Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More
Socket
Sign inDemoInstall
Socket

backtrace-service

Package Overview
Dependencies
Maintainers
6
Versions
153
Alerts
File Explorer

Advanced tools

Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

backtrace-service - npm Package Compare versions

Comparing version 3.4.11 to 3.4.12

9

lib/identity/identity.d.ts

@@ -84,4 +84,5 @@ import { NextFunction, Request, Response } from 'express';

/**
* Use coronerd auth method to validate url and session token provided by user
* For Express apps, consider using the authenticateRequest middleware instead
* @deprecated use getConfiguration instead to get a current user configuration
* Use coronerd auth method to validate url and session token provided by user.
* Use this method only for service login
* @param url coronerd url

@@ -108,4 +109,4 @@ * @param token coronerd token

/**
* Get Backtrace configuration. For service owners, if you want to get
* coronerd configuration, please use `loginCoronerd` instead.
* Get Backtrace configuration by using universe url and token.
* Please use this method to retrieve coronerd configuration for the user-based flows.
* @param universeUrl url to coronerd universe

@@ -112,0 +113,0 @@ * @param authToken user token

@@ -332,3 +332,3 @@ "use strict";

return function (request, response, next) { return __awaiter(_this, void 0, void 0, function () {
var _a, url, token, serverConfiguration, serviceToCoronerdUrl, authRequest, pendingAuthorization, err_1;
var _a, url, token, userConfiguration, serviceToCoronerdUrl, authRequest, pendingAuthorization, err_1;
var _b, _c, _d;

@@ -349,9 +349,9 @@ return __generator(this, function (_e) {

}
return [4 /*yield*/, this.authenticate(url, token)];
return [4 /*yield*/, this.getConfiguration(url, token)];
case 2:
serverConfiguration = _e.sent();
if (!serverConfiguration || !serverConfiguration.user) {
userConfiguration = _e.sent();
if (!userConfiguration || !userConfiguration.user) {
return [2 /*return*/, next(new apiError_1.ApiError('Auth failure', 401))];
}
return [4 /*yield*/, this.serviceToCoronerdUrlForUniverse(url, (_c = serverConfiguration.universe) === null || _c === void 0 ? void 0 : _c.name)];
return [4 /*yield*/, this.serviceToCoronerdUrlForUniverse(url, (_c = userConfiguration.universe) === null || _c === void 0 ? void 0 : _c.name)];
case 3:

@@ -363,3 +363,3 @@ serviceToCoronerdUrl = _e.sent();

token: token,
cfg: serverConfiguration,
cfg: userConfiguration,
service_to_coronerd_url: serviceToCoronerdUrl,

@@ -419,4 +419,5 @@ };

/**
* Use coronerd auth method to validate url and session token provided by user
* For Express apps, consider using the authenticateRequest middleware instead
* @deprecated use getConfiguration instead to get a current user configuration
* Use coronerd auth method to validate url and session token provided by user.
* Use this method only for service login
* @param url coronerd url

@@ -427,33 +428,12 @@ * @param token coronerd token

return __awaiter(this, void 0, void 0, function () {
var prefix, result, coronerd_nonce, coronerd_hmac;
var userConfiguration;
return __generator(this, function (_a) {
switch (_a.label) {
case 0:
if (!token || !url) {
throw new apiError_1.ApiError('missing url/token', 400);
}
prefix = url.endsWith('/') ? '' : '/';
return [4 /*yield*/, axios_1.default.get("".concat(url).concat(prefix, "api/config"), {
httpsAgent: this.httpsAgent,
headers: {
'X-Service-Name': this.descr.name,
'X-Coroner-Token': this.sanitizeHeader(token),
'X-Service-HMAC': this.generateHmac(this.descr.secret, token),
},
maxContentLength: Infinity,
})];
case 0: return [4 /*yield*/, this.getConfiguration(url, token)];
case 1:
result = _a.sent();
if (result.status !== 200) {
throw new apiError_1.ApiError("Invalid server response code ".concat(result.status), result.status);
userConfiguration = _a.sent();
if (!userConfiguration) {
throw new Error('Authentication failure');
}
coronerd_nonce = result.headers['x-service-nonce'];
coronerd_hmac = result.headers['x-service-hmac'];
if (!coronerd_nonce || !coronerd_hmac) {
throw new apiError_1.ApiError('Missing response parameters - coronerd_nonce/hmac', 400);
}
if (!this.checkHmac(this.descr.secret, coronerd_nonce, coronerd_hmac)) {
throw new apiError_1.ApiError('Invalid server generated HMAC', 400);
}
return [2 /*return*/, result.data];
return [2 /*return*/, userConfiguration];
}

@@ -599,4 +579,4 @@ });

/**
* Get Backtrace configuration. For service owners, if you want to get
* coronerd configuration, please use `loginCoronerd` instead.
* Get Backtrace configuration by using universe url and token.
* Please use this method to retrieve coronerd configuration for the user-based flows.
* @param universeUrl url to coronerd universe

@@ -603,0 +583,0 @@ * @param authToken user token

{
"name": "backtrace-service",
"version": "3.4.11",
"version": "3.4.12",
"description": "Common tools for Backtrace Node services",

@@ -5,0 +5,0 @@ "author": "Backtrace",

Sorry, the diff of this file is not supported yet

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

Packages

npm

Stay in touch

Get open source security insights delivered straight into your inbox.


  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc