@cloudbase/cloud-api
Advanced tools
@cloudbase/cloud-api - npm Package Compare versions
@@ -14,2 +14,3 @@ "use strict"; | ||
| } | ||
| // 移除对象中的空值,防止调用云 API 失败 | ||
| function deepRemoveVoid(obj) { | ||
@@ -47,2 +48,3 @@ if (Array.isArray(obj)) { | ||
| const month = ('0' + (date.getUTCMonth() + 1)).slice(-2); | ||
| // UTC 日期,非本地时间 | ||
| const day = ('0' + date.getUTCDate()).slice(-2); | ||
@@ -62,2 +64,3 @@ return `${year}-${month}-${day}`; | ||
| exports.nodeFetch = request_1.nodeFetch; | ||
| // token 将在 n 分钟内过期 | ||
| const isTokenExpired = (credential, gap = 120) => credential.tokenExpired && Number(credential.tokenExpired) < Date.now() + gap * 1000; | ||
@@ -96,2 +99,3 @@ class CloudApiService { | ||
| const apiService = new CloudApiService(options); | ||
| // 预防 serviceCacheMap 被置空导致的错误 | ||
| CloudApiService.serviceCacheMap = Object.assign({}, CloudApiService.serviceCacheMap); | ||
@@ -119,2 +123,3 @@ CloudApiService.serviceCacheMap[service] = apiService; | ||
| var _a; | ||
| // 增加 region 参数,兼容之前的入参形式 | ||
| let action; | ||
@@ -139,2 +144,3 @@ let data; | ||
| this.url = this.baseUrl; | ||
| // 不存在密钥,或临时密钥过期 | ||
| if (!((_a = this.credential) === null || _a === void 0 ? void 0 : _a.secretId) || isTokenExpired(this.credential)) { | ||
@@ -169,2 +175,3 @@ if (!this.getCredential) { | ||
| catch (e) { | ||
| // throw e | ||
| if (e.name === 'CloudBaseError') { | ||
@@ -183,2 +190,5 @@ throw e; | ||
| async requestWithSign(region) { | ||
| // data 中可能带有 readStream,由于需要计算整个 body 的 hash, | ||
| // 所以这里把 readStream 转为 Buffer | ||
| // await convertReadStreamToBuffer(data) | ||
| const timestamp = Math.floor(Date.now() / 1000); | ||
@@ -228,2 +238,3 @@ const { method, timeout, data } = this; | ||
| const urlObj = new url_1.URL(url); | ||
| // 通用头部 | ||
| let headers = ''; | ||
@@ -261,2 +272,3 @@ const signedHeaders = 'content-type;host'; | ||
| exports.CloudApiService = CloudApiService; | ||
| // 缓存请求实例 | ||
| CloudApiService.serviceCacheMap = {}; |
+2
-0
@@ -10,2 +10,3 @@ "use strict"; | ||
| exports.nodeFetch = node_fetch_1.default; | ||
| // 使用 fetch + 代理 | ||
| async function fetch(url, config = {}, proxy = '') { | ||
@@ -15,2 +16,3 @@ if (proxy) { | ||
| } | ||
| // 解决中文编码问题 | ||
| const escapeUrl = new url_1.URL(url).toString(); | ||
@@ -17,0 +19,0 @@ const res = await node_fetch_1.default(escapeUrl, config); |
@@ -6,2 +6,3 @@ "use strict"; | ||
| Object.defineProperty(exports, "__esModule", { value: true }); | ||
| // @ts-ignore | ||
| const signature_nodejs_1 = require("@cloudbase/signature-nodejs"); | ||
@@ -31,2 +32,3 @@ const url_1 = __importDefault(require("url")); | ||
| } | ||
| /** 请求参数 */ | ||
| const data = Object.assign({ Action: params.action, EnvType: params.envType, Uid: params.uid, UidSource: params.uidSource }, (params.data || {})); | ||
@@ -37,2 +39,3 @@ const method = commonConfig.method.toUpperCase(); | ||
| }; | ||
| // 设置 content-type 及 body/querystring | ||
| commonConfig.headers = commonConfig.headers || {}; | ||
@@ -68,2 +71,3 @@ if (['GET', 'DELETE'].includes(method)) { | ||
| catch (e) { | ||
| // throw e | ||
| if (e.name === 'CloudBaseError') { | ||
@@ -70,0 +74,0 @@ throw e; |
+2
-1
| { | ||
| "name": "@cloudbase/cloud-api", | ||
| "version": "0.4.1-alpha.1", | ||
| "version": "0.4.1-alpha.2", | ||
| "description": "The cloud api request package.", | ||
@@ -23,2 +23,3 @@ "main": "lib/index.js", | ||
| "ts-jest": "^25.2.1", | ||
| "ts-node": "^10.0.0", | ||
| "typescript": "^3.8.3" | ||
@@ -25,0 +26,0 @@ }, |
+3
-3
@@ -158,3 +158,3 @@ # @cloudbase/cloud-api | ||
| wedaRequest({ | ||
| action: 'DescribeWedaUserId'; | ||
| action: 'DescribeWedaUserId', | ||
| credentials: { | ||
@@ -166,3 +166,3 @@ secretId: 'xxx', | ||
| /** 环境ID */ | ||
| envId: 'xxx-xxxx'; | ||
| envId: 'xxx-xxxx', | ||
| /** | ||
@@ -174,3 +174,3 @@ * 调用的weda环境类型 | ||
| /** 用户ID */ | ||
| uid: 'xxxxxx'; | ||
| uid: 'xxxxxx', | ||
| /** | ||
@@ -177,0 +177,0 @@ * uid 类型, 1.tcb 2.微信 3.企业微信 4.weda内部 |
@@ -8,3 +8,6 @@ // @ts-ignore | ||
| /** 默认接口请求地址 */ | ||
| const WEDA_API_URL = 'https://gateway.weda.tencent-cloud.com/'; | ||
| /** 默认配置 */ | ||
| const DEFAULT_CONFIG: IWedaConfig = { | ||
@@ -32,2 +35,15 @@ url: WEDA_API_URL, | ||
| /** | ||
| * 客户端IP地址, 方便后端进行统计, 无可不传 | ||
| * 在tcb云函数中可通过 tcb.getCloudbaseContext 返回的 WX_CLIENTIP(微信侧) TCB_SOURCE_IP(云开发侧)拿到客户端IP地址 | ||
| * 详细文档 https://docs.cloudbase.net/api-reference/server/node-sdk/env.html#getcloudbasecontext | ||
| */ | ||
| clientIp?: string | ||
| /** | ||
| * 自定义请求ID, 方便前后端调试, 无可不传 | ||
| * 在tcb 云函数中, 若可以保证前端一次云函数调用, 只向weda后端发起一次请求, 这可以通过 tcb.parseContext 拿到云函数的请求 request_id 并复用该ID | ||
| * 若不能保证上述条件, 则不要复用云函数请求ID, 否则导致请求链路出问题难以定位 | ||
| * 详细文档 https://docs.cloudbase.net/api-reference/server/node-sdk/env.html#parsecontext | ||
| */ | ||
| requestId?: string | ||
| /** | ||
| * 调用的weda环境类型 | ||
@@ -81,4 +97,7 @@ * 预览-pre,正式-prod | ||
| EnvType: params.envType, | ||
| EnvId: params.envId, | ||
| Uid: params.uid, | ||
| UidSource: params.uidSource, | ||
| ClientIp: params.clientIp, | ||
| RequestId: params.requestId, | ||
| ...(params.data || {}) | ||
@@ -112,2 +131,3 @@ }; | ||
| try { | ||
| console.warn('requestConfig', JSON.stringify(requestConfig, null, 2)); | ||
| const data = await fetch(commonConfig.url, requestConfig, commonConfig.proxy); | ||
@@ -150,4 +170,4 @@ | ||
| ...(options.headers || {}), | ||
| // 'X-URL': options.url, | ||
| 'X-SessionToken': options.credentials.sessionToken, | ||
| 'X-URL': options.url, | ||
| Host: URL.parse(options.url).host, | ||
@@ -154,0 +174,0 @@ }; |
+1
-1
@@ -10,3 +10,3 @@ { | ||
| "outDir": "lib", | ||
| "removeComments": true, | ||
| "removeComments": false, | ||
| "types": ["node"], | ||
@@ -13,0 +13,0 @@ "esModuleInterop": true, |
@@ -6,15 +6,39 @@ interface ICredentials { | ||
| } | ||
| /** | ||
| * 请求参数 | ||
| */ | ||
| export interface IWedaRequestParams { | ||
| /** 请求方法 */ | ||
| action: string; | ||
| /** 认证信息 */ | ||
| credentials: ICredentials | (() => Promise<ICredentials>); | ||
| /** 环境ID */ | ||
| envId: string; | ||
| /** | ||
| * 调用的weda环境类型 | ||
| * 预览-pre,正式-prod | ||
| */ | ||
| envType: 'pre' | 'prod'; | ||
| /** 用户ID */ | ||
| uid: string; | ||
| /** | ||
| * uid 类型, 1.tcb 2.微信 3.企业微信 4.weda内部 | ||
| */ | ||
| uidSource: 1 | 2 | 3 | 4; | ||
| data: Record<string, any>; | ||
| /** | ||
| * 其他自定义参数 | ||
| */ | ||
| data?: Record<string, any>; | ||
| } | ||
| /** | ||
| * 请求额外配置 | ||
| */ | ||
| export interface IWedaConfig { | ||
| /** 请求的接口地址, 默认 'https://gateway.weda.tencent-cloud.com/' */ | ||
| url: string; | ||
| /** 请求方法, 默认 POST */ | ||
| method: string; | ||
| /** 额外的自定义头 */ | ||
| headers?: Record<string, any>; | ||
| /** 自定义http代理地址 */ | ||
| proxy?: string; | ||
@@ -21,0 +45,0 @@ } |
New alerts
Network access
Supply chain riskThis module accesses the network.
Found 2 instances in 1 package
Environment variable access
Supply chain riskPackage accesses environment variables, which may be a sign of credential stuffing or data theft.
Found 6 instances in 1 package
Fixed alerts
Major refactor
Supply chain riskPackage has recently undergone a major refactor. It may be unstable or indicate significant internal changes. Use caution when updating to versions that include significant changes.
Found 1 instance in 1 package
Network access
Supply chain riskThis module accesses the network.
Found 2 instances in 1 package
New author
Supply chain riskA new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.
Found 1 instance in 1 package
Environment variable access
Supply chain riskPackage accesses environment variables, which may be a sign of credential stuffing or data theft.
Found 6 instances in 1 package
Improved metrics
- Total package byte prevSize
47087
5.25%- Lines of code
1164
5.53%- Number of medium supply chain risk alerts
25
-3.85%Worsened metrics
- Dev dependency count
11
10%