k2hr3-api 1.0.41 → 2.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (149) hide show
  1. package/config/k2hr3-init.sh.templ +2 -2
  2. package/dist/.gitkeep +0 -0
  3. package/dist/src/app.js +262 -0
  4. package/{bin → dist/src/bin}/run.sh +1 -1
  5. package/dist/src/bin/watcher.js +113 -0
  6. package/dist/src/bin/www.js +217 -0
  7. package/dist/src/lib/basicipcheck.js +392 -0
  8. package/dist/src/lib/cacerts.js +106 -0
  9. package/dist/src/lib/dbglogging.js +190 -0
  10. package/dist/src/lib/dummyuserapi.js +719 -0
  11. package/dist/src/lib/ipwatch.js +354 -0
  12. package/dist/src/lib/k2hr3acrutil.js +532 -0
  13. package/dist/src/lib/k2hr3apiutil.js +1444 -0
  14. package/dist/src/lib/k2hr3cliutil.js +183 -0
  15. package/dist/src/lib/k2hr3config.js +832 -0
  16. package/dist/src/lib/k2hr3cryptutil.js +258 -0
  17. package/dist/src/lib/k2hr3dkc.js +12121 -0
  18. package/dist/src/lib/k2hr3extdata.js +198 -0
  19. package/dist/src/lib/k2hr3keys.js +207 -0
  20. package/dist/src/lib/k2hr3resutil.js +111 -0
  21. package/dist/src/lib/k2hr3template.js +6546 -0
  22. package/dist/src/lib/k2hr3tokens.js +2643 -0
  23. package/dist/src/lib/k2hr3userdata.js +296 -0
  24. package/dist/src/lib/k8soidc.js +1000 -0
  25. package/dist/src/lib/openstackapiv2.js +695 -0
  26. package/dist/src/lib/openstackapiv3.js +932 -0
  27. package/dist/src/lib/openstackep.js +667 -0
  28. package/{tests/auto_common.js → dist/src/lib/types.js} +4 -38
  29. package/dist/src/routes/acr.js +704 -0
  30. package/dist/src/routes/debugVerify.js +294 -0
  31. package/dist/src/routes/extdata.js +219 -0
  32. package/dist/src/routes/list.js +264 -0
  33. package/dist/src/routes/policy.js +840 -0
  34. package/dist/src/routes/resource.js +1489 -0
  35. package/dist/src/routes/role.js +2627 -0
  36. package/dist/src/routes/service.js +908 -0
  37. package/dist/src/routes/tenant.js +1141 -0
  38. package/dist/src/routes/userTokens.js +482 -0
  39. package/dist/src/routes/userdata.js +212 -0
  40. package/dist/src/routes/version.js +103 -0
  41. package/package.json +152 -121
  42. package/ChangeLog +0 -372
  43. package/app.js +0 -292
  44. package/bin/watcher +0 -122
  45. package/bin/www +0 -180
  46. package/eslint.config.mjs +0 -68
  47. package/lib/basicipcheck.js +0 -376
  48. package/lib/cacerts.js +0 -71
  49. package/lib/dbglogging.js +0 -151
  50. package/lib/dummyuserapi.js +0 -766
  51. package/lib/ipwatch.js +0 -379
  52. package/lib/k2hr3acrutil.js +0 -516
  53. package/lib/k2hr3apiutil.js +0 -1494
  54. package/lib/k2hr3cliutil.js +0 -191
  55. package/lib/k2hr3config.js +0 -826
  56. package/lib/k2hr3cryptutil.js +0 -254
  57. package/lib/k2hr3dkc.js +0 -12632
  58. package/lib/k2hr3extdata.js +0 -198
  59. package/lib/k2hr3keys.js +0 -234
  60. package/lib/k2hr3resutil.js +0 -100
  61. package/lib/k2hr3template.js +0 -6925
  62. package/lib/k2hr3tokens.js +0 -2799
  63. package/lib/k2hr3userdata.js +0 -312
  64. package/lib/k8soidc.js +0 -1012
  65. package/lib/openstackapiv2.js +0 -764
  66. package/lib/openstackapiv3.js +0 -1032
  67. package/lib/openstackep.js +0 -553
  68. package/routes/acr.js +0 -738
  69. package/routes/debugVerify.js +0 -263
  70. package/routes/extdata.js +0 -232
  71. package/routes/list.js +0 -270
  72. package/routes/policy.js +0 -869
  73. package/routes/resource.js +0 -1441
  74. package/routes/role.js +0 -2664
  75. package/routes/service.js +0 -894
  76. package/routes/tenant.js +0 -1095
  77. package/routes/userTokens.js +0 -511
  78. package/routes/userdata.js +0 -218
  79. package/routes/version.js +0 -108
  80. package/templ/Dockerfile.templ +0 -71
  81. package/tests/auto_acr.js +0 -1101
  82. package/tests/auto_acr_spec.js +0 -79
  83. package/tests/auto_all_spec.js +0 -142
  84. package/tests/auto_control_subprocess.sh +0 -243
  85. package/tests/auto_extdata.js +0 -220
  86. package/tests/auto_extdata_spec.js +0 -79
  87. package/tests/auto_init_config_json.sh +0 -275
  88. package/tests/auto_k2hdkc_server.ini +0 -109
  89. package/tests/auto_k2hdkc_slave.ini +0 -83
  90. package/tests/auto_list.js +0 -439
  91. package/tests/auto_list_spec.js +0 -79
  92. package/tests/auto_policy.js +0 -1579
  93. package/tests/auto_policy_spec.js +0 -79
  94. package/tests/auto_resource.js +0 -10956
  95. package/tests/auto_resource_spec.js +0 -79
  96. package/tests/auto_role.js +0 -6150
  97. package/tests/auto_role_spec.js +0 -79
  98. package/tests/auto_service.js +0 -770
  99. package/tests/auto_service_spec.js +0 -79
  100. package/tests/auto_subprocesses.js +0 -114
  101. package/tests/auto_template.sh +0 -126
  102. package/tests/auto_tenant.js +0 -1100
  103. package/tests/auto_tenant_spec.js +0 -79
  104. package/tests/auto_token_util.js +0 -219
  105. package/tests/auto_userdata.js +0 -292
  106. package/tests/auto_userdata_spec.js +0 -79
  107. package/tests/auto_usertokens.js +0 -565
  108. package/tests/auto_usertokens_spec.js +0 -79
  109. package/tests/auto_version.js +0 -127
  110. package/tests/auto_version_spec.js +0 -79
  111. package/tests/auto_watcher.js +0 -157
  112. package/tests/auto_watcher_spec.js +0 -79
  113. package/tests/k2hdkc_test.data +0 -986
  114. package/tests/k2hdkc_test_load.sh +0 -255
  115. package/tests/k2hr3template_test.js +0 -187
  116. package/tests/k2hr3template_test.sh +0 -339
  117. package/tests/k2hr3template_test_async.js +0 -216
  118. package/tests/k2hr3template_test_template.result +0 -7117
  119. package/tests/k2hr3template_test_template.txt +0 -3608
  120. package/tests/k2hr3template_test_vars.js +0 -194
  121. package/tests/manual_acr_delete.js +0 -143
  122. package/tests/manual_acr_get.js +0 -297
  123. package/tests/manual_acr_postput.js +0 -215
  124. package/tests/manual_allusertenant_get.js +0 -113
  125. package/tests/manual_extdata_get.js +0 -191
  126. package/tests/manual_k2hr3keys_get.js +0 -84
  127. package/tests/manual_list_gethead.js +0 -230
  128. package/tests/manual_policy_delete.js +0 -132
  129. package/tests/manual_policy_gethead.js +0 -275
  130. package/tests/manual_policy_postput.js +0 -297
  131. package/tests/manual_resource_delete.js +0 -433
  132. package/tests/manual_resource_gethead.js +0 -423
  133. package/tests/manual_resource_postput.js +0 -487
  134. package/tests/manual_role_delete.js +0 -404
  135. package/tests/manual_role_gethead.js +0 -547
  136. package/tests/manual_role_postput.js +0 -544
  137. package/tests/manual_service_delete.js +0 -153
  138. package/tests/manual_service_gethead.js +0 -178
  139. package/tests/manual_service_postput.js +0 -348
  140. package/tests/manual_tenant_delete.js +0 -186
  141. package/tests/manual_tenant_gethead.js +0 -268
  142. package/tests/manual_tenant_postput.js +0 -293
  143. package/tests/manual_test.sh +0 -352
  144. package/tests/manual_userdata_get.js +0 -173
  145. package/tests/manual_usertoken_gethead.js +0 -136
  146. package/tests/manual_usertoken_postput.js +0 -310
  147. package/tests/manual_version_get.js +0 -127
  148. package/tests/run_local_test_k2hdkc.sh +0 -174
  149. package/tests/test.sh +0 -333
package/dist/src/lib/k2hr3cryptutil.js ADDED
@@ -0,0 +1,258 @@
1
+ "use strict";
2
+ /*
3
+ * K2HR3 REST API
4
+ *
5
+ * Copyright 2018 Yahoo Japan Corporation.
6
+ *
7
+ * K2HR3 is K2hdkc based Resource and Roles and policy Rules, gathers
8
+ * common management information for the cloud.
9
+ * K2HR3 can dynamically manage information as "who", "what", "operate".
10
+ * These are stored as roles, resources, policies in K2hdkc, and the
11
+ * client system can dynamically read and modify these information.
12
+ *
13
+ * For the full copyright and license information, please view
14
+ * the license file that was distributed with this source code.
15
+ *
16
+ * AUTHOR: Takeshi Nakatani
17
+ * CREATE: Tue Oct 2 2018
18
+ * REVISION:
19
+ *
20
+ */
21
+ var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
22
+ if (k2 === undefined) k2 = k;
23
+ var desc = Object.getOwnPropertyDescriptor(m, k);
24
+ if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
25
+ desc = { enumerable: true, get: function() { return m[k]; } };
26
+ }
27
+ Object.defineProperty(o, k2, desc);
28
+ }) : (function(o, m, k, k2) {
29
+ if (k2 === undefined) k2 = k;
30
+ o[k2] = m[k];
31
+ }));
32
+ var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
33
+ Object.defineProperty(o, "default", { enumerable: true, value: v });
34
+ }) : function(o, v) {
35
+ o["default"] = v;
36
+ });
37
+ var __importStar = (this && this.__importStar) || (function () {
38
+ var ownKeys = function(o) {
39
+ ownKeys = Object.getOwnPropertyNames || function (o) {
40
+ var ar = [];
41
+ for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
42
+ return ar;
43
+ };
44
+ return ownKeys(o);
45
+ };
46
+ return function (mod) {
47
+ if (mod && mod.__esModule) return mod;
48
+ var result = {};
49
+ if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
50
+ __setModuleDefault(result, mod);
51
+ return result;
52
+ };
53
+ })();
54
+ var __importDefault = (this && this.__importDefault) || function (mod) {
55
+ return (mod && mod.__esModule) ? mod : { "default": mod };
56
+ };
57
+ Object.defineProperty(exports, "__esModule", { value: true });
58
+ exports.k2hr3cryptutil = void 0;
59
+ const crypto = __importStar(require("crypto"));
60
+ const zlib = __importStar(require("zlib"));
61
+ const k2hr3apiutil_1 = __importDefault(require("./k2hr3apiutil"));
62
+ const dbglogging_1 = __importDefault(require("./dbglogging"));
63
+ const crypto_1 = require("crypto");
64
+ //---------------------------------------------------------
65
+ // Crypt for using in registering role member
66
+ //---------------------------------------------------------
67
+ // These utility functions are used by URL parameter for
68
+ // registering role member. The registering role member
69
+ // parameter is string which is encoded URI/JSON and encrypted.
70
+ // We use following functions for this logic.
71
+ //
72
+ const rawR3Encrypt = (str, passphrase, algorithm) => {
73
+ if (!k2hr3apiutil_1.default.isSafeString(str)) {
74
+ dbglogging_1.default.elog('The target string for encrypting is empty or not string.');
75
+ return null;
76
+ }
77
+ if (!k2hr3apiutil_1.default.isSafeString(passphrase)) {
78
+ dbglogging_1.default.elog('The pass phrase string is empty or not string.');
79
+ return null;
80
+ }
81
+ if (!k2hr3apiutil_1.default.isSafeString(algorithm)) {
82
+ dbglogging_1.default.elog('The algorithm cipher string is empty or not string.');
83
+ return null;
84
+ }
85
+ try {
86
+ // [NOTE] crypto.createCipher is deprecated
87
+ //
88
+ // Previously, the encoding was as follows, but this method is not used now.
89
+ // var cipherObj = crypto.createCipher(algorithm, passphrase);
90
+ // var cryptedStr = cipherObj.update(str, 'utf8', 'base64');
91
+ // cryptedStr += cipherObj.final('base64');
92
+ //
93
+ const initVector = crypto.randomBytes(16);
94
+ const pass2pbkdf = crypto.pbkdf2Sync(passphrase, initVector.toString(), 10000, 32, 'sha512');
95
+ const cipherObj = crypto.createCipheriv(algorithm, pass2pbkdf, initVector);
96
+ const cryptedMix = Buffer.concat([initVector, Buffer.from(':'), cipherObj.update(Buffer.from(str)), cipherObj.final()]);
97
+ const cryptedStr = cryptedMix.toString('base64');
98
+ // [NOTE]
99
+ // Use encodeURIComponent() instead of encodeURI() because we need to
100
+ // convert '/', '?', ':' characters.
101
+ return encodeURIComponent(cryptedStr);
102
+ }
103
+ catch (exception) {
104
+ dbglogging_1.default.dlog(JSON.stringify(exception));
105
+ return null;
106
+ }
107
+ };
108
+ const rawR3EncryptJSON = (obj, passphrase, algorithm) => {
109
+ if (!k2hr3apiutil_1.default.isSafeEntity(obj)) {
110
+ dbglogging_1.default.elog('The object is something wrong.');
111
+ return null;
112
+ }
113
+ return rawR3Encrypt(JSON.stringify(obj), passphrase, algorithm);
114
+ };
115
+ const rawR3Decrypt = (str, passphrase, algorithm) => {
116
+ if (!k2hr3apiutil_1.default.isSafeString(str)) {
117
+ dbglogging_1.default.elog('The target string for encrypting is empty or not string.');
118
+ return null;
119
+ }
120
+ if (!k2hr3apiutil_1.default.isSafeString(passphrase)) {
121
+ dbglogging_1.default.elog('The pass phrase string is empty or not string.');
122
+ return null;
123
+ }
124
+ if (!k2hr3apiutil_1.default.isSafeString(algorithm)) {
125
+ dbglogging_1.default.elog('The algorithm cipher string is empty or not string.');
126
+ return null;
127
+ }
128
+ try {
129
+ // [NOTE]
130
+ // Use encodeURIComponent() instead of encodeURI() because we need to
131
+ // convert '/', '?', ':' characters.
132
+ const decodeStr = decodeURIComponent(str);
133
+ const decodeMix = Buffer.from(decodeStr, 'base64');
134
+ let decryptedStr;
135
+ if (decodeMix.slice(16, 17).toString() === ':') {
136
+ const initVector = decodeMix.slice(0, 16);
137
+ const pass2pbkdf = crypto.pbkdf2Sync(passphrase, initVector.toString(), 10000, 32, 'sha512');
138
+ const decipherObj = crypto.createDecipheriv(algorithm, pass2pbkdf, initVector);
139
+ const decryptedBuf = Buffer.concat([decipherObj.update(decodeMix.slice(17)), decipherObj.final()]);
140
+ decryptedStr = decryptedBuf.toString();
141
+ }
142
+ else {
143
+ // [NOTE][TODO]
144
+ // Changed from createDecipher to createDecipheriv.
145
+ // To maintain compatibility, the iv value is filled with 0.
146
+ // We plan to change this so that it can be set to a value other than 0 in the future.
147
+ //
148
+ const key = (0, crypto_1.scryptSync)(passphrase, 'salt', 32); // 32 byte
149
+ const iv = Buffer.alloc(16, 0); // [NOTE] full all with 0, so we should change this code.
150
+ const cipherObj = (0, crypto_1.createDecipheriv)(algorithm, key, iv);
151
+ decryptedStr = cipherObj.update(decodeStr, 'base64', 'utf8');
152
+ decryptedStr += cipherObj.final('utf8');
153
+ }
154
+ return decryptedStr;
155
+ }
156
+ catch (exception) {
157
+ dbglogging_1.default.dlog(JSON.stringify(exception));
158
+ return null;
159
+ }
160
+ };
161
+ const rawR3DecryptJSON = (str, passphrase, algorithm) => {
162
+ const decStr = rawR3Decrypt(str, passphrase, algorithm);
163
+ if (!k2hr3apiutil_1.default.isSafeString(decStr)) {
164
+ return null;
165
+ }
166
+ if (!k2hr3apiutil_1.default.checkSimpleJSON(decStr)) {
167
+ dbglogging_1.default.elog('The decripted string(' + k2hr3apiutil_1.default.getSafeString(decStr) + ') is not JSON string.');
168
+ return null;
169
+ }
170
+ return k2hr3apiutil_1.default.parseJSON(decStr);
171
+ };
172
+ const rawR3Gzip = (str, callback) => {
173
+ if (!k2hr3apiutil_1.default.isSafeString(str)) {
174
+ // not allow empty string('') too.
175
+ dbglogging_1.default.elog('string parameter is empty.');
176
+ return null;
177
+ }
178
+ if (!k2hr3apiutil_1.default.isSafeEntity(callback)) {
179
+ // sync type
180
+ const _data = zlib.gzipSync(str);
181
+ const _length = _data.length;
182
+ const result = {
183
+ data: _data,
184
+ length: _length
185
+ };
186
+ return result;
187
+ }
188
+ else if (!k2hr3apiutil_1.default.isFunction(callback)) {
189
+ // error
190
+ dbglogging_1.default.elog('callback parameter is not function.');
191
+ return null;
192
+ }
193
+ else {
194
+ // callback type
195
+ const _callback = callback;
196
+ zlib.gzip(str, (error, binary) => {
197
+ if (error || !binary) {
198
+ dbglogging_1.default.elog('failed to compress(zip) string by ' + (error?.message ? error.message : ''));
199
+ return _callback(error);
200
+ }
201
+ const result = {
202
+ data: binary,
203
+ length: binary.length
204
+ };
205
+ _callback(null, result);
206
+ });
207
+ }
208
+ };
209
+ const rawR3Gunzip = (bin, callback) => {
210
+ if (!k2hr3apiutil_1.default.isSafeEntity(bin) || !(bin instanceof Buffer)) {
211
+ // not allow empty string('') too.
212
+ dbglogging_1.default.elog('binary parameter is not instance of Buffer.');
213
+ return null;
214
+ }
215
+ if (!k2hr3apiutil_1.default.isSafeEntity(callback)) {
216
+ // sync type
217
+ return zlib.gunzipSync(bin).toString();
218
+ }
219
+ else if (!k2hr3apiutil_1.default.isFunction(callback)) {
220
+ // error
221
+ dbglogging_1.default.elog('callback parameter is not function.');
222
+ return null;
223
+ }
224
+ else {
225
+ // callback type
226
+ const _callback = callback;
227
+ zlib.gunzip(bin, (error, binary) => {
228
+ if (error || !binary) {
229
+ dbglogging_1.default.elog('failed to decompress(unzip) binary by ' + (error?.message ? error.message : ''));
230
+ return _callback(error);
231
+ }
232
+ _callback(null, binary.toString());
233
+ });
234
+ }
235
+ };
236
+ //---------------------------------------------------------
237
+ // Exports
238
+ //---------------------------------------------------------
239
+ //
240
+ // Functions
241
+ //
242
+ exports.k2hr3cryptutil = {
243
+ r3Encrypt: rawR3Encrypt,
244
+ r3EncryptJSON: rawR3EncryptJSON,
245
+ r3Decrypt: rawR3Decrypt,
246
+ r3DecryptJSON: rawR3DecryptJSON,
247
+ r3Gzip: rawR3Gzip,
248
+ r3Gunzip: rawR3Gunzip
249
+ };
250
+ exports.default = exports.k2hr3cryptutil;
251
+ /*
252
+ * Local variables:
253
+ * tab-width: 4
254
+ * c-basic-offset: 4
255
+ * End:
256
+ * vim600: noexpandtab sw=4 ts=4 fdm=marker
257
+ * vim<600: noexpandtab sw=4 ts=4
258
+ */