zapier-platform-core 17.3.0 → 17.4.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
|
@@ -5,9 +5,14 @@ let _appRaw;
|
|
|
5
5
|
try {
|
|
6
6
|
_appRaw = await import('{REPLACE_ME_PACKAGE_NAME}');
|
|
7
7
|
} catch (err) {
|
|
8
|
-
if (
|
|
9
|
-
err.
|
|
10
|
-
|
|
8
|
+
if (
|
|
9
|
+
err.code === 'ERR_MODULE_NOT_FOUND' &&
|
|
10
|
+
err.message?.includes('{REPLACE_ME_PACKAGE_NAME}')
|
|
11
|
+
) {
|
|
12
|
+
err.message =
|
|
13
|
+
'It seems you are using ESM because your package.json has `"type": "module"`. ' +
|
|
14
|
+
'For ESM to work, make sure you specify a valid entry point using `exports` (instead of `main`) in package.json.\n\n' +
|
|
15
|
+
err.message;
|
|
11
16
|
}
|
|
12
17
|
throw err;
|
|
13
18
|
}
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "zapier-platform-core",
|
|
3
|
-
"version": "17.
|
|
3
|
+
"version": "17.4.0",
|
|
4
4
|
"description": "The core SDK for CLI apps in the Zapier Developer Platform.",
|
|
5
5
|
"repository": "zapier/zapier-platform",
|
|
6
6
|
"homepage": "https://platform.zapier.com/",
|
|
@@ -9,9 +9,9 @@
|
|
|
9
9
|
"types": "types/index.d.ts",
|
|
10
10
|
"exports": {
|
|
11
11
|
".": {
|
|
12
|
+
"types": "./types/index.d.ts",
|
|
12
13
|
"require": "./index.js",
|
|
13
|
-
"import": "./index.mjs"
|
|
14
|
-
"types": "./types/index.d.ts"
|
|
14
|
+
"import": "./index.mjs"
|
|
15
15
|
},
|
|
16
16
|
"./src/*": {
|
|
17
17
|
"require": "./src/*.js"
|
|
@@ -63,7 +63,7 @@
|
|
|
63
63
|
"node-fetch": "2.7.0",
|
|
64
64
|
"oauth-sign": "0.9.0",
|
|
65
65
|
"semver": "7.7.1",
|
|
66
|
-
"zapier-platform-schema": "17.
|
|
66
|
+
"zapier-platform-schema": "17.4.0"
|
|
67
67
|
},
|
|
68
68
|
"devDependencies": {
|
|
69
69
|
"@types/node-fetch": "^2.6.11",
|
|
@@ -2,7 +2,7 @@
|
|
|
2
2
|
|
|
3
3
|
const crypto = require('crypto');
|
|
4
4
|
const fernet = require('fernet');
|
|
5
|
-
|
|
5
|
+
const zlib = require('zlib');
|
|
6
6
|
/**
|
|
7
7
|
* Decrypt a bundle using secret key
|
|
8
8
|
*
|
|
@@ -10,10 +10,12 @@ const fernet = require('fernet');
|
|
|
10
10
|
* 1. Hash the secret with SHA256 to get 32 bytes
|
|
11
11
|
* 2. Base64url encode those bytes to make Fernet-compatible key
|
|
12
12
|
* 3. Use Fernet library to decrypt (handles all token parsing internally)
|
|
13
|
+
* 4. Base64 decode the decrypted string to get compressed binary data
|
|
14
|
+
* 5. Decompress the data using gzip
|
|
13
15
|
*
|
|
14
16
|
* @param {string} bundle - The bundle represented as an encrypted token
|
|
15
17
|
* @param {string} secret - The secret key for decryption
|
|
16
|
-
* @returns {Object} The decrypted bundle object
|
|
18
|
+
* @returns {Object} The decrypted and decompressed bundle object
|
|
17
19
|
*/
|
|
18
20
|
const decryptBundleWithSecret = (bundle, secret) => {
|
|
19
21
|
try {
|
|
@@ -26,24 +28,54 @@ const decryptBundleWithSecret = (bundle, secret) => {
|
|
|
26
28
|
throw new Error('Invalid secret - must be a non-empty string');
|
|
27
29
|
}
|
|
28
30
|
|
|
29
|
-
// Create the same key as backend
|
|
31
|
+
// Step 1: Create the same key as backend
|
|
30
32
|
// Hash the secret and take first 32 bytes, then base64url encode for Fernet
|
|
31
33
|
const keyHash = crypto.createHash('sha256').update(secret).digest();
|
|
32
34
|
const keyBytes = keyHash.subarray(0, 32); // Take first 32 bytes
|
|
33
35
|
const fernetKey = keyBytes.toString('base64url'); // Use built-in base64url encoding
|
|
34
|
-
|
|
35
36
|
// Use Fernet library to decrypt (handles all the token parsing)
|
|
37
|
+
const secretObj = new fernet.Secret(fernetKey);
|
|
36
38
|
const token = new fernet.Token({
|
|
37
|
-
secret:
|
|
39
|
+
secret: secretObj,
|
|
38
40
|
token: bundle,
|
|
39
41
|
ttl: 0,
|
|
40
42
|
});
|
|
41
43
|
|
|
42
|
-
|
|
44
|
+
// Step 2: Decrypt the token - this should now be a valid UTF-8 string (base64 encoded)
|
|
45
|
+
let decryptedString;
|
|
46
|
+
try {
|
|
47
|
+
decryptedString = token.decode();
|
|
48
|
+
} catch (fernetError) {
|
|
49
|
+
throw new Error(`Fernet decryption failed: ${fernetError.message}`);
|
|
50
|
+
}
|
|
43
51
|
|
|
44
|
-
//
|
|
52
|
+
// Step 3: The decrypted data should be a base64 encoded string
|
|
53
|
+
// Base64 decode it to get the compressed binary data
|
|
54
|
+
let compressedBytes;
|
|
45
55
|
try {
|
|
46
|
-
|
|
56
|
+
compressedBytes = Buffer.from(decryptedString, 'base64');
|
|
57
|
+
} catch (base64Error) {
|
|
58
|
+
throw new Error(`Base64 decoding failed: ${base64Error.message}`);
|
|
59
|
+
}
|
|
60
|
+
|
|
61
|
+
// Step 4: The data is compressed, so we need to decompress it
|
|
62
|
+
let decompressed;
|
|
63
|
+
try {
|
|
64
|
+
// Try to decompress first (for new format with compression)
|
|
65
|
+
decompressed = zlib.gunzipSync(compressedBytes).toString('utf8');
|
|
66
|
+
} catch (decompressionError) {
|
|
67
|
+
// If decompression fails, assume it's the old format without compression
|
|
68
|
+
// This provides backward compatibility
|
|
69
|
+
console.warn(
|
|
70
|
+
'Bundle decompression failed, falling back to uncompressed format:',
|
|
71
|
+
decompressionError.message,
|
|
72
|
+
);
|
|
73
|
+
decompressed = decryptedString;
|
|
74
|
+
}
|
|
75
|
+
|
|
76
|
+
// Step 5: Parse JSON
|
|
77
|
+
try {
|
|
78
|
+
return JSON.parse(decompressed);
|
|
47
79
|
} catch (error) {
|
|
48
80
|
throw new Error('Invalid JSON in decrypted bundle');
|
|
49
81
|
}
|
|
@@ -51,7 +83,6 @@ const decryptBundleWithSecret = (bundle, secret) => {
|
|
|
51
83
|
throw new Error(`Bundle decryption failed: ${error.message}`);
|
|
52
84
|
}
|
|
53
85
|
};
|
|
54
|
-
|
|
55
86
|
module.exports = {
|
|
56
87
|
decryptBundleWithSecret,
|
|
57
88
|
};
|