@swimlane/obfuscator

Obfuscator

🗝 Obfuscate values based on JSON Schemas

Quickstart

By default, Obfuscator will replace any values defined in the schema of type password or type string and format password with **********.

Example

import { Obfuscator } from '@swimlane/obfuscator';

const obj = {
  foo: 'bar',
  xyzzy: 'secret',
  fizz: 'buzz'
};
const schema = {
  type: 'object',
  properties: {
    foo: {
      type: 'password'
    },
    xyzzy: {
      type: 'string',
      format: 'password'
    },
    fizz: {
      type: 'string'
    }
  }
};

console.log(Obfuscator.value(obj, schema));
// {
//   "foo": "**********",
//   "xyzzy": "**********",
//   "fizz": "buzz"
// }

Functions

Obfuscator.value(value, schema, [replace], [types])

This function will obfuscate a value based on a JSON schema provided.

• value: Any type of value you want to obfuscate
• schema: A JSON Schema object
• replace: (optional) The value to obfuscate with. By default, this is **********. It can be a:
  • string: Any value you want to replace it with. (ex. '[ REDACTED ]')
  • function: A function that accepts (value, key) and returns a string. This is useful if you want to obfuscate differently based on the value of key name. (ex. (value, key) => 'REDACTED ' + value.length)
• types: (optional) An array of JSON schema types you want to redact. By default, this is [{ type: 'password' }, { type: 'string', format: 'password' }]

Obfuscator.unObfuscate(newValue, prevValue, [replaceString])

A little helper function to try and unobfuscate a value based on its previous value. The usage here is when updating an obfuscated object, you can save the new object with the unobfuscated values (assuming you have access to them)

• newValue: The new values
• prevValue: The previous version of the value
• replaceString: (optional) The expected obfuscated result. By default it's **********

Unobfuscate Example

import { Obfuscate } from '@swimlane/obfuscator';

async function update(newValue): Promise<void> {
  // get previous value from DB or something
  const previous = await yourRepo.findById(newValue.id);

  //replace any obfuscated values with their DB version
  const updatedAsset = Obfuscator.unObfuscate(newValue, previous);

  // Save new version with unobfuscated value
  const result = await yourRepo.save(updatedAsset);
}

More Examples

See tests/Obfuscator.spec.ts for various examples of usage.

Credits

Obfuscator is a Swimlane open-source project; we believe in giving back to the open-source community by sharing some of the projects we build for our application. Swimlane is an automated cyber security operations and incident response platform that enables cyber security teams to leverage threat intelligence, speed up incident response and automate security operations.