dce-expresskit 4.0.0-beta.8 → 4.0.0-beta.9
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
|
@@ -165,7 +165,7 @@ exports.signRequest = signRequest;
|
|
|
165
165
|
* @returns parsed and validated params
|
|
166
166
|
*/
|
|
167
167
|
var validateSignedRequest = function (opts) { return __awaiter(void 0, void 0, void 0, function () {
|
|
168
|
-
var signature, timestamp, key, method, path, params, crossServerCredentialCollection, crossServerCredential, allowedScopes, secret, expectedSignature, elapsedMs;
|
|
168
|
+
var signature, timestamp, key, method, path, params, crossServerCredentialCollection, crossServerCredentialMatches, crossServerCredential, allowedScopes, secret, expectedSignature, elapsedMs;
|
|
169
169
|
return __generator(this, function (_a) {
|
|
170
170
|
switch (_a.label) {
|
|
171
171
|
case 0:
|
|
@@ -196,20 +196,18 @@ var validateSignedRequest = function (opts) { return __awaiter(void 0, void 0, v
|
|
|
196
196
|
}
|
|
197
197
|
return [4 /*yield*/, crossServerCredentialCollection.find({ key: key })];
|
|
198
198
|
case 1:
|
|
199
|
-
|
|
200
|
-
|
|
201
|
-
if (!crossServerCredential) {
|
|
199
|
+
crossServerCredentialMatches = _a.sent();
|
|
200
|
+
if (!crossServerCredentialMatches || crossServerCredentialMatches.length === 0) {
|
|
202
201
|
throw new dce_reactkit_1.ErrorWithCode('Could not validate a cross-server request because the credential was not found.', ExpressKitErrorCode_1.default.SignedRequestInvalidCredential);
|
|
203
202
|
}
|
|
203
|
+
crossServerCredential = crossServerCredentialMatches[0];
|
|
204
204
|
allowedScopes = crossServerCredential.scopes;
|
|
205
|
-
console.log('Scopes', allowedScopes);
|
|
206
205
|
if (!allowedScopes || !Array.isArray(allowedScopes) || !allowedScopes.includes(opts.scope)) {
|
|
207
206
|
throw new dce_reactkit_1.ErrorWithCode('Could not validate a cross-server request because the required scope was not approved for the credential.', ExpressKitErrorCode_1.default.SignedRequestInvalidScope);
|
|
208
207
|
}
|
|
209
208
|
return [4 /*yield*/, decrypt(crossServerCredential.encodedeSecret)];
|
|
210
209
|
case 2:
|
|
211
210
|
secret = _a.sent();
|
|
212
|
-
console.log('Decoded secret:', secret);
|
|
213
211
|
return [4 /*yield*/, genSignature({
|
|
214
212
|
method: method,
|
|
215
213
|
path: path,
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"dataSigner.js","sourceRoot":"","sources":["../../src/helpers/dataSigner.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,sBAAsB;AACtB,6CAGsB;AAEtB,eAAe;AACf,oEAAoC;AAEpC,gBAAgB;AAChB,kDAA4B;AAE5B,wBAAwB;AACxB,2CAA0E;AAE1E,sBAAsB;AACtB,qFAA+D;AAG/D,4EAA4E;AAC5E,4EAA4E;AAC5E,4EAA4E;AAE5E;;;;;;;;;GASG;AACH,IAAM,YAAY,GAAG,UACnB,IAKC;;;QAIC,MAAM,GAIJ,IAAI,OAJA,EACN,IAAI,GAGF,IAAI,KAHF,EACJ,MAAM,GAEJ,IAAI,OAFA,EACN,MAAM,GACJ,IAAI,OADA,CACC;QAGH,IAAI,GAAG,MAAM,CAAC,IAAI,CAAC,MAAM,aAAN,MAAM,cAAN,MAAM,GAAI,EAAE,CAAC,CAAC;QACvC,IAAI,CAAC,IAAI,EAAE,CAAC;QACN,aAAa,GAEf,EAAE,CAAC;QACP,IAAI,CAAC,OAAO,CAAC,UAAC,GAAG;YACf,uBAAuB;YACvB,IAAI,GAAG,KAAK,iBAAiB,EAAE,CAAC;gBAC9B,OAAO;YACT,CAAC;YAED,gBAAgB;YAChB,aAAa,CAAC,GAAG,CAAC,GAAG,CAAC,MAAM,aAAN,MAAM,cAAN,MAAM,GAAI,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC;QAC3C,CAAC,CAAC,CAAC;QAEH,yBAAyB;QACzB,sBAAO,kBAAkB,CAAC,yBAAK,CAAC,QAAQ,CACtC,MAAM,aAAN,MAAM,cAAN,MAAM,GAAI,KAAK,EACf,IAAI,aAAJ,IAAI,cAAJ,IAAI,GAAI,SAAS,EACjB,aAAa,EACb,MAAM,CACP,CAAC,EAAC;;KACJ,CAAC;AAEF;;;;;GAKG;AACH,IAAM,OAAO,GAAG,UACd,aAAqB;;;QAMb,yBAAyB,GAAK,OAAO,CAAC,GAAG,0BAAhB,CAAiB;QAClD,IAAI,CAAC,yBAAyB,EAAE,CAAC;YAC/B,MAAM,IAAI,4BAAa,CACrB,qEAAqE,EACrE,6BAAmB,CAAC,mCAAmC,CACxD,CAAC;QACJ,CAAC;QAGK,KAIF,IAAI,CAAC,KAAK,CAAC,kBAAkB,CAAC,aAAa,CAAC,CAAC,EAH/C,UAAU,gBAAA,EACV,EAAE,QAAA,EACF,GAAG,SAAA,CAC6C;QAG5C,QAAQ,GAAG,gBAAM,CAAC,gBAAgB,CACtC,aAAa,EACb,MAAM,CAAC,IAAI,CAAC,yBAAyB,EAAE,QAAQ,CAAC,EAChD,MAAM,CAAC,IAAI,CAAC,EAAE,EAAE,QAAQ,CAAC,CAC1B,CAAC;QAEF,6BAA6B;QAC7B,QAAQ,CAAC,UAAU,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,EAAE,QAAQ,CAAC,CAAC,CAAC;QAG5C,GAAG,GAAG,QAAQ,CAAC,MAAM,CAAC,UAAU,EAAE,QAAQ,EAAE,MAAM,CAAC,CAAC;QACxD,GAAG,IAAI,QAAQ,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;QAE9B,8BAA8B;QAC9B,sBAAO,GAAG,EAAC;;KACZ,CAAC;AAEF,4EAA4E;AAC5E,4EAA4E;AAC5E,4EAA4E;AAE5E;;;;;;;;;;GAUG;AACI,IAAM,WAAW,GAAG,UACzB,IAMC;;;;;gBAGK,MAAM,GAAG,IAAI,CAAC,MAAM,CAAC,WAAW,EAAE,CAAC;gBAEvC,IAAI,GAIF,IAAI,KAJF,EACJ,MAAM,GAGJ,IAAI,OAHA,EACN,GAAG,GAED,IAAI,IAFH,EACH,MAAM,GACJ,IAAI,OADA,CACC;gBAGH,eAAe,yBAGhB,MAAM,KACT,kBAAkB,EAAE,GAAG,EACvB,WAAW,EAAE,IAAI,CAAC,MAAM,EAAE,CAAC,QAAQ,CAAC,EAAE,CAAC,EACvC,eAAe,EAAE,IAAI,CAAC,GAAG,EAAE,GAC5B,CAAC;gBAGgB,qBAAM,YAAY,CAAC;wBACnC,MAAM,QAAA;wBACN,IAAI,MAAA;wBACJ,MAAM,QAAA;wBACN,MAAM,QAAA;qBACP,CAAC,EAAA;;gBALI,SAAS,GAAG,SAKhB;gBAEF,wCAAwC;gBACxC,eAAe,CAAC,eAAe,GAAG,SAAS,CAAC;gBAE5C,8BAA8B;gBAC9B,sBAAO,eAAe,EAAC;;;KACxB,CAAC;AAzCW,QAAA,WAAW,eAyCtB;AAEF;;;;;;;;;GASG;AACI,IAAM,qBAAqB,GAAG,UACnC,IAKC;;;;;gBAED,wCAAwC;gBAExC,oBAAoB;gBACpB,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,eAAe,EAAE,CAAC;oBACjC,MAAM,IAAI,4BAAa,CACrB,yEAAyE,EACzE,6BAAmB,CAAC,mCAAmC,CACxD,CAAC;gBACJ,CAAC;gBACK,SAAS,GAAG,IAAI,CAAC,MAAM,CAAC,eAAe,CAAC;gBAE9C,oBAAoB;gBACpB;gBACE,eAAe;gBACf,CAAC,IAAI,CAAC,MAAM,CAAC,eAAe;oBAC5B,oBAAoB;uBACjB,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,MAAM,CAAC,eAAe,EAAE,EAAE,CAAC,CAAC,EACjE,CAAC;oBACD,MAAM,IAAI,4BAAa,CACrB,+EAA+E,EAC/E,6BAAmB,CAAC,mCAAmC,CACxD,CAAC;gBACJ,CAAC;gBACK,SAAS,GAAG,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,MAAM,CAAC,eAAe,EAAE,EAAE,CAAC,CAAC;gBAEnE,cAAc;gBACd,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,kBAAkB,EAAE,CAAC;oBACpC,MAAM,IAAI,4BAAa,CACrB,4EAA4E,EAC5E,6BAAmB,CAAC,mCAAmC,CACxD,CAAC;gBACJ,CAAC;gBACK,GAAG,GAAG,IAAI,CAAC,MAAM,CAAC,kBAAkB,CAAC;gBAIzC,MAAM,GAGJ,IAAI,OAHA,EACN,IAAI,GAEF,IAAI,KAFF,EACJ,MAAM,GACJ,IAAI,OADA,CACC;gBAKH,+BAA+B,GAAG,IAAA,uDAA0C,GAAE,CAAC;gBACrF,IAAI,CAAC,+BAA+B,EAAE,CAAC;oBACrC,MAAM,IAAI,4BAAa,CACrB,iHAAiH,EACjH,6BAAmB,CAAC,8BAA8B,CACnD,CAAC;gBACJ,CAAC;
|
|
1
|
+
{"version":3,"file":"dataSigner.js","sourceRoot":"","sources":["../../src/helpers/dataSigner.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,sBAAsB;AACtB,6CAGsB;AAEtB,eAAe;AACf,oEAAoC;AAEpC,gBAAgB;AAChB,kDAA4B;AAE5B,wBAAwB;AACxB,2CAA0E;AAE1E,sBAAsB;AACtB,qFAA+D;AAG/D,4EAA4E;AAC5E,4EAA4E;AAC5E,4EAA4E;AAE5E;;;;;;;;;GASG;AACH,IAAM,YAAY,GAAG,UACnB,IAKC;;;QAIC,MAAM,GAIJ,IAAI,OAJA,EACN,IAAI,GAGF,IAAI,KAHF,EACJ,MAAM,GAEJ,IAAI,OAFA,EACN,MAAM,GACJ,IAAI,OADA,CACC;QAGH,IAAI,GAAG,MAAM,CAAC,IAAI,CAAC,MAAM,aAAN,MAAM,cAAN,MAAM,GAAI,EAAE,CAAC,CAAC;QACvC,IAAI,CAAC,IAAI,EAAE,CAAC;QACN,aAAa,GAEf,EAAE,CAAC;QACP,IAAI,CAAC,OAAO,CAAC,UAAC,GAAG;YACf,uBAAuB;YACvB,IAAI,GAAG,KAAK,iBAAiB,EAAE,CAAC;gBAC9B,OAAO;YACT,CAAC;YAED,gBAAgB;YAChB,aAAa,CAAC,GAAG,CAAC,GAAG,CAAC,MAAM,aAAN,MAAM,cAAN,MAAM,GAAI,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC;QAC3C,CAAC,CAAC,CAAC;QAEH,yBAAyB;QACzB,sBAAO,kBAAkB,CAAC,yBAAK,CAAC,QAAQ,CACtC,MAAM,aAAN,MAAM,cAAN,MAAM,GAAI,KAAK,EACf,IAAI,aAAJ,IAAI,cAAJ,IAAI,GAAI,SAAS,EACjB,aAAa,EACb,MAAM,CACP,CAAC,EAAC;;KACJ,CAAC;AAEF;;;;;GAKG;AACH,IAAM,OAAO,GAAG,UACd,aAAqB;;;QAMb,yBAAyB,GAAK,OAAO,CAAC,GAAG,0BAAhB,CAAiB;QAClD,IAAI,CAAC,yBAAyB,EAAE,CAAC;YAC/B,MAAM,IAAI,4BAAa,CACrB,qEAAqE,EACrE,6BAAmB,CAAC,mCAAmC,CACxD,CAAC;QACJ,CAAC;QAGK,KAIF,IAAI,CAAC,KAAK,CAAC,kBAAkB,CAAC,aAAa,CAAC,CAAC,EAH/C,UAAU,gBAAA,EACV,EAAE,QAAA,EACF,GAAG,SAAA,CAC6C;QAG5C,QAAQ,GAAG,gBAAM,CAAC,gBAAgB,CACtC,aAAa,EACb,MAAM,CAAC,IAAI,CAAC,yBAAyB,EAAE,QAAQ,CAAC,EAChD,MAAM,CAAC,IAAI,CAAC,EAAE,EAAE,QAAQ,CAAC,CAC1B,CAAC;QAEF,6BAA6B;QAC7B,QAAQ,CAAC,UAAU,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,EAAE,QAAQ,CAAC,CAAC,CAAC;QAG5C,GAAG,GAAG,QAAQ,CAAC,MAAM,CAAC,UAAU,EAAE,QAAQ,EAAE,MAAM,CAAC,CAAC;QACxD,GAAG,IAAI,QAAQ,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;QAE9B,8BAA8B;QAC9B,sBAAO,GAAG,EAAC;;KACZ,CAAC;AAEF,4EAA4E;AAC5E,4EAA4E;AAC5E,4EAA4E;AAE5E;;;;;;;;;;GAUG;AACI,IAAM,WAAW,GAAG,UACzB,IAMC;;;;;gBAGK,MAAM,GAAG,IAAI,CAAC,MAAM,CAAC,WAAW,EAAE,CAAC;gBAEvC,IAAI,GAIF,IAAI,KAJF,EACJ,MAAM,GAGJ,IAAI,OAHA,EACN,GAAG,GAED,IAAI,IAFH,EACH,MAAM,GACJ,IAAI,OADA,CACC;gBAGH,eAAe,yBAGhB,MAAM,KACT,kBAAkB,EAAE,GAAG,EACvB,WAAW,EAAE,IAAI,CAAC,MAAM,EAAE,CAAC,QAAQ,CAAC,EAAE,CAAC,EACvC,eAAe,EAAE,IAAI,CAAC,GAAG,EAAE,GAC5B,CAAC;gBAGgB,qBAAM,YAAY,CAAC;wBACnC,MAAM,QAAA;wBACN,IAAI,MAAA;wBACJ,MAAM,QAAA;wBACN,MAAM,QAAA;qBACP,CAAC,EAAA;;gBALI,SAAS,GAAG,SAKhB;gBAEF,wCAAwC;gBACxC,eAAe,CAAC,eAAe,GAAG,SAAS,CAAC;gBAE5C,8BAA8B;gBAC9B,sBAAO,eAAe,EAAC;;;KACxB,CAAC;AAzCW,QAAA,WAAW,eAyCtB;AAEF;;;;;;;;;GASG;AACI,IAAM,qBAAqB,GAAG,UACnC,IAKC;;;;;gBAED,wCAAwC;gBAExC,oBAAoB;gBACpB,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,eAAe,EAAE,CAAC;oBACjC,MAAM,IAAI,4BAAa,CACrB,yEAAyE,EACzE,6BAAmB,CAAC,mCAAmC,CACxD,CAAC;gBACJ,CAAC;gBACK,SAAS,GAAG,IAAI,CAAC,MAAM,CAAC,eAAe,CAAC;gBAE9C,oBAAoB;gBACpB;gBACE,eAAe;gBACf,CAAC,IAAI,CAAC,MAAM,CAAC,eAAe;oBAC5B,oBAAoB;uBACjB,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,MAAM,CAAC,eAAe,EAAE,EAAE,CAAC,CAAC,EACjE,CAAC;oBACD,MAAM,IAAI,4BAAa,CACrB,+EAA+E,EAC/E,6BAAmB,CAAC,mCAAmC,CACxD,CAAC;gBACJ,CAAC;gBACK,SAAS,GAAG,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,MAAM,CAAC,eAAe,EAAE,EAAE,CAAC,CAAC;gBAEnE,cAAc;gBACd,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,kBAAkB,EAAE,CAAC;oBACpC,MAAM,IAAI,4BAAa,CACrB,4EAA4E,EAC5E,6BAAmB,CAAC,mCAAmC,CACxD,CAAC;gBACJ,CAAC;gBACK,GAAG,GAAG,IAAI,CAAC,MAAM,CAAC,kBAAkB,CAAC;gBAIzC,MAAM,GAGJ,IAAI,OAHA,EACN,IAAI,GAEF,IAAI,KAFF,EACJ,MAAM,GACJ,IAAI,OADA,CACC;gBAKH,+BAA+B,GAAG,IAAA,uDAA0C,GAAE,CAAC;gBACrF,IAAI,CAAC,+BAA+B,EAAE,CAAC;oBACrC,MAAM,IAAI,4BAAa,CACrB,iHAAiH,EACjH,6BAAmB,CAAC,8BAA8B,CACnD,CAAC;gBACJ,CAAC;gBAG6D,qBAAM,+BAA+B,CAAC,IAAI,CAAC,EAAE,GAAG,KAAA,EAAE,CAAC,EAAA;;gBAA3G,4BAA4B,GAA4B,SAAmD;gBACjH,IAAI,CAAC,4BAA4B,IAAI,4BAA4B,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;oBAC/E,MAAM,IAAI,4BAAa,CACrB,iFAAiF,EACjF,6BAAmB,CAAC,8BAA8B,CACnD,CAAC;gBACJ,CAAC;gBACK,qBAAqB,GAAG,4BAA4B,CAAC,CAAC,CAAC,CAAC;gBAGxD,aAAa,GAAG,qBAAqB,CAAC,MAAM,CAAC;gBACnD,IAAI,CAAC,aAAa,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,aAAa,CAAC,IAAI,CAAC,aAAa,CAAC,QAAQ,CAAC,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC;oBAC3F,MAAM,IAAI,4BAAa,CACrB,2GAA2G,EAC3G,6BAAmB,CAAC,yBAAyB,CAC9C,CAAC;gBACJ,CAAC;gBAGc,qBAAM,OAAO,CAAC,qBAAqB,CAAC,cAAc,CAAC,EAAA;;gBAA5D,MAAM,GAAG,SAAmD;gBAKxC,qBAAM,YAAY,CAAC;wBAC3C,MAAM,QAAA;wBACN,IAAI,MAAA;wBACJ,MAAM,QAAA;wBACN,MAAM,QAAA;qBACP,CAAC,EAAA;;gBALI,iBAAiB,GAAG,SAKxB;gBAEF,iCAAiC;gBACjC,IAAI,SAAS,KAAK,iBAAiB,EAAE,CAAC;oBACpC,MAAM,IAAI,4BAAa,CACrB,gFAAgF,EAChF,6BAAmB,CAAC,6BAA6B,CAClD,CAAC;gBACJ,CAAC;gBAGK,SAAS,GAAG,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,SAAS,CAAC,CAAC;gBACnD,IAAI,SAAS,GAAG,2BAAY,EAAE,CAAC;oBAC7B,MAAM,IAAI,4BAAa,CACrB,4EAA4E,EAC5E,6BAAmB,CAAC,6BAA6B,CAClD,CAAC;gBACJ,CAAC;;;;KACF,CAAC;AA5GW,QAAA,qBAAqB,yBA4GhC"}
|
|
@@ -1,19 +1,21 @@
|
|
|
1
1
|
import express from 'express';
|
|
2
2
|
import { Collection } from 'dce-mango';
|
|
3
|
+
import { Log } from 'dce-reactkit';
|
|
4
|
+
import CrossServerCredential from '../types/CrossServerCredential';
|
|
3
5
|
/**
|
|
4
6
|
* Get log collection
|
|
5
7
|
* @author Gabe Abrams
|
|
6
8
|
* @returns log collection if one was included during launch or null if we don't
|
|
7
9
|
* have a log collection (yet)
|
|
8
10
|
*/
|
|
9
|
-
export declare const internalGetLogCollection: () =>
|
|
11
|
+
export declare const internalGetLogCollection: () => Collection<Log>;
|
|
10
12
|
/**
|
|
11
13
|
* Get cross-server credential collection
|
|
12
14
|
* @author Gabe Abrams
|
|
13
15
|
* @return cross-server credential collection if one was included during launch or null
|
|
14
16
|
* if we don't have a cross-server credential collection (yet)
|
|
15
17
|
*/
|
|
16
|
-
export declare const internalGetCrossServerCredentialCollection: () =>
|
|
18
|
+
export declare const internalGetCrossServerCredentialCollection: () => Collection<CrossServerCredential>;
|
|
17
19
|
/**
|
|
18
20
|
* Prepare dce-reactkit to run on the server
|
|
19
21
|
* @author Gabe Abrams
|
|
@@ -37,7 +39,7 @@ export declare const internalGetCrossServerCredentialCollection: () => any;
|
|
|
37
39
|
declare const initServer: (opts: {
|
|
38
40
|
app: express.Application;
|
|
39
41
|
logReviewAdmins?: (number[] | Collection<any>);
|
|
40
|
-
logCollection?: Collection<
|
|
41
|
-
crossServerCredentialCollection?: Collection<
|
|
42
|
+
logCollection?: Collection<Log>;
|
|
43
|
+
crossServerCredentialCollection?: Collection<CrossServerCredential>;
|
|
42
44
|
}) => void;
|
|
43
45
|
export default initServer;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"initServer.js","sourceRoot":"","sources":["../../src/helpers/initServer.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAMA,sBAAsB;AACtB,
|
|
1
|
+
{"version":3,"file":"initServer.js","sourceRoot":"","sources":["../../src/helpers/initServer.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAMA,sBAAsB;AACtB,6CAQsB;AAEtB,wBAAwB;AACxB,sEAAgD;AAEhD,sBAAsB;AACtB,qFAA+D;AAG/D,0CAA0C;AAC1C,IAAI,cAA+B,CAAC;AAEpC,8DAA8D;AAC9D,IAAI,gCAAmE,CAAC;AAExE,4EAA4E;AAC5E,4EAA4E;AAC5E,4EAA4E;AAE5E;;;;;GAKG;AACI,IAAM,wBAAwB,GAAG;IACtC,OAAO,cAAc,aAAd,cAAc,cAAd,cAAc,GAAI,IAAI,CAAC;AAChC,CAAC,CAAC;AAFW,QAAA,wBAAwB,4BAEnC;AAEF;;;;;GAKG;AACI,IAAM,0CAA0C,GAAG;IACxD,OAAO,gCAAgC,aAAhC,gCAAgC,cAAhC,gCAAgC,GAAI,IAAI,CAAC;AAClD,CAAC,CAAC;AAFW,QAAA,0CAA0C,8CAErD;AAEF,4EAA4E;AAC5E,4EAA4E;AAC5E,4EAA4E;AAE5E;;;;;;;;;;;;;;;;;;;GAmBG;AACH,IAAM,UAAU,GAAG,UACjB,IAKC;IAED,cAAc,GAAG,IAAI,CAAC,aAAa,CAAC;IACpC,gCAAgC,GAAG,IAAI,CAAC,+BAA+B,CAAC;IAExE,4CAA4C;IAC5C,4CAA4C;IAC5C,4CAA4C;IAE5C;;;;;;;;;;;;;;;;;;OAkBG;IACH,IAAI,CAAC,GAAG,CAAC,IAAI,CACX,6BAAc,EACd,IAAA,yBAAe,EAAC;QACd,UAAU,EAAE;YACV,OAAO,EAAE,wBAAS,CAAC,MAAM;YACzB,UAAU,EAAE,wBAAS,CAAC,MAAM;YAC5B,IAAI,EAAE,wBAAS,CAAC,IAAI;YACpB,KAAK,EAAE,wBAAS,CAAC,MAAM;YACvB,QAAQ,EAAE,wBAAS,CAAC,IAAI;YACxB,YAAY,EAAE,wBAAS,CAAC,cAAc;YACtC,SAAS,EAAE,wBAAS,CAAC,cAAc;YACnC,UAAU,EAAE,wBAAS,CAAC,cAAc;YACpC,MAAM,EAAE,wBAAS,CAAC,cAAc;YAChC,MAAM,EAAE,wBAAS,CAAC,cAAc;SACjC;QACD,OAAO,EAAE,UAAC,EAA0B;gBAAxB,MAAM,YAAA,EAAE,cAAc,oBAAA;YAChC,kBAAkB;YAClB,IAAM,OAAO,GAA+B,CAC1C,CAAC,MAAM,CAAC,YAAY,IAAI,MAAM,CAAC,SAAS,IAAI,MAAM,CAAC,UAAU,CAAC;gBAC5D,QAAQ;gBACR,CAAC,CAAC;oBACA,OAAO,EAAE,MAAM,CAAC,OAAO;oBACvB,UAAU,EAAE,MAAM,CAAC,UAAU;oBAC7B,IAAI,EAAE,MAAM,CAAC,IAAI;oBACjB,KAAK,EAAE,MAAM,CAAC,KAAK;oBACnB,QAAQ,EAAE,MAAM,CAAC,QAAQ;oBACzB,KAAK,EAAE;wBACL,OAAO,EAAE,MAAM,CAAC,YAAY;wBAC5B,IAAI,EAAE,MAAM,CAAC,SAAS;wBACtB,KAAK,EAAE,MAAM,CAAC,UAAU;qBACzB;iBACF;gBACD,SAAS;gBACT,CAAC,CAAC;oBACA,OAAO,EAAE,MAAM,CAAC,OAAO;oBACvB,UAAU,EAAE,MAAM,CAAC,UAAU;oBAC7B,IAAI,EAAE,MAAM,CAAC,IAAI;oBACjB,KAAK,EAAE,MAAM,CAAC,KAAK;oBACnB,QAAQ,EAAE,MAAM,CAAC,QAAQ;oBACzB,MAAM,EAAE,MAAM,CAAC,MAAM;oBACrB,MAAM,EAAE,MAAM,CAAC,MAAM;iBACtB,CACJ,CAAC;YAEF,kDAAkD;YAClD,IAAM,uBAAuB,yBACxB,OAAO,KACV,qBAAqB,EAAE,IAAI,GAC5B,CAAC;YAEF,gBAAgB;YAChB,IAAM,GAAG,GAAG,cAAc,CAAC,uBAAuB,CAAC,CAAC;YAEpD,SAAS;YACT,OAAO,GAAG,CAAC;QACb,CAAC;KACF,CAAC,CACH,CAAC;IAEF,4CAA4C;IAC5C,4CAA4C;IAC5C,4CAA4C;IAE5C;;;;;;OAMG;IACH,IAAM,aAAa,GAAG,UACpB,MAAc,EACd,OAAgB;;;;;oBAEhB,kDAAkD;oBAClD,IAAI,CAAC,OAAO,EAAE,CAAC;wBACb,sBAAO,KAAK,EAAC;oBACf,CAAC;oBAED,wCAAwC;oBACxC,IAAI,CAAC,IAAI,CAAC,eAAe,EAAE,CAAC;wBAC1B,sBAAO,IAAI,EAAC;oBACd,CAAC;;;;oBAIC,mBAAmB;oBACnB,IAAI,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,eAAe,CAAC,EAAE,CAAC;wBACxC,sBAAO,IAAI,CAAC,eAAe,CAAC,IAAI,CAAC,UAAC,SAAS;gCACzC,OAAO,CAAC,MAAM,KAAK,SAAS,CAAC,CAAC;4BAChC,CAAC,CAAC,EAAC;oBACL,CAAC;oBAGe,qBAAM,IAAI,CAAC,eAAe,CAAC,IAAI,CAAC,EAAE,MAAM,QAAA,EAAE,CAAC,EAAA;;oBAArD,OAAO,GAAG,SAA2C;oBAE3D,uCAAuC;oBACvC,sBAAO,OAAO,CAAC,MAAM,GAAG,CAAC,EAAC;;;oBAE1B,4CAA4C;oBAC5C,sBAAO,KAAK,EAAC;;;;SAEhB,CAAC;IAEF;;;;OAIG;IACH,IAAI,CAAC,GAAG,CAAC,GAAG,CACV,sCAAuB,EACvB,IAAA,yBAAe,EAAC;QACd,OAAO,EAAE,iEAAO,EAAU;;gBAAR,MAAM,YAAA;;;;wBACd,MAAM,GAAc,MAAM,OAApB,EAAE,OAAO,GAAK,MAAM,QAAX,CAAY;wBACjB,qBAAM,aAAa,CAAC,MAAM,EAAE,OAAO,CAAC,EAAA;;wBAAhD,SAAS,GAAG,SAAoC;wBACtD,sBAAO,SAAS,EAAC;;;aAClB;KACF,CAAC,CACH,CAAC;IAEF;;;;;;OAMG;IACH,IAAI,CAAC,GAAG,CAAC,GAAG,CACV,UAAG,2CAA4B,+BAA4B,EAC3D,IAAA,yBAAe,EAAC;QACd,UAAU,EAAE;YACV,IAAI,EAAE,wBAAS,CAAC,GAAG;YACnB,KAAK,EAAE,wBAAS,CAAC,GAAG;YACpB,UAAU,EAAE,wBAAS,CAAC,GAAG;SAC1B;QACD,OAAO,EAAE,iEAAO,EAAU;;gBAAR,MAAM,YAAA;;;;wBAGpB,IAAI,GAKF,MAAM,KALJ,EACJ,KAAK,GAIH,MAAM,MAJH,EACL,UAAU,GAGR,MAAM,WAHE,EACV,MAAM,GAEJ,MAAM,OAFF,EACN,OAAO,GACL,MAAM,QADD,CACE;wBAGO,qBAAM,aAAa,CAAC,MAAM,EAAE,OAAO,CAAC,EAAA;;wBAAhD,SAAS,GAAG,SAAoC;wBACtD,IAAI,CAAC,SAAS,EAAE,CAAC;4BACf,MAAM,IAAI,4BAAa,CACrB,sFAAsF,EACtF,6BAAmB,CAAC,sBAAsB,CAC3C,CAAC;wBACJ,CAAC;wBAGgB,qBAAM,cAAc,CAAC,SAAS,CAAC;gCAC9C,KAAK,EAAE;oCACL,IAAI,MAAA;oCACJ,KAAK,OAAA;iCACN;gCACD,OAAO,EAAE,IAAI;gCACb,UAAU,YAAA;6BACX,CAAC,EAAA;;wBAPI,QAAQ,GAAG,SAOf;wBAEF,kBAAkB;wBAClB,sBAAO,QAAQ,EAAC;;;aACjB;KACF,CAAC,CACH,CAAC;AACJ,CAAC,CAAC;AAEF,kBAAe,UAAU,CAAC"}
|
package/package.json
CHANGED
|
@@ -247,18 +247,17 @@ export const validateSignedRequest = async (
|
|
|
247
247
|
}
|
|
248
248
|
|
|
249
249
|
// Get the cross-server credential
|
|
250
|
-
const
|
|
251
|
-
|
|
252
|
-
if (!crossServerCredential) {
|
|
250
|
+
const crossServerCredentialMatches: CrossServerCredential[] = await crossServerCredentialCollection.find({ key });
|
|
251
|
+
if (!crossServerCredentialMatches || crossServerCredentialMatches.length === 0) {
|
|
253
252
|
throw new ErrorWithCode(
|
|
254
253
|
'Could not validate a cross-server request because the credential was not found.',
|
|
255
254
|
ExpressKitErrorCode.SignedRequestInvalidCredential,
|
|
256
255
|
);
|
|
257
256
|
}
|
|
257
|
+
const crossServerCredential = crossServerCredentialMatches[0];
|
|
258
258
|
|
|
259
259
|
// Make sure the scope is included
|
|
260
260
|
const allowedScopes = crossServerCredential.scopes;
|
|
261
|
-
console.log('Scopes', allowedScopes);
|
|
262
261
|
if (!allowedScopes || !Array.isArray(allowedScopes) || !allowedScopes.includes(opts.scope)) {
|
|
263
262
|
throw new ErrorWithCode(
|
|
264
263
|
'Could not validate a cross-server request because the required scope was not approved for the credential.',
|
|
@@ -268,7 +267,6 @@ export const validateSignedRequest = async (
|
|
|
268
267
|
|
|
269
268
|
// Decode the secret
|
|
270
269
|
const secret = await decrypt(crossServerCredential.encodedeSecret);
|
|
271
|
-
console.log('Decoded secret:', secret);
|
|
272
270
|
|
|
273
271
|
/* -------- Verify Signature -------- */
|
|
274
272
|
|
|
@@ -12,6 +12,7 @@ import {
|
|
|
12
12
|
LOG_REVIEW_ROUTE_PATH_PREFIX,
|
|
13
13
|
LOG_ROUTE_PATH,
|
|
14
14
|
LOG_REVIEW_STATUS_ROUTE,
|
|
15
|
+
Log,
|
|
15
16
|
} from 'dce-reactkit';
|
|
16
17
|
|
|
17
18
|
// Import shared helpers
|
|
@@ -19,12 +20,13 @@ import genRouteHandler from './genRouteHandler';
|
|
|
19
20
|
|
|
20
21
|
// Import shared types
|
|
21
22
|
import ExpressKitErrorCode from '../types/ExpressKitErrorCode';
|
|
23
|
+
import CrossServerCredential from '../types/CrossServerCredential';
|
|
22
24
|
|
|
23
25
|
// Stored copy of dce-mango log collection
|
|
24
|
-
let _logCollection:
|
|
26
|
+
let _logCollection: Collection<Log>;
|
|
25
27
|
|
|
26
28
|
// Stored copy of dce-mango cross-server credential collection
|
|
27
|
-
let _crossServerCredentialCollection:
|
|
29
|
+
let _crossServerCredentialCollection: Collection<CrossServerCredential>;
|
|
28
30
|
|
|
29
31
|
/*------------------------------------------------------------------------*/
|
|
30
32
|
/* Helpers */
|
|
@@ -78,8 +80,8 @@ const initServer = (
|
|
|
78
80
|
opts: {
|
|
79
81
|
app: express.Application,
|
|
80
82
|
logReviewAdmins?: (number[] | Collection<any>),
|
|
81
|
-
logCollection?: Collection<
|
|
82
|
-
crossServerCredentialCollection?: Collection<
|
|
83
|
+
logCollection?: Collection<Log>,
|
|
84
|
+
crossServerCredentialCollection?: Collection<CrossServerCredential>,
|
|
83
85
|
},
|
|
84
86
|
) => {
|
|
85
87
|
_logCollection = opts.logCollection;
|