@sap/xssec
Advanced tools
Comparing version 3.2.5 to 3.2.7
# Change Log | ||
All notable changes to this project will be documented in this file. | ||
## 3.2.7 - 2020-09-15 | ||
- replace got with axios library because of a bug in got lib during https get | ||
@@ -5,0 +7,0 @@ ## 3.2.5 - 2020-09-07 |
'use strict'; | ||
const constants = require('./constants'); | ||
const got = require('got'); | ||
const axios = require('axios'); | ||
const url = require('url'); | ||
const https = require('https'); | ||
@@ -19,57 +20,31 @@ const errors = require('./errors'); | ||
const timeoutOptions = { | ||
lookup: 100, | ||
connect: 1000, | ||
secureConnect: 1000, | ||
socket: 2000, | ||
send: 2000, | ||
response: 2000 | ||
} | ||
const DEFAULT_TIMEOUT = 2000; | ||
const DEFAULT_USER_TOKEN_TIMEOUT = 10 * 1000; | ||
function createHttpClient() { | ||
return got.extend({ | ||
headers: { | ||
"User-Agent": constants.USER_AGENT, | ||
}, | ||
followRedirect: false, | ||
timeout: timeoutOptions, | ||
retry: { | ||
limit: retryLimit | ||
} | ||
}); | ||
} | ||
async function _requestToNetworkAXIOS(fnc, options, cb) { | ||
debugTrace(fnc + '::HTTP Call with %O', options); | ||
let retryLimit = 3; | ||
let httpClient = createHttpClient(3); | ||
const axios_options = { | ||
maxRedirects: 0, //no followRedirect | ||
headers: options.headers, | ||
url: options.url, | ||
method: options.method, | ||
timeout: options.timeout || DEFAULT_TIMEOUT | ||
}; | ||
//have a way to change one or all parameters from outside | ||
module.exports.setTimeoutOptions = function(to, retry) { | ||
for(var n in timeoutOptions) { | ||
timeoutOptions[n] = to[n] || timeoutOptions[n]; | ||
if(options.form) { | ||
axios_options.data = new url.URLSearchParams(options.form).toString(); | ||
} | ||
if(Number.isInteger(retry)) { | ||
retryLimit = retry; | ||
if(options.https) { | ||
axios_options.httpsAgent = new https.Agent({ | ||
cert: options.https.certificate, | ||
key: options.https.key | ||
}); | ||
} | ||
//update httpClient, too | ||
httpClient = createHttpClient(); | ||
} | ||
module.exports.setRetryLimit = function(retry) { | ||
retryLimit = retry; | ||
//update httpClient, too | ||
httpClient = createHttpClient(); | ||
} | ||
async function _requestToNetwork(fnc, options, cb) { | ||
debugTrace(fnc + '::HTTP Call with %O', options); | ||
try { | ||
const result = await got(options); | ||
if(result.statusCode === 200) { | ||
const json = JSON.parse(result.body); | ||
cb(null, json.id_token || json.access_token || json, json); | ||
} else { | ||
throw new Error(`Call with options: ${options} responded with ${result.statusCode} - ${result.body}`); | ||
} | ||
const result = await axios(axios_options); | ||
const json = result.data; | ||
cb(null, json.id_token || json.access_token || json, json); | ||
} catch (e) { | ||
@@ -80,2 +55,4 @@ return cb(e); | ||
let _requestToNetwork = _requestToNetworkAXIOS; | ||
function validateParameters(serviceCredentials, cb) { | ||
@@ -98,3 +75,2 @@ // input validation | ||
function buildSubdomain(serviceCredentials, subdomain) { | ||
@@ -144,5 +120,5 @@ var urlWithCorrectSubdomain = serviceCredentials.url; | ||
function buildOptions(serviceCredentials, additionalAttributes, url, grantType, zoneId) { | ||
function buildOptions(serviceCredentials, additionalAttributes, url, grantType, zoneId, timeout) { | ||
// jwt bearer flow | ||
var options = { | ||
const options = { | ||
method: 'POST', | ||
@@ -156,9 +132,10 @@ url: url + '/oauth/token', | ||
}, | ||
https: {}, | ||
timeout: timeoutOptions | ||
timeout: timeout || DEFAULT_TIMEOUT | ||
}; | ||
if (serviceCredentials.certificate) { | ||
options.https.key = serviceCredentials.key; | ||
options.https.certificate = serviceCredentials.certificate; | ||
options.https = { | ||
key: serviceCredentials.key, | ||
certificate: serviceCredentials.certificate | ||
} | ||
} else { | ||
@@ -182,3 +159,3 @@ //make sure we have a client_secret set here | ||
followRedirect: false, | ||
timeout: timeoutOptions, | ||
timeout: DEFAULT_TIMEOUT, | ||
url: serviceCredentialsUrl + '/.well-known/openid-configuration', | ||
@@ -199,3 +176,3 @@ headers: { | ||
followRedirect: false, | ||
timeout: timeoutOptions, | ||
timeout: DEFAULT_TIMEOUT, | ||
headers: { | ||
@@ -235,3 +212,4 @@ 'Accept': 'application/json', | ||
'urn:ietf:params:oauth:grant-type:jwt-bearer', | ||
zoneId); | ||
zoneId, | ||
DEFAULT_USER_TOKEN_TIMEOUT); | ||
@@ -275,3 +253,4 @@ //add Assertion | ||
'client_credentials', | ||
zoneId); | ||
zoneId, | ||
DEFAULT_TIMEOUT); | ||
@@ -288,14 +267,13 @@ appendAdditonalAttribites(options, additionalAttributes); | ||
module.exports.fetchKeyFromXSUAA = async function (tokenKeyUrl, zid, cb) { | ||
// try to obtain key from UAA | ||
try { | ||
const result = await httpClient(tokenKeyUrl); | ||
if(result.statusCode === 200) { | ||
const response = JSON.parse(result.body); | ||
cb(null, response); | ||
} else { | ||
throw new Error(`${tokenKeyUrl} with zid: ${zid} responded with ${result.statusCode} - ${result.body}`); | ||
} | ||
} catch (e) { | ||
return cb(e); | ||
const options = { | ||
headers: { | ||
"User-Agent": constants.USER_AGENT | ||
}, | ||
method: "GET", | ||
url: tokenKeyUrl, | ||
followRedirect: false, | ||
timeout: DEFAULT_TIMEOUT | ||
} | ||
_requestToNetwork("fetchKeyFromXSUAA", options, cb); | ||
} | ||
@@ -302,0 +280,0 @@ |
{ | ||
"name": "@sap/xssec", | ||
"version": "3.2.5", | ||
"version": "3.2.7", | ||
"description": "XS Advanced Container Security API for node.js", | ||
@@ -26,10 +26,11 @@ "main": "./lib", | ||
"devDependencies": { | ||
"mocha": "^5.2.0", | ||
"@sap/xsenv": "^3.1.1", | ||
"istanbul": "^0.4.5", | ||
"should": "^13.2.1", | ||
"jwt-decode": "^3.1.2", | ||
"@sap/xsenv": "^3.1.1", | ||
"node-forge": "^0.10.0" | ||
"mocha": "^5.2.0", | ||
"node-forge": "^0.10.0", | ||
"should": "^13.2.1" | ||
}, | ||
"dependencies": { | ||
"axios": "^0.21.4", | ||
"debug": "4.3.2", | ||
@@ -39,5 +40,4 @@ "jsonwebtoken": "^8.5.1", | ||
"node-rsa": "^1.1.1", | ||
"got": "^11.8.2", | ||
"valid-url": "1.0.9" | ||
} | ||
} |
@@ -335,3 +335,3 @@ @sap/xssec: XS Advanced Container Security API for node.js | ||
checks a instance specific scope that is published by the current application in the xs-security.json file. | ||
checks a instance specific scope that is published by the current application in the xs-security.json file. Use this to check a scope from a service instance. | ||
@@ -338,0 +338,0 @@ Parameters: |
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Network access
Supply chain riskThis module accesses the network.
Found 1 instance in 1 package
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
119691
1674
1
+ Addedaxios@^0.21.4
+ Addedaxios@0.21.4(transitive)
+ Addedfollow-redirects@1.15.9(transitive)
- Removedgot@^11.8.2
- Removed@sindresorhus/is@4.6.0(transitive)
- Removed@szmarczak/http-timer@4.0.6(transitive)
- Removed@types/cacheable-request@6.0.3(transitive)
- Removed@types/http-cache-semantics@4.0.4(transitive)
- Removed@types/keyv@3.1.4(transitive)
- Removed@types/node@22.5.5(transitive)
- Removed@types/responselike@1.0.3(transitive)
- Removedcacheable-lookup@5.0.4(transitive)
- Removedcacheable-request@7.0.4(transitive)
- Removedclone-response@1.0.3(transitive)
- Removeddecompress-response@6.0.0(transitive)
- Removeddefer-to-connect@2.0.1(transitive)
- Removedend-of-stream@1.4.4(transitive)
- Removedget-stream@5.2.0(transitive)
- Removedgot@11.8.6(transitive)
- Removedhttp-cache-semantics@4.1.1(transitive)
- Removedhttp2-wrapper@1.0.3(transitive)
- Removedjson-buffer@3.0.1(transitive)
- Removedkeyv@4.5.4(transitive)
- Removedlowercase-keys@2.0.0(transitive)
- Removedmimic-response@1.0.13.1.0(transitive)
- Removednormalize-url@6.1.0(transitive)
- Removedonce@1.4.0(transitive)
- Removedp-cancelable@2.1.1(transitive)
- Removedpump@3.0.2(transitive)
- Removedquick-lru@5.1.1(transitive)
- Removedresolve-alpn@1.2.1(transitive)
- Removedresponselike@2.0.1(transitive)
- Removedundici-types@6.19.8(transitive)
- Removedwrappy@1.0.2(transitive)