npm - zapier-platform-core - Versions diffs - 17.1.0 → 17.2.0 - Mend

zapier-platform-core 17.1.0 → 17.2.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (7) hide show

package/package.json +3 -2
package/src/app-middlewares/before/fetch-stashed-bundle.js +43 -0
package/src/create-app.js +2 -0
package/src/errors.js +1 -0
package/src/tools/bundle-encryption.js +57 -0
package/src/tools/create-response-stasher.js +1 -13
package/src/tools/retry-utils.js +32 -0

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "zapier-platform-core",
-  "version": "17.1.0",
+  "version": "17.2.0",
   "description": "The core SDK for CLI apps in the Zapier Developer Platform.",
   "repository": "zapier/zapier-platform",
   "homepage": "https://platform.zapier.com/",
@@ -55,6 +55,7 @@
     "@zapier/secret-scrubber": "^1.1.2",
     "content-disposition": "0.5.4",
     "dotenv": "16.5.0",
+    "fernet": "^0.4.0",
     "form-data": "4.0.1",
     "lodash": "4.17.21",
     "mime-types": "2.1.35",
@@ -62,7 +63,7 @@
     "node-fetch": "2.7.0",
     "oauth-sign": "0.9.0",
     "semver": "7.7.1",
-    "zapier-platform-schema": "17.1.0"
+    "zapier-platform-schema": "17.2.0"
   },
   "devDependencies": {
     "@types/node-fetch": "^2.6.11",

package/src/app-middlewares/before/fetch-stashed-bundle.js ADDED Viewed

@@ -0,0 +1,43 @@
+'use strict';
+const _ = require('lodash');
+const fetch = require('../../tools/fetch');
+const { StashedBundleError } = require('../../errors');
+const { withRetry } = require('../../tools/retry-utils');
+const { decryptBundleWithSecret } = require('../../tools/bundle-encryption');
+const fetchStashedBundle = async (input) => {
+  const stashedBundleKey = _.get(
+    input,
+    '_zapier.event.stashedBundleKey',
+    undefined,
+  );
+  const rpc = _.get(input, '_zapier.rpc');
+  const secret = process.env._ZAPIER_ONE_TIME_SECRET;
+  if (stashedBundleKey && secret) {
+    // Use the RPC to get a presigned URL for downloading the data
+    const rpcResponse = await rpc(
+      'get_presigned_download_url',
+      stashedBundleKey,
+    );
+    const response = await withRetry(() => fetch(rpcResponse.url));
+    if (!response.ok) {
+      const errorMessage = `Failed to read stashed bundle. Status: ${response.status} ${response.statusText}`;
+      throw new StashedBundleError(errorMessage);
+    }
+    try {
+      const responseText = await response.text();
+      // Decrypt the bundle
+      const stashedBundle = decryptBundleWithSecret(responseText, secret);
+      // Set the bundle to the stashedBundle value
+      _.set(input, '_zapier.event.bundle', stashedBundle);
+    } catch (error) {
+      throw new StashedBundleError(error.message);
+    }
+  }
+  return input;
+};
+module.exports = fetchStashedBundle;

package/src/create-app.js CHANGED Viewed

@@ -7,6 +7,7 @@ const schemaTools = require('./tools/schema');
 // before middles
 const injectZObject = require('./app-middlewares/before/z-object');
 const addAppContext = require('./app-middlewares/before/add-app-context');
+const fetchStashedBundle = require('./app-middlewares/before/fetch-stashed-bundle');
 // after middles
 const checkOutput = require('./app-middlewares/after/checks');
@@ -27,6 +28,7 @@ const createApp = (appRaw) => {
   // standard before middlewares
   const befores = [
+    fetchStashedBundle,
     addAppContext,
     injectZObject,
     ...ensureArray(frozenCompiledApp.beforeApp),

package/src/errors.js CHANGED Viewed

@@ -79,6 +79,7 @@ const names = [
   'NotImplementedError',
   'RefreshAuthError',
   'RequireModuleError',
+  'StashedBundleError',
   'StopRequestError',
 ];

package/src/tools/bundle-encryption.js ADDED Viewed

@@ -0,0 +1,57 @@
+'use strict';
+const crypto = require('crypto');
+const fernet = require('fernet');
+/**
+ * Decrypt a bundle using secret key
+ *
+ * This matches the backend:
+ * 1. Hash the secret with SHA256 to get 32 bytes
+ * 2. Base64url encode those bytes to make Fernet-compatible key
+ * 3. Use Fernet library to decrypt (handles all token parsing internally)
+ *
+ * @param {string} bundle - The bundle represented as an encrypted token
+ * @param {string} secret - The secret key for decryption
+ * @returns {Object} The decrypted bundle object
+ */
+const decryptBundleWithSecret = (bundle, secret) => {
+  try {
+    // Validate input
+    if (!bundle || typeof bundle !== 'string') {
+      throw new Error('Invalid object from s3 - must be a non-empty string');
+    }
+    if (!secret || typeof secret !== 'string') {
+      throw new Error('Invalid secret - must be a non-empty string');
+    }
+    // Create the same key as backend
+    // Hash the secret and take first 32 bytes, then base64url encode for Fernet
+    const keyHash = crypto.createHash('sha256').update(secret).digest();
+    const keyBytes = keyHash.subarray(0, 32); // Take first 32 bytes
+    const fernetKey = keyBytes.toString('base64url'); // Use built-in base64url encoding
+    // Use Fernet library to decrypt (handles all the token parsing)
+    const token = new fernet.Token({
+      secret: new fernet.Secret(fernetKey),
+      token: bundle,
+      ttl: 0,
+    });
+    const decrypted = token.decode();
+    // Parse JSON
+    try {
+      return JSON.parse(decrypted);
+    } catch (error) {
+      throw new Error('Invalid JSON in decrypted bundle');
+    }
+  } catch (error) {
+    throw new Error(`Bundle decryption failed: ${error.message}`);
+  }
+};
+module.exports = {
+  decryptBundleWithSecret,
+};

package/src/tools/create-response-stasher.js CHANGED Viewed

@@ -3,19 +3,7 @@
 const _ = require('lodash');
 const uploader = require('./uploader');
 const crypto = require('crypto');
-const withRetry = async (fn, retries = 3, delay = 100, attempt = 0) => {
-  try {
-    return await fn();
-  } catch (error) {
-    if (attempt >= retries) {
-      throw error;
-    }
-    await new Promise((resolve) => setTimeout(resolve, delay));
-    return withRetry(fn, retries, delay, attempt + 1);
-  }
-};
+const { withRetry } = require('./retry-utils');
 // responseStasher uploads the data and returns the URL that points to that data.
 const stashResponse = async (input, response) => {

package/src/tools/retry-utils.js ADDED Viewed

@@ -0,0 +1,32 @@
+'use strict';
+/**
+ * Retry a function with exponential backoff
+ * @param {Function} fn - The function to retry
+ * @param {number} retries - Maximum number of retries (default: 3)
+ * @param {number} delay - Initial delay in milliseconds (default: 100)
+ * @param {number} attempt - Current attempt number (internal use)
+ * @returns {Promise} The result of the function call
+ */
+const withRetry = async (fn, retries = 3, delay = 100, attempt = 0) => {
+  try {
+    return await fn();
+  } catch (error) {
+    if (attempt >= retries) {
+      // Create an enhanced error with retry information
+      const retryError = new Error(
+        `Request failed after ${retries + 1} attempts. ` +
+          `Last error: ${error.message}.`,
+      );
+      throw retryError;
+    }
+    await new Promise((resolve) => setTimeout(resolve, delay));
+    return withRetry(fn, retries, delay, attempt + 1);
+  }
+};
+module.exports = {
+  withRetry,
+};