badmfck-api-server 4.0.2 → 4.0.4
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
|
@@ -38,7 +38,6 @@ class MicroserviceClient extends BaseService_1.BaseService {
|
|
|
38
38
|
const nonce = crypto_1.default.randomBytes(16).toString("hex");
|
|
39
39
|
const headers = {
|
|
40
40
|
"Content-Type": "application/json",
|
|
41
|
-
"x-microservice-id": this.options.id,
|
|
42
41
|
"x-microservice-ts": ts,
|
|
43
42
|
"x-microservice-nonce": nonce
|
|
44
43
|
};
|
|
@@ -69,12 +69,12 @@ class MicroserviceHost extends BaseService_1.BaseService {
|
|
|
69
69
|
const key = crypto_1.default.pbkdf2Sync(secret, salt, 100, 32, "sha256");
|
|
70
70
|
const iv = crypto_1.default.pbkdf2Sync(secret, salt, 100, 16, "sha256");
|
|
71
71
|
const aad = Buffer.from(ts + "." + nonce + "." + this.options.id + "." + this.options.password, "utf8");
|
|
72
|
-
const tag = req.data.tag;
|
|
73
|
-
const
|
|
72
|
+
const tag = Buffer.from(req.data.tag, "base64");
|
|
73
|
+
const enc = Buffer.from(req.data.enc, "base64");
|
|
74
74
|
const decipher = crypto_1.default.createDecipheriv("aes-256-gcm", key, iv);
|
|
75
75
|
decipher.setAAD(aad);
|
|
76
76
|
decipher.setAuthTag(tag);
|
|
77
|
-
const decrypted = Buffer.concat([decipher.update(
|
|
77
|
+
const decrypted = Buffer.concat([decipher.update(enc), decipher.final()]);
|
|
78
78
|
let request = null;
|
|
79
79
|
try {
|
|
80
80
|
request = JSON.parse(decrypted.toString("utf8"));
|
|
@@ -108,6 +108,14 @@ class Validator {
|
|
|
108
108
|
foundKeys.push(i);
|
|
109
109
|
continue;
|
|
110
110
|
}
|
|
111
|
+
if (typeof structure[i] === "object" && Array.isArray(structure[i]) && structure[i].length === 0) {
|
|
112
|
+
foundKeys.push(i);
|
|
113
|
+
continue;
|
|
114
|
+
}
|
|
115
|
+
if (typeof structure[i] === "object" && Object.keys(structure[i]).length === 0) {
|
|
116
|
+
foundKeys.push(i);
|
|
117
|
+
continue;
|
|
118
|
+
}
|
|
111
119
|
let structureOptions = Validator.parseStructureOptions(i, structure);
|
|
112
120
|
if (structureOptions.skip_validation) {
|
|
113
121
|
foundKeys.push(i);
|
|
@@ -270,6 +278,13 @@ class Validator {
|
|
|
270
278
|
if (object[i] > structureOptions.max)
|
|
271
279
|
errors.push("value for field '" + parentPath + i + "' is too big, expected less than " + structureOptions.max + " got: " + object[i]);
|
|
272
280
|
}
|
|
281
|
+
if (typeof structure[i] === "string" && !structureOptions.optional) {
|
|
282
|
+
let min = structureOptions.min || 1;
|
|
283
|
+
if (isNaN(min) || min < 1)
|
|
284
|
+
min = 1;
|
|
285
|
+
if (object[i].toString().trim().length < min)
|
|
286
|
+
errors.push("empty value for field '" + parentPath + i + "'");
|
|
287
|
+
}
|
|
273
288
|
if (typeof object[i] === "string" && structureOptions.min && !isNaN(structureOptions.min)) {
|
|
274
289
|
if (object[i].length < structureOptions.min)
|
|
275
290
|
errors.push("value length for field '" + parentPath + i + "' is too small, expected more than " + structureOptions.min + " got: " + object[i].length);
|
|
@@ -365,6 +380,12 @@ class Validator {
|
|
|
365
380
|
const has = Object.prototype.hasOwnProperty.call(src, k);
|
|
366
381
|
const ov = has ? src[k] : undefined;
|
|
367
382
|
const { optional, skip_validation, default: def } = this.parseStructureOptions(k, structure);
|
|
383
|
+
const ignore = skip_validation || (this.isPlainObject(sv) && Object.keys(sv).length === 0);
|
|
384
|
+
if (ignore) {
|
|
385
|
+
if (has)
|
|
386
|
+
out[k] = ov;
|
|
387
|
+
continue;
|
|
388
|
+
}
|
|
368
389
|
if (!has) {
|
|
369
390
|
if (sv && typeof sv === "object") {
|
|
370
391
|
out[k] = this.syncStructure(sv, this.clone(sv));
|