Object}\n */\n replay(options, reason) {\n if (options.replayCount) {\n options.replayCount += 1;\n } else {\n options.replayCount = 1;\n }\n\n if (options.replayCount > this.webex.config.maxAuthenticationReplays) {\n this.webex.logger.error(\n `kms: failed after ${this.webex.config.maxAuthenticationReplays} replay attempts`\n );\n\n return Promise.reject(reason);\n }\n\n this.webex.logger.info(`kms: replaying request ${options.replayCount} time`);\n\n return this.webex.request(options);\n }\n}\n"],"mappings":";;;;;;;;;;;;;;;AAIA;AAEA;AAAsC;AAAA;AACtC;AACA;AACA;AACA;AACA;AAJA,IAKqBA,sBAAsB;EAAA;EAAA;EAAA;IAAA;IAAA;EAAA;EAAA;IAAA;IAAA;IAQzC;AACF;AACA;AACA;AACA;IACE,yBAAgBC,OAAO,EAAEC,MAAM,EAAE;MAC/B,IACEA,MAAM,YAAYC,mBAAQ,IAC1BD,MAAM,CAACE,OAAO,CAACC,KAAK,CAAC,sEAAsE,CAAC,EAC5F;QACA,IAAI,CAACC,KAAK,CAACC,MAAM,CAACC,KAAK,CAAC,mDAAmD,CAAC;QAC5E,IAAI,CAACF,KAAK,CAACC,MAAM,CAACC,KAAK,CAACN,MAAM,CAAC;QAE/B,OAAO,IAAI,CAACO,MAAM,CAACR,OAAO,EAAEC,MAAM,CAAC;MACrC;MAEA,OAAO,iBAAQQ,MAAM,CAACR,MAAM,CAAC;IAC/B;;IAEA;AACF;AACA;AACA;AACA;AACA;EALE;IAAA;IAAA,OAMA,gBAAOD,OAAO,EAAEC,MAAM,EAAE;MACtB,IAAID,OAAO,CAACU,WAAW,EAAE;QACvBV,OAAO,CAACU,WAAW,IAAI,CAAC;MAC1B,CAAC,MAAM;QACLV,OAAO,CAACU,WAAW,GAAG,CAAC;MACzB;MAEA,IAAIV,OAAO,CAACU,WAAW,GAAG,IAAI,CAACL,KAAK,CAACM,MAAM,CAACC,wBAAwB,EAAE;QACpE,IAAI,CAACP,KAAK,CAACC,MAAM,CAACC,KAAK,6BACA,IAAI,CAACF,KAAK,CAACM,MAAM,CAACC,wBAAwB,sBAChE;QAED,OAAO,iBAAQH,MAAM,CAACR,MAAM,CAAC;MAC/B;MAEA,IAAI,CAACI,KAAK,CAACC,MAAM,CAACO,IAAI,kCAA2Bb,OAAO,CAACU,WAAW,WAAQ;MAE5E,OAAO,IAAI,CAACL,KAAK,CAACS,OAAO,CAACd,OAAO,CAAC;IACpC;EAAC;IAAA;IAAA;IAlDD;AACF;AACA;IACE,kBAAgB;MACd,OAAO,IAAID,sBAAsB,CAAC;QAACM,KAAK,EAAE;MAAI,CAAC,CAAC;IAClD;EAAC;EAAA;AAAA,EANiDU,qBAAW;AAAA"}
package/dist/kms-errors.js CHANGED
@@ -1,54 +1,34 @@
1
1
  "use strict";
2
2
 
3
3
  var _Reflect$construct = require("@babel/runtime-corejs2/core-js/reflect/construct");
4
-
5
4
  var _Object$defineProperty = require("@babel/runtime-corejs2/core-js/object/define-property");
6
-
7
5
  var _interopRequireDefault = require("@babel/runtime-corejs2/helpers/interopRequireDefault");
8
-
9
6
  _Object$defineProperty(exports, "__esModule", {
10
7
  value: true
11
8
  });
12
-
13
9
  exports.KmsTimeoutError = exports.KmsError = exports.DryError = void 0;
14
-
15
10
  var _defineProperties = _interopRequireDefault(require("@babel/runtime-corejs2/core-js/object/define-properties"));
16
-
17
11
  var _apply = _interopRequireDefault(require("@babel/runtime-corejs2/core-js/reflect/apply"));
18
-
19
12
  var _classCallCheck2 = _interopRequireDefault(require("@babel/runtime-corejs2/helpers/classCallCheck"));
20
-
21
13
  var _createClass2 = _interopRequireDefault(require("@babel/runtime-corejs2/helpers/createClass"));
22
-
23
14
  var _inherits2 = _interopRequireDefault(require("@babel/runtime-corejs2/helpers/inherits"));
24
-
25
15
  var _possibleConstructorReturn2 = _interopRequireDefault(require("@babel/runtime-corejs2/helpers/possibleConstructorReturn"));
26
-
27
16
  var _getPrototypeOf2 = _interopRequireDefault(require("@babel/runtime-corejs2/helpers/getPrototypeOf"));
28
-
29
17
  var _defineProperty2 = _interopRequireDefault(require("@babel/runtime-corejs2/helpers/defineProperty"));
30
-
31
18
  var _common = require("@webex/common");
32
-
33
19
  var _webexCore = require("@webex/webex-core");
34
-
35
20
  function _createSuper(Derived) { var hasNativeReflectConstruct = _isNativeReflectConstruct(); return function _createSuperInternal() { var Super = (0, _getPrototypeOf2.default)(Derived), result; if (hasNativeReflectConstruct) { var NewTarget = (0, _getPrototypeOf2.default)(this).constructor; result = _Reflect$construct(Super, arguments, NewTarget); } else { result = Super.apply(this, arguments); } return (0, _possibleConstructorReturn2.default)(this, result); }; }
36
-
37
21
  function _isNativeReflectConstruct() { if (typeof Reflect === "undefined" || !_Reflect$construct) return false; if (_Reflect$construct.sham) return false; if (typeof Proxy === "function") return true; try { Boolean.prototype.valueOf.call(_Reflect$construct(Boolean, [], function () {})); return true; } catch (e) { return false; } }
38
-
39
22
  /**
40
23
  * Error class for KMS errors
41
24
  */
42
25
  var KmsError = /*#__PURE__*/function (_Exception) {
43
26
  (0, _inherits2.default)(KmsError, _Exception);
44
-
45
27
  var _super = _createSuper(KmsError);
46
-
47
28
  function KmsError() {
48
29
  (0, _classCallCheck2.default)(this, KmsError);
49
30
  return _super.apply(this, arguments);
50
31
  }
51
-
52
32
  (0, _createClass2.default)(KmsError, [{
53
33
  key: "parse",
54
34
  value:
@@ -77,19 +57,15 @@ var KmsError = /*#__PURE__*/function (_Exception) {
77
57
  }
78
58
  });
79
59
  var message = typeof body === 'string' ? body : body.reason;
80
-
81
60
  if (!message) {
82
61
  message = this.constructor.defaultMessage;
83
62
  }
84
-
85
63
  if (body.status) {
86
64
  message += "\nKMS_RESPONSE_STATUS: ".concat(body.status);
87
65
  }
88
-
89
66
  if (body.requestId) {
90
67
  message += "\nKMS_REQUEST_ID: ".concat(body.requestId);
91
68
  }
92
-
93
69
  return message;
94
70
  }
95
71
  }]);
@@ -98,21 +74,15 @@ var KmsError = /*#__PURE__*/function (_Exception) {
98
74
  /**
99
75
  * Thrown when an expected KMSResponse is not received in a timely manner
100
76
  */
101
-
102
-
103
77
  exports.KmsError = KmsError;
104
78
  (0, _defineProperty2.default)(KmsError, "defaultMessage", 'An unknown error occurred while communicating with the kms. This implies we received an error response without a body.');
105
-
106
79
  var KmsTimeoutError = /*#__PURE__*/function (_KmsError) {
107
80
  (0, _inherits2.default)(KmsTimeoutError, _KmsError);
108
-
109
81
  var _super2 = _createSuper(KmsTimeoutError);
110
-
111
82
  function KmsTimeoutError() {
112
83
  (0, _classCallCheck2.default)(this, KmsTimeoutError);
113
84
  return _super2.apply(this, arguments);
114
85
  }
115
-
116
86
  (0, _createClass2.default)(KmsTimeoutError, [{
117
87
  key: "parse",
118
88
  value:
@@ -123,22 +93,18 @@ var KmsTimeoutError = /*#__PURE__*/function (_KmsError) {
123
93
  */
124
94
  function parse() {
125
95
  var _ref = arguments.length > 0 && arguments[0] !== undefined ? arguments[0] : {},
126
- _ref$request = _ref.request,
127
- request = _ref$request === void 0 ? {} : _ref$request,
128
- timeout = _ref.timeout;
129
-
96
+ _ref$request = _ref.request,
97
+ request = _ref$request === void 0 ? {} : _ref$request,
98
+ timeout = _ref.timeout;
130
99
  var message = "The KMS did not respond within ".concat(timeout ? "".concat(timeout, " milliseconds") : 'a timely fashion');
131
-
132
100
  if (request) {
133
101
  if (request.method && request.uri) {
134
102
  message += "\nKMS_REQUEST: ".concat(request.method, " ").concat(request.uri);
135
103
  }
136
-
137
104
  if (request.requestId) {
138
105
  message += "\nKMS_REQUEST_ID: ".concat(request.requestId);
139
106
  }
140
107
  }
141
-
142
108
  return message;
143
109
  }
144
110
  }]);
@@ -147,20 +113,14 @@ var KmsTimeoutError = /*#__PURE__*/function (_KmsError) {
147
113
  /**
148
114
  * Emitted when a REST request includes an encrypter error
149
115
  */
150
-
151
-
152
116
  exports.KmsTimeoutError = KmsTimeoutError;
153
-
154
117
  var DryError = /*#__PURE__*/function (_WebexHttpError) {
155
118
  (0, _inherits2.default)(DryError, _WebexHttpError);
156
-
157
119
  var _super3 = _createSuper(DryError);
158
-
159
120
  function DryError() {
160
121
  (0, _classCallCheck2.default)(this, DryError);
161
122
  return _super3.apply(this, arguments);
162
123
  }
163
-
164
124
  (0, _createClass2.default)(DryError, [{
165
125
  key: "parse",
166
126
  value:
@@ -172,11 +132,9 @@ var DryError = /*#__PURE__*/function (_WebexHttpError) {
172
132
  (0, _apply.default)(_webexCore.WebexHttpError.prototype.parse, this, [reason._res]);
173
133
  var body = reason._res.body.message;
174
134
  var message = body.reason || body;
175
-
176
135
  if (!message) {
177
136
  message = this.constructor.defaultMessage;
178
137
  }
179
-
180
138
  if (this.options.url) {
181
139
  message += "\n".concat(this.options.method, " ").concat(this.options.url);
182
140
  } else if (this.options.uri) {
@@ -184,17 +142,13 @@ var DryError = /*#__PURE__*/function (_WebexHttpError) {
184
142
  } else {
185
143
  message += "\n".concat(this.options.method, " ").concat(this.options.service.toUpperCase(), "/").concat(this.options.resource);
186
144
  }
187
-
188
145
  message += "\nWEBEX_TRACKING_ID: ".concat(this.options.headers.trackingid);
189
-
190
146
  if (body.status) {
191
147
  message += "\nKMS_RESPONSE_STATUS: ".concat(body.status);
192
148
  }
193
-
194
149
  if (body.requestId) {
195
150
  message += "\nKMS_REQUEST_ID: ".concat(body.requestId);
196
151
  }
197
-
198
152
  (0, _defineProperties.default)(this, {
199
153
  reason: {
200
154
  enumerable: false,
@@ -214,7 +168,6 @@ var DryError = /*#__PURE__*/function (_WebexHttpError) {
214
168
  }]);
215
169
  return DryError;
216
170
  }(_webexCore.WebexHttpError);
217
-
218
171
  exports.DryError = DryError;
219
172
  (0, _defineProperty2.default)(DryError, "defaultMessage", 'An unknown error was received from a service that proxies to the KMS');
220
173
  //# sourceMappingURL=kms-errors.js.map
package/dist/kms-errors.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"names":["KmsError","body","enumerable","value","reason","requestId","status","message","constructor","defaultMessage","Exception","KmsTimeoutError","request","timeout","method","uri","DryError","WebexHttpError","prototype","parse","_res","options","url","service","toUpperCase","resource","headers","trackingid"],"sources":["kms-errors.js"],"sourcesContent":["/*!\n * Copyright (c) 2015-2020 Cisco Systems, Inc. See LICENSE file.\n */\n\nimport {Exception} from '@webex/common';\nimport {WebexHttpError} from '@webex/webex-core';\n\n/**\n * Error class for KMS errors\n */\nexport class KmsError extends Exception {\n static defaultMessage = 'An unknown error occurred while communicating with the kms. This implies we received an error response without a body.';\n\n /**\n * @param {HttpResponse} body\n * @returns {string}\n */\n parse(body) {\n body = body.body || body;\n\n Object.defineProperties(this, {\n body: {\n enumerable: false,\n value: body\n },\n reason: {\n enumerable: false,\n value: body.reason\n },\n requestId: {\n enumerable: false,\n value: body.requestId\n },\n status: {\n enumerable: false,\n value: body.status\n }\n });\n\n let message = typeof body === 'string' ? body : body.reason;\n\n if (!message) {\n message = this.constructor.defaultMessage;\n }\n if (body.status) {\n message += `\\nKMS_RESPONSE_STATUS: ${body.status}`;\n }\n if (body.requestId) {\n message += `\\nKMS_REQUEST_ID: ${body.requestId}`;\n }\n\n return message;\n }\n}\n\n/**\n * Thrown when an expected KMSResponse is not received in a timely manner\n */\nexport class KmsTimeoutError extends KmsError {\n /**\n * @param {KmsRequest} options.request\n * @param {KmsRequest} options.timeout\n * @returns {string}\n */\n parse({request = {}, timeout} = {}) {\n let message = `The KMS did not respond within ${timeout ? `${timeout} milliseconds` : 'a timely fashion'}`;\n\n if (request) {\n if (request.method && request.uri) {\n message += `\\nKMS_REQUEST: ${request.method} ${request.uri}`;\n }\n\n if (request.requestId) {\n message += `\\nKMS_REQUEST_ID: ${request.requestId}`;\n }\n }\n\n return message;\n }\n}\n\n/**\n * Emitted when a REST request includes an encrypter error\n */\nexport class DryError extends WebexHttpError {\n static defaultMessage = 'An unknown error was received from a service that proxies to the KMS';\n\n /**\n * @param {WebexHttpError} reason\n * @returns {string}\n */\n parse(reason) {\n Reflect.apply(WebexHttpError.prototype.parse, this, [reason._res]);\n const body = reason._res.body.message;\n\n let message = body.reason || body;\n\n if (!message) {\n message = this.constructor.defaultMessage;\n }\n if (this.options.url) {\n message += `\\n${this.options.method} ${this.options.url}`;\n }\n else if (this.options.uri) {\n message += `\\n${this.options.method} ${this.options.uri}`;\n }\n else {\n message += `\\n${this.options.method} ${this.options.service.toUpperCase()}/${this.options.resource}`;\n }\n message += `\\nWEBEX_TRACKING_ID: ${this.options.headers.trackingid}`;\n\n if (body.status) {\n message += `\\nKMS_RESPONSE_STATUS: ${body.status}`;\n }\n if (body.requestId) {\n message += `\\nKMS_REQUEST_ID: ${body.requestId}`;\n }\n\n Object.defineProperties(this, {\n reason: {\n enumerable: false,\n value: body.reason\n },\n requestId: {\n enumerable: false,\n value: body.requestId\n },\n status: {\n enumerable: false,\n value: body.status\n }\n });\n\n return message;\n }\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAIA;;AACA;;;;;;AAEA;AACA;AACA;IACaA,Q;;;;;;;;;;;;;IAGX;AACF;AACA;AACA;IACE,eAAMC,IAAN,EAAY;MACVA,IAAI,GAAGA,IAAI,CAACA,IAAL,IAAaA,IAApB;MAEA,+BAAwB,IAAxB,EAA8B;QAC5BA,IAAI,EAAE;UACJC,UAAU,EAAE,KADR;UAEJC,KAAK,EAAEF;QAFH,CADsB;QAK5BG,MAAM,EAAE;UACNF,UAAU,EAAE,KADN;UAENC,KAAK,EAAEF,IAAI,CAACG;QAFN,CALoB;QAS5BC,SAAS,EAAE;UACTH,UAAU,EAAE,KADH;UAETC,KAAK,EAAEF,IAAI,CAACI;QAFH,CATiB;QAa5BC,MAAM,EAAE;UACNJ,UAAU,EAAE,KADN;UAENC,KAAK,EAAEF,IAAI,CAACK;QAFN;MAboB,CAA9B;MAmBA,IAAIC,OAAO,GAAG,OAAON,IAAP,KAAgB,QAAhB,GAA2BA,IAA3B,GAAkCA,IAAI,CAACG,MAArD;;MAEA,IAAI,CAACG,OAAL,EAAc;QACZA,OAAO,GAAG,KAAKC,WAAL,CAAiBC,cAA3B;MACD;;MACD,IAAIR,IAAI,CAACK,MAAT,EAAiB;QACfC,OAAO,qCAA8BN,IAAI,CAACK,MAAnC,CAAP;MACD;;MACD,IAAIL,IAAI,CAACI,SAAT,EAAoB;QAClBE,OAAO,gCAAyBN,IAAI,CAACI,SAA9B,CAAP;MACD;;MAED,OAAOE,OAAP;IACD;;;EA1C2BG,iB;AA6C9B;AACA;AACA;;;;8BA/CaV,Q,oBACa,wH;;IA+CbW,e;;;;;;;;;;;;;IACX;AACF;AACA;AACA;AACA;IACE,iBAAoC;MAAA,+EAAJ,EAAI;MAAA,wBAA7BC,OAA6B;MAAA,IAA7BA,OAA6B,6BAAnB,EAAmB;MAAA,IAAfC,OAAe,QAAfA,OAAe;;MAClC,IAAIN,OAAO,4CAAqCM,OAAO,aAAMA,OAAN,qBAA+B,kBAA3E,CAAX;;MAEA,IAAID,OAAJ,EAAa;QACX,IAAIA,OAAO,CAACE,MAAR,IAAkBF,OAAO,CAACG,GAA9B,EAAmC;UACjCR,OAAO,6BAAsBK,OAAO,CAACE,MAA9B,cAAwCF,OAAO,CAACG,GAAhD,CAAP;QACD;;QAED,IAAIH,OAAO,CAACP,SAAZ,EAAuB;UACrBE,OAAO,gCAAyBK,OAAO,CAACP,SAAjC,CAAP;QACD;MACF;;MAED,OAAOE,OAAP;IACD;;;EApBkCP,Q;AAuBrC;AACA;AACA;;;;;IACagB,Q;;;;;;;;;;;;;IAGX;AACF;AACA;AACA;IACE,eAAMZ,MAAN,EAAc;MACZ,oBAAca,yBAAA,CAAeC,SAAf,CAAyBC,KAAvC,EAA8C,IAA9C,EAAoD,CAACf,MAAM,CAACgB,IAAR,CAApD;MACA,IAAMnB,IAAI,GAAGG,MAAM,CAACgB,IAAP,CAAYnB,IAAZ,CAAiBM,OAA9B;MAEA,IAAIA,OAAO,GAAGN,IAAI,CAACG,MAAL,IAAeH,IAA7B;;MAEA,IAAI,CAACM,OAAL,EAAc;QACZA,OAAO,GAAG,KAAKC,WAAL,CAAiBC,cAA3B;MACD;;MACD,IAAI,KAAKY,OAAL,CAAaC,GAAjB,EAAsB;QACpBf,OAAO,gBAAS,KAAKc,OAAL,CAAaP,MAAtB,cAAgC,KAAKO,OAAL,CAAaC,GAA7C,CAAP;MACD,CAFD,MAGK,IAAI,KAAKD,OAAL,CAAaN,GAAjB,EAAsB;QACzBR,OAAO,gBAAS,KAAKc,OAAL,CAAaP,MAAtB,cAAgC,KAAKO,OAAL,CAAaN,GAA7C,CAAP;MACD,CAFI,MAGA;QACHR,OAAO,gBAAS,KAAKc,OAAL,CAAaP,MAAtB,cAAgC,KAAKO,OAAL,CAAaE,OAAb,CAAqBC,WAArB,EAAhC,cAAsE,KAAKH,OAAL,CAAaI,QAAnF,CAAP;MACD;;MACDlB,OAAO,mCAA4B,KAAKc,OAAL,CAAaK,OAAb,CAAqBC,UAAjD,CAAP;;MAEA,IAAI1B,IAAI,CAACK,MAAT,EAAiB;QACfC,OAAO,qCAA8BN,IAAI,CAACK,MAAnC,CAAP;MACD;;MACD,IAAIL,IAAI,CAACI,SAAT,EAAoB;QAClBE,OAAO,gCAAyBN,IAAI,CAACI,SAA9B,CAAP;MACD;;MAED,+BAAwB,IAAxB,EAA8B;QAC5BD,MAAM,EAAE;UACNF,UAAU,EAAE,KADN;UAENC,KAAK,EAAEF,IAAI,CAACG;QAFN,CADoB;QAK5BC,SAAS,EAAE;UACTH,UAAU,EAAE,KADH;UAETC,KAAK,EAAEF,IAAI,CAACI;QAFH,CALiB;QAS5BC,MAAM,EAAE;UACNJ,UAAU,EAAE,KADN;UAENC,KAAK,EAAEF,IAAI,CAACK;QAFN;MAToB,CAA9B;MAeA,OAAOC,OAAP;IACD;;;EAlD2BU,yB;;;8BAAjBD,Q,oBACa,sE"}
1
+ {"version":3,"names":["KmsError","body","enumerable","value","reason","requestId","status","message","constructor","defaultMessage","Exception","KmsTimeoutError","request","timeout","method","uri","DryError","WebexHttpError","prototype","parse","_res","options","url","service","toUpperCase","resource","headers","trackingid"],"sources":["kms-errors.js"],"sourcesContent":["/*!\n * Copyright (c) 2015-2020 Cisco Systems, Inc. See LICENSE file.\n */\n\nimport {Exception} from '@webex/common';\nimport {WebexHttpError} from '@webex/webex-core';\n\n/**\n * Error class for KMS errors\n */\nexport class KmsError extends Exception {\n static defaultMessage =\n 'An unknown error occurred while communicating with the kms. This implies we received an error response without a body.';\n\n /**\n * @param {HttpResponse} body\n * @returns {string}\n */\n parse(body) {\n body = body.body || body;\n\n Object.defineProperties(this, {\n body: {\n enumerable: false,\n value: body,\n },\n reason: {\n enumerable: false,\n value: body.reason,\n },\n requestId: {\n enumerable: false,\n value: body.requestId,\n },\n status: {\n enumerable: false,\n value: body.status,\n },\n });\n\n let message = typeof body === 'string' ? body : body.reason;\n\n if (!message) {\n message = this.constructor.defaultMessage;\n }\n if (body.status) {\n message += `\\nKMS_RESPONSE_STATUS: ${body.status}`;\n }\n if (body.requestId) {\n message += `\\nKMS_REQUEST_ID: ${body.requestId}`;\n }\n\n return message;\n }\n}\n\n/**\n * Thrown when an expected KMSResponse is not received in a timely manner\n */\nexport class KmsTimeoutError extends KmsError {\n /**\n * @param {KmsRequest} options.request\n * @param {KmsRequest} options.timeout\n * @returns {string}\n */\n parse({request = {}, timeout} = {}) {\n let message = `The KMS did not respond within ${\n timeout ? `${timeout} milliseconds` : 'a timely fashion'\n }`;\n\n if (request) {\n if (request.method && request.uri) {\n message += `\\nKMS_REQUEST: ${request.method} ${request.uri}`;\n }\n\n if (request.requestId) {\n message += `\\nKMS_REQUEST_ID: ${request.requestId}`;\n }\n }\n\n return message;\n }\n}\n\n/**\n * Emitted when a REST request includes an encrypter error\n */\nexport class DryError extends WebexHttpError {\n static defaultMessage = 'An unknown error was received from a service that proxies to the KMS';\n\n /**\n * @param {WebexHttpError} reason\n * @returns {string}\n */\n parse(reason) {\n Reflect.apply(WebexHttpError.prototype.parse, this, [reason._res]);\n const body = reason._res.body.message;\n\n let message = body.reason || body;\n\n if (!message) {\n message = this.constructor.defaultMessage;\n }\n if (this.options.url) {\n message += `\\n${this.options.method} ${this.options.url}`;\n } else if (this.options.uri) {\n message += `\\n${this.options.method} ${this.options.uri}`;\n } else {\n message += `\\n${this.options.method} ${this.options.service.toUpperCase()}/${\n this.options.resource\n }`;\n }\n message += `\\nWEBEX_TRACKING_ID: ${this.options.headers.trackingid}`;\n\n if (body.status) {\n message += `\\nKMS_RESPONSE_STATUS: ${body.status}`;\n }\n if (body.requestId) {\n message += `\\nKMS_REQUEST_ID: ${body.requestId}`;\n }\n\n Object.defineProperties(this, {\n reason: {\n enumerable: false,\n value: body.reason,\n },\n requestId: {\n enumerable: false,\n value: body.requestId,\n },\n status: {\n enumerable: false,\n value: body.status,\n },\n });\n\n return message;\n }\n}\n"],"mappings":";;;;;;;;;;;;;;;;;AAIA;AACA;AAAiD;AAAA;AAEjD;AACA;AACA;AAFA,IAGaA,QAAQ;EAAA;EAAA;EAAA;IAAA;IAAA;EAAA;EAAA;IAAA;IAAA;IAInB;AACF;AACA;AACA;IACE,eAAMC,IAAI,EAAE;MACVA,IAAI,GAAGA,IAAI,CAACA,IAAI,IAAIA,IAAI;MAExB,+BAAwB,IAAI,EAAE;QAC5BA,IAAI,EAAE;UACJC,UAAU,EAAE,KAAK;UACjBC,KAAK,EAAEF;QACT,CAAC;QACDG,MAAM,EAAE;UACNF,UAAU,EAAE,KAAK;UACjBC,KAAK,EAAEF,IAAI,CAACG;QACd,CAAC;QACDC,SAAS,EAAE;UACTH,UAAU,EAAE,KAAK;UACjBC,KAAK,EAAEF,IAAI,CAACI;QACd,CAAC;QACDC,MAAM,EAAE;UACNJ,UAAU,EAAE,KAAK;UACjBC,KAAK,EAAEF,IAAI,CAACK;QACd;MACF,CAAC,CAAC;MAEF,IAAIC,OAAO,GAAG,OAAON,IAAI,KAAK,QAAQ,GAAGA,IAAI,GAAGA,IAAI,CAACG,MAAM;MAE3D,IAAI,CAACG,OAAO,EAAE;QACZA,OAAO,GAAG,IAAI,CAACC,WAAW,CAACC,cAAc;MAC3C;MACA,IAAIR,IAAI,CAACK,MAAM,EAAE;QACfC,OAAO,qCAA8BN,IAAI,CAACK,MAAM,CAAE;MACpD;MACA,IAAIL,IAAI,CAACI,SAAS,EAAE;QAClBE,OAAO,gCAAyBN,IAAI,CAACI,SAAS,CAAE;MAClD;MAEA,OAAOE,OAAO;IAChB;EAAC;EAAA;AAAA,EA3C2BG,iBAAS;AA8CvC;AACA;AACA;AAFA;AAAA,8BA9CaV,QAAQ,oBAEjB,wHAAwH;AAAA,IA+C/GW,eAAe;EAAA;EAAA;EAAA;IAAA;IAAA;EAAA;EAAA;IAAA;IAAA;IAC1B;AACF;AACA;AACA;AACA;IACE,iBAAoC;MAAA,+EAAJ,CAAC,CAAC;QAAA,oBAA3BC,OAAO;QAAPA,OAAO,6BAAG,CAAC,CAAC;QAAEC,OAAO,QAAPA,OAAO;MAC1B,IAAIN,OAAO,4CACTM,OAAO,aAAMA,OAAO,qBAAkB,kBAAkB,CACxD;MAEF,IAAID,OAAO,EAAE;QACX,IAAIA,OAAO,CAACE,MAAM,IAAIF,OAAO,CAACG,GAAG,EAAE;UACjCR,OAAO,6BAAsBK,OAAO,CAACE,MAAM,cAAIF,OAAO,CAACG,GAAG,CAAE;QAC9D;QAEA,IAAIH,OAAO,CAACP,SAAS,EAAE;UACrBE,OAAO,gCAAyBK,OAAO,CAACP,SAAS,CAAE;QACrD;MACF;MAEA,OAAOE,OAAO;IAChB;EAAC;EAAA;AAAA,EAtBkCP,QAAQ;AAyB7C;AACA;AACA;AAFA;AAAA,IAGagB,QAAQ;EAAA;EAAA;EAAA;IAAA;IAAA;EAAA;EAAA;IAAA;IAAA;IAGnB;AACF;AACA;AACA;IACE,eAAMZ,MAAM,EAAE;MACZ,oBAAca,yBAAc,CAACC,SAAS,CAACC,KAAK,EAAE,IAAI,EAAE,CAACf,MAAM,CAACgB,IAAI,CAAC,CAAC;MAClE,IAAMnB,IAAI,GAAGG,MAAM,CAACgB,IAAI,CAACnB,IAAI,CAACM,OAAO;MAErC,IAAIA,OAAO,GAAGN,IAAI,CAACG,MAAM,IAAIH,IAAI;MAEjC,IAAI,CAACM,OAAO,EAAE;QACZA,OAAO,GAAG,IAAI,CAACC,WAAW,CAACC,cAAc;MAC3C;MACA,IAAI,IAAI,CAACY,OAAO,CAACC,GAAG,EAAE;QACpBf,OAAO,gBAAS,IAAI,CAACc,OAAO,CAACP,MAAM,cAAI,IAAI,CAACO,OAAO,CAACC,GAAG,CAAE;MAC3D,CAAC,MAAM,IAAI,IAAI,CAACD,OAAO,CAACN,GAAG,EAAE;QAC3BR,OAAO,gBAAS,IAAI,CAACc,OAAO,CAACP,MAAM,cAAI,IAAI,CAACO,OAAO,CAACN,GAAG,CAAE;MAC3D,CAAC,MAAM;QACLR,OAAO,gBAAS,IAAI,CAACc,OAAO,CAACP,MAAM,cAAI,IAAI,CAACO,OAAO,CAACE,OAAO,CAACC,WAAW,EAAE,cACvE,IAAI,CAACH,OAAO,CAACI,QAAQ,CACrB;MACJ;MACAlB,OAAO,mCAA4B,IAAI,CAACc,OAAO,CAACK,OAAO,CAACC,UAAU,CAAE;MAEpE,IAAI1B,IAAI,CAACK,MAAM,EAAE;QACfC,OAAO,qCAA8BN,IAAI,CAACK,MAAM,CAAE;MACpD;MACA,IAAIL,IAAI,CAACI,SAAS,EAAE;QAClBE,OAAO,gCAAyBN,IAAI,CAACI,SAAS,CAAE;MAClD;MAEA,+BAAwB,IAAI,EAAE;QAC5BD,MAAM,EAAE;UACNF,UAAU,EAAE,KAAK;UACjBC,KAAK,EAAEF,IAAI,CAACG;QACd,CAAC;QACDC,SAAS,EAAE;UACTH,UAAU,EAAE,KAAK;UACjBC,KAAK,EAAEF,IAAI,CAACI;QACd,CAAC;QACDC,MAAM,EAAE;UACNJ,UAAU,EAAE,KAAK;UACjBC,KAAK,EAAEF,IAAI,CAACK;QACd;MACF,CAAC,CAAC;MAEF,OAAOC,OAAO;IAChB;EAAC;EAAA;AAAA,EAlD2BU,yBAAc;AAAA;AAAA,8BAA/BD,QAAQ,oBACK,sEAAsE"}