@resourcefulhumans/rheactor-image-service
Advanced tools
Comparing version 2.1.1 to 3.0.0
{ | ||
"name": "@resourcefulhumans/rheactor-image-service", | ||
"description": "An image processing backend running on AWS Lambda.", | ||
"version": "2.1.1", | ||
"version": "3.0.0", | ||
"publishConfig": { | ||
@@ -9,5 +9,5 @@ "access": "public" | ||
"scripts": { | ||
"test": "NODE_ENV=testing VERSION=0.0.0 MOUNT_URL=http://example.com WEB_LOCATION=http://images.example.com S3_BUCKET=rheactor-image-service PUBLIC_KEY=`cat ./test/data/public.key` DEPLOY_TIME=`date +%s` mocha --compilers js:babel-register --reporter=dot --timeout=1350 test/\\*\\*/\\*.js", | ||
"test:coverage": "NODE_ENV=testing VERSION=0.0.0 MOUNT_URL=http://example.com WEB_LOCATION=http://images.example.com S3_BUCKET=rheactor-image-service PUBLIC_KEY=`cat ./test/data/public.key` DEPLOY_TIME=`date +%s` istanbul cover _mocha -- --compilers js:babel-core/register --reporter=dot --timeout=1350 test/\\*\\*/\\*.js", | ||
"test:coverage-travis": "NODE_ENV=testing VERSION=0.0.0 MOUNT_URL=http://example.com WEB_LOCATION=http://images.example.com S3_BUCKET=rheactor-image-service PUBLIC_KEY=`cat ./test/data/public.key` DEPLOY_TIME=`date +%s` istanbul cover _mocha --report lcovonly -- --compilers js:babel-register --reporter=dot --timeout=10000 test/\\*\\*/\\*.js && codeclimate-test-reporter < ./coverage/lcov.info && rm -rf ./coverage", | ||
"test": "NODE_ENV=testing VERSION=0.0.0 MOUNT_URL=http://example.com WEB_LOCATION=http://images.example.com S3_BUCKET=rheactor-image-service PUBLIC_KEY_FILE=`hostname`-test.key DEPLOY_TIME=`date +%s` mocha --compilers js:babel-register --reporter=dot --timeout=1350 test/\\*\\*/\\*.js", | ||
"test:coverage": "NODE_ENV=testing VERSION=0.0.0 MOUNT_URL=http://example.com WEB_LOCATION=http://images.example.com S3_BUCKET=rheactor-image-service PUBLIC_KEY_FILE=`hostname`-test.key DEPLOY_TIME=`date +%s` istanbul cover _mocha -- --compilers js:babel-core/register --reporter=dot --timeout=1350 test/\\*\\*/\\*.js", | ||
"test:coverage-travis": "NODE_ENV=testing VERSION=0.0.0 MOUNT_URL=http://example.com WEB_LOCATION=http://images.example.com S3_BUCKET=rheactor-image-service PUBLIC_KEY_FILE=`hostname`-test.key DEPLOY_TIME=`date +%s` istanbul cover _mocha --report lcovonly -- --compilers js:babel-register --reporter=dot --timeout=10000 test/\\*\\*/\\*.js && codeclimate-test-reporter < ./coverage/lcov.info && rm -rf ./coverage", | ||
"lint": "standard", | ||
@@ -14,0 +14,0 @@ "precommit": "npm run lint && npm test", |
@@ -58,4 +58,4 @@ # rheactor-image-service | ||
Public URL for the bucket | ||
- `PUBLIC_KEY` | ||
Public key to be used for verifying tokens | ||
- `PUBLIC_KEY_FILE` | ||
Public key file in the bucket to be used for verifying tokens | ||
@@ -62,0 +62,0 @@ ## Setup |
@@ -8,2 +8,3 @@ /* global process */ | ||
import AWS from 'aws-sdk' | ||
import Promise from 'bluebird' | ||
@@ -15,5 +16,4 @@ const mountURL = new URIValue(process.env.MOUNT_URL) | ||
const deployTime = process.env.DEPLOY_TIME | ||
// TODO: Load the key public from S3 | ||
const keyType = environment === 'testing' ? 'PUBLIC KEY' : 'RSA PUBLIC KEY' | ||
const publicKey = `-----BEGIN ${keyType}-----\n${process.env.PUBLIC_KEY.match(/.{1,64}/g).join('\n')}\n-----END ${keyType}-----` | ||
const bucket = process.env.S3_BUCKET | ||
const publicKeyFile = process.env.PUBLIC_KEY_FILE | ||
@@ -25,2 +25,13 @@ const s3 = new AWS.S3({ | ||
// Loads the public key from S3 | ||
const pubKeyPromise = new Promise((resolve, reject) => { | ||
s3.getObject({ | ||
Bucket: bucket, | ||
Key: publicKeyFile | ||
}, (err, data) => { | ||
if (err) return reject(err) | ||
return resolve(data.Body.toString()) | ||
}) | ||
}) | ||
const operations = { | ||
@@ -31,6 +42,10 @@ index: apiIndexOperation(new Index([ | ||
])), | ||
upload: uploadOperation(s3, process.env.S3_BUCKET, new URIValue(process.env.WEB_LOCATION)), | ||
upload: uploadOperation(s3, bucket, new URIValue(process.env.WEB_LOCATION)), | ||
status: statusOperation(version, environment, deployTime) | ||
} | ||
export const handler = awsLambdaHandler.bind(undefined, contentType, environment, publicKey, operations) | ||
export const handler = (event, context, callback) => { | ||
pubKeyPromise.then(publicKey => { | ||
awsLambdaHandler(contentType, environment, publicKey, operations, event, context, callback) | ||
}) | ||
} |
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Environment variable access
Supply chain riskPackage accesses environment variables, which may be a sign of credential stuffing or data theft.
Found 1 instance in 1 package
Environment variable access
Supply chain riskPackage accesses environment variables, which may be a sign of credential stuffing or data theft.
Found 1 instance in 1 package
35224
278