vvauth 0.3.3 → 0.3.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (2) hide show
  1. package/index.js +11 -12
  2. package/package.json +3 -3
package/index.js CHANGED
@@ -5,12 +5,10 @@ const os = require('os');
5
5
  const fs = require('fs');
6
6
  const path = require('path');
7
7
  const url = require('url');
8
- const net = require('net');
9
8
  const {spawn} = require('child_process');
10
9
 
11
10
  const {parse} = require('yaml');
12
11
  const semver = require('semver');
13
- const SSHAgent = require('ssh-agent-js/client');
14
12
  const trim = require('mout/string/trim');
15
13
  const get = require('mout/object/get');
16
14
  const eachLimit = require('nyks/async/eachLimit');
@@ -19,7 +17,9 @@ const walk = require('nyks/object/walk');
19
17
  const request = require('nyks/http/request');
20
18
  const drain = require('nyks/stream/drain');
21
19
  const replaceEnv = require('nyks/string/replaceEnv');
20
+ const promiser = require('nyks/function/promiser');
22
21
 
22
+ const {OpenSSHAgent} = require('ssh2/lib/agent');
23
23
  const debug = require('debug');
24
24
 
25
25
  const logger = {
@@ -174,13 +174,14 @@ class vvauth {
174
174
 
175
175
  async _login_vault_ssh({path = 'ssh', role}) {
176
176
  logger.info("Trying to auth as '%s'", role);
177
- let sock;
178
- await new Promise(resolve => (sock = net.connect(process.env.SSH_AUTH_SOCK, resolve)));
179
- let agent = new SSHAgent(sock);
180
- let keys = Object.values(await agent.list_keys());
177
+
178
+
179
+ let agent = new OpenSSHAgent(process.env.SSH_AUTH_SOCK);
180
+ let keys = await promiser(chain => agent.getIdentities(chain));
181
+
181
182
 
182
183
  let token;
183
- await eachLimit(keys, 1, async ({type, ssh_key, fingerprint, comment}) => {
184
+ await eachLimit(keys, 1, async (pubKey) => {
184
185
  if(token)
185
186
  return;
186
187
 
@@ -189,18 +190,16 @@ class vvauth {
189
190
  let res = await request(query);
190
191
  let {data : {nonce}} = JSON.parse(String(await drain(res)));
191
192
 
192
- const public_key = `${type} ${ssh_key}`;
193
- const {signature} = await agent.sign(fingerprint, Buffer.from(nonce));
194
-
193
+ const signature = (await promiser(chain => agent.sign(pubKey, Buffer.from(nonce), {}, chain))).toString('base64');
194
+ const public_key = pubKey.type + ' ' + pubKey.getPublicSSH().toString('base64');
195
195
  const payload = {public_key, role, nonce : Buffer.from(nonce).toString('base64'), signature};
196
196
  try {
197
197
  token = await this._login_vault(path, payload);
198
198
  } catch(err) {
199
- logger.debug("ssh : invalid challenge for public key", comment);
199
+ logger.debug("ssh : invalid challenge for public key", pubKey.comment);
200
200
  }
201
201
  });
202
202
 
203
- sock.destroy();
204
203
 
205
204
  if(!token)
206
205
  throw `Could not login to vault`;
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "vvauth",
3
- "version": "0.3.3",
3
+ "version": "0.3.4",
4
4
  "description": "Vault Auth helper",
5
5
  "main": "index.js",
6
6
  "bin": {
@@ -15,9 +15,9 @@
15
15
  "cnyks": "^3.0.6",
16
16
  "debug": "^4.3.4",
17
17
  "mout": "^1.0.0",
18
- "nyks": "^6.9.1",
18
+ "nyks": "^6.15.0",
19
19
  "semver": "^7.5.4",
20
- "ssh-agent-js": "^2.0.4",
20
+ "ssh2": "^1.16.0",
21
21
  "yaml": "^2.6.1"
22
22
  },
23
23
  "devDependencies": {