@edirect/encryption-handler

Encryption Middleware Library

A library that provides a set of middlewares for decrypting the request body and encrypting the API response.

Getting Started:

1. Install the package in the chosen service

   npm install @edirect/encryption-handler --save
   

2. The environment variables of the service that has installed the package must be updated

   On projects that work with the config package, you should add the following environment variables to the default.json or the .json responsible for the environment variables.

   {
   "encryption-service": {
       "baseUrl": "http://localhost:4212"
   },
   "entity-service": {
       "baseUrl": "http://localhost:9091"
   }
   }
   

   On projects that work with the .env file, you can simply set the environment variable on the correspondent file.

   ENCRYPTION_URL=<my_encryption_service_dns>
   ENTITY_URL=<my_entity_service_dns>
   

Usage Examples:

• Express:

const express = require('express')

/* Require the package by setting a default name or extracting the methods */
const encryptionHandler = require('@edirect/encryption-handler')

const app = express()
const PORT = 3000

/* Set usage of the middlewares (decrypt/encrypt) */
const middleware = [ encryptionHandler.decrypt, encryptionHandler.encrypt ]

/* Addition of middleware array usage on an endpoint */
app.post('/', middleware, (request, response) => handleRequest)

• NestJs:

/* Require the package by setting a default name or extracting the methods */
import * as encryptionHandler from '@edirect/encryption-handler';

import { Module, NestModule, MiddlewareConsumer } from '@nestjs/common';
import { PolicyModule } from './policy/policy.module';
import { PolicyController } from './policy/policy.controller.ts';

@Module({
  imports: [PolicyModule],
})
export class AppModule implements NestModule {
  configure(consumer: MiddlewareConsumer) {
    consumer
      /* Addition of middleware usage on endpoints separated by comma */
      .apply(encryptionHandler.decrypt, encryptionHandler.encrypt)
      .forRoutes(PolicyController);
  }
}

Development Environment

Aiming to show you how to use and test the package locally, we are going to take the package installation in the gateway as an example.

Clone the encryption-js-lib package project in your local environment

$ git clone git@bitbucket.org:gofrank/encryption-js-lib.git

Supposing you have the insurtech-gateway service installed in your environment.
Download the package in the gateway service by running one of the following commands:

$ npm install @edirect/encryption-handler --save
$ npm install /your/file/full/path/to/encryption-js-lib

In the root of the encryption-js-lib package run the following command:

$ npm link

In the root of the insurtech-gateway service run the following command:

$ npm link @edirect/encryption-handler

Every change you do on the package is going to be reflected in the package installed in the Gateway service.

Possible Responses:

Using these middlewares the client can receive different types of responses depending on whether the decryption/encryption flow has succeeded or not.

• Success Response:

{
  "status": 200,
  "data": "encrypted/signed string"
}

• Error Response

{ "status": 400, "code": "ENC001", "message": "Failed to encrypt" }
{ "status": 400, "code": "DEC001", "message": "Failed to decrypt" }
{ "status": 401, "code": "SIG001", "message": "Invalid signature" }
{ "status": 401, "code": "VAD001", "message": "Missing partner’s or bolttech’s keys" }
{ "status": 500, "code": "SYS001", "message": "System Error" }

Description:

  ENC001: Failed to encrypt due to wrong payload format or internal error
  DEC001: Failed to decrypt due to wrong payload format or internal error
  SIG001: Failed to verify the signature
  VAD001: Missing partner’s or bolttech’s keys
  SYS001: Internal server error

Encryption / Decryption Flow: