Security News
tea.xyz Spam Plagues npm and RubyGems Package Registries
Tea.xyz, a crypto project aimed at rewarding open source contributions, is once again facing backlash due to an influx of spam packages flooding public package registries.
@aitmed/ecos-lvl2
Advanced tools
Readme
.
These methods were built on top of TweetNaCl.js
import services from '@aitmed/ecos-lvl2-sdk'
const level2SDK = new lvl2SDK({
apiVersion,
apiHost,
env: 'test',
configUrl: 'https://public.aitmed.com/config',
})
async function callSomeApi() {
const deat = await level2SDK.Account.createUser({
phone_number: '(555)555-5555',
password: 'letmein123',
verification_code: '00000',
first_name: 'Tom',
last_name: 'Jones',
})
return deat
}
async function callSomeApi() {
const deat = await level2SDK.edgeServices.createEdge({
etype: 'CREATE_USER',
apiVersion: 'v1beta1',
name: {
phone_number: '(555)555-5555',
first_name: 'Tom',
last_name: 'Jones',
},
})
return deat
}
Method | Returns | Description |
---|---|---|
Encryption/Decryption | ||
.generateAKey() | {sk:Uint8Array, pk:Uint8Array} | Generates a keyPair for assymetric encryption/decryption |
.aKeyCheck(publicKey:Uint8Array,secretKey:Uint8Array) | boolean | Checks if the keyPair is a valid one |
.aKeyEncrypt(secretKey:Uint8Array, data:Uint8Array) | Uint8Array | Assymetrically encrypts the given data using a secret key from a valid keyPair |
.aKeyDecrypt: (publicKey: Uint8Array, encryptedData: Uint8Array) | Uint8Array | Decrypts the assymetrically encrypted data using the publicKey from a valid keyPair |
.generateSKey() | Uint8Array | Generates a secretKey for symetrical encryption/decryption |
.sKeyEncrypt(secretKey: Uint8Array, data: Uint8Array) | Uint8Array | Symetrically encrypts data using a secretKey |
.sKeyDecrypt(secretKey: Uint8Array, encryptedData: Uint8Array) | Uint8Array | Decrypts the symetrically encrypted data using the secretKey it was encrypted with |
.uint8ArrayToBase64(data: Uint8Array) | string | Encodes Uint8Array value to base64 string |
.base64ToUint8Array(data: string) | Uint8Array | Decodes string value to Uint8Array |
.utf8ToUint8Array(data: string) | Uint8Array | Decodes string and returns Uint8Array |
.uint8ArrayToUtf8(data: Uint8Array) | string | Encodes Uint8Array or Array of bytes into string |
Account | ||
.createUser | { status: success, user_id: UUID, token: string,} | creates a user |
.login | { status: success or error} | login a user |
Edges | ||
.createEdge | Edge | creates an edge |
.retrieveEdge | Edge | retrieves an edge |
#####################################################################################
===>ECOS - Lvl 2 SDK. This layer connects itself to the protorepo, and is used by the Lvl 2.5 layer. In a nutshell, ECOS provides various types of services that can be used by later layers. Services include edgeServices, documentServices, vertexServices, commonServices, and utilServices. Its constructor also calls for the creation of an account, and we can access store from Lvl 2 SDK. Once a SDK is created, we can use it to access various attributes of the store, as well as the methods provided by different services. Through the store, a SDK can access any store related attributes, get config information, etc.
=>Store - The Store contains serveral private fields and one public field:
The store constructor can take apiVersion, apiHost, env, and configUrl, but only the last two are provided when creating by default. These fields can be accessed/modified via setters and getters.
Upon creation, store also generates the link to the backend using the generateGrpcClient() function provided in its constructor, and will define the generated result to its public grpcClient variable.
Additionally, store can get CONFIG_NAME stored in localStorage, if it exists. It has a function called loadConfig, which can be called to retrieve config data from {appName}.yml file. {appName} is provided as a parameter, but will default to aitmed if not provided. Lastly, a store is also able to clean config by removing it from local storage.
=>Account - An account is created and attached to the SDK through SDK constructor. Through account, we can access the following methods:
Each of the above functions handles a specific aspect of user authentication process. #**# I still need to discover where in later layers are these functions being utilized.
#vertexServices - A vertex is "like" a user. Four services are bundled into vertexServices:
#edgeServices - An edge can be a video session, chatting session, appointment, etc. and is distinguished by type. Every document is attached to an edge, and an edge is connected to/created by a vertex (which for the moment is an user). Related services are:
#documentServices - A document can be anything, a pdf file, a jpeg image, etc. We can perform specific CRUD operations through documentServices. Its methods include:
#commonServices - Services provided here are mostly meant to help other services. For instance, toSDKVertex method is used in createVertex. Services here include:
#utilServices - These services primarily serve to help in the data encryption/decryption process. Methods include encryption, decryption, key generation, and data conversion.
Acronym | Description |
---|---|
bsig | Begin sig |
esig | End sig |
atime | Access time |
ctime | Create time |
mtime | Modified time |
ce | Create edge |
cd | Create document |
cv | Create vertex |
re | Retrieve edge |
rd | Retrieve document |
rv | Retrieve vertex |
rx | Retrieve edge/document/vertex |
dx | Delete edge/document/vertex |
esak | Encrypted secret asymmetric key? |
pk | Public key |
sk | Secret key |
refid | Reference id |
bvid | Begin vertex id |
evid | End vertex id |
vid | Vertex id |
jwt | Json web token |
vcjwt | Verification code json web token |
uid | User id |
etype=1033 for ownerLogin, which is used for business owner to get a jwt as vtype=20, 21, 30 for etype=1033 ownerLogin, it requires a valid login jwt for the current user.
Also, for production, noodl file, etype=1031 secured login should be used instead of 1030 login. 1030 will be only available to test ecos_server, such as albh2.aitmed.io
Name | Description | Needed occasion |
---|---|---|
pk | createUser , loginNewDevice | login |
sk | createUser , verifyUserPassword | login |
esk | createUser , loginNewDevice | |
pkSign | createUser , login | |
skSign | createUser , login | |
eskSign | createUser , login |
FAQs
> eCOS Level 2 SDK
The npm package @aitmed/ecos-lvl2 receives a total of 1 weekly downloads. As such, @aitmed/ecos-lvl2 popularity was classified as not popular.
We found that @aitmed/ecos-lvl2 demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 4 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Tea.xyz, a crypto project aimed at rewarding open source contributions, is once again facing backlash due to an influx of spam packages flooding public package registries.
Security News
As cyber threats become more autonomous, AI-powered defenses are crucial for businesses to stay ahead of attackers who can exploit software vulnerabilities at scale.
Security News
UnitedHealth Group disclosed that the ransomware attack on Change Healthcare compromised protected health information for millions in the U.S., with estimated costs to the company expected to reach $1 billion.