backtrace-service
Advanced tools
Comparing version 3.4.11 to 3.4.12
@@ -84,4 +84,5 @@ import { NextFunction, Request, Response } from 'express'; | ||
/** | ||
* Use coronerd auth method to validate url and session token provided by user | ||
* For Express apps, consider using the authenticateRequest middleware instead | ||
* @deprecated use getConfiguration instead to get a current user configuration | ||
* Use coronerd auth method to validate url and session token provided by user. | ||
* Use this method only for service login | ||
* @param url coronerd url | ||
@@ -108,4 +109,4 @@ * @param token coronerd token | ||
/** | ||
* Get Backtrace configuration. For service owners, if you want to get | ||
* coronerd configuration, please use `loginCoronerd` instead. | ||
* Get Backtrace configuration by using universe url and token. | ||
* Please use this method to retrieve coronerd configuration for the user-based flows. | ||
* @param universeUrl url to coronerd universe | ||
@@ -112,0 +113,0 @@ * @param authToken user token |
@@ -332,3 +332,3 @@ "use strict"; | ||
return function (request, response, next) { return __awaiter(_this, void 0, void 0, function () { | ||
var _a, url, token, serverConfiguration, serviceToCoronerdUrl, authRequest, pendingAuthorization, err_1; | ||
var _a, url, token, userConfiguration, serviceToCoronerdUrl, authRequest, pendingAuthorization, err_1; | ||
var _b, _c, _d; | ||
@@ -349,9 +349,9 @@ return __generator(this, function (_e) { | ||
} | ||
return [4 /*yield*/, this.authenticate(url, token)]; | ||
return [4 /*yield*/, this.getConfiguration(url, token)]; | ||
case 2: | ||
serverConfiguration = _e.sent(); | ||
if (!serverConfiguration || !serverConfiguration.user) { | ||
userConfiguration = _e.sent(); | ||
if (!userConfiguration || !userConfiguration.user) { | ||
return [2 /*return*/, next(new apiError_1.ApiError('Auth failure', 401))]; | ||
} | ||
return [4 /*yield*/, this.serviceToCoronerdUrlForUniverse(url, (_c = serverConfiguration.universe) === null || _c === void 0 ? void 0 : _c.name)]; | ||
return [4 /*yield*/, this.serviceToCoronerdUrlForUniverse(url, (_c = userConfiguration.universe) === null || _c === void 0 ? void 0 : _c.name)]; | ||
case 3: | ||
@@ -363,3 +363,3 @@ serviceToCoronerdUrl = _e.sent(); | ||
token: token, | ||
cfg: serverConfiguration, | ||
cfg: userConfiguration, | ||
service_to_coronerd_url: serviceToCoronerdUrl, | ||
@@ -419,4 +419,5 @@ }; | ||
/** | ||
* Use coronerd auth method to validate url and session token provided by user | ||
* For Express apps, consider using the authenticateRequest middleware instead | ||
* @deprecated use getConfiguration instead to get a current user configuration | ||
* Use coronerd auth method to validate url and session token provided by user. | ||
* Use this method only for service login | ||
* @param url coronerd url | ||
@@ -427,33 +428,12 @@ * @param token coronerd token | ||
return __awaiter(this, void 0, void 0, function () { | ||
var prefix, result, coronerd_nonce, coronerd_hmac; | ||
var userConfiguration; | ||
return __generator(this, function (_a) { | ||
switch (_a.label) { | ||
case 0: | ||
if (!token || !url) { | ||
throw new apiError_1.ApiError('missing url/token', 400); | ||
} | ||
prefix = url.endsWith('/') ? '' : '/'; | ||
return [4 /*yield*/, axios_1.default.get("".concat(url).concat(prefix, "api/config"), { | ||
httpsAgent: this.httpsAgent, | ||
headers: { | ||
'X-Service-Name': this.descr.name, | ||
'X-Coroner-Token': this.sanitizeHeader(token), | ||
'X-Service-HMAC': this.generateHmac(this.descr.secret, token), | ||
}, | ||
maxContentLength: Infinity, | ||
})]; | ||
case 0: return [4 /*yield*/, this.getConfiguration(url, token)]; | ||
case 1: | ||
result = _a.sent(); | ||
if (result.status !== 200) { | ||
throw new apiError_1.ApiError("Invalid server response code ".concat(result.status), result.status); | ||
userConfiguration = _a.sent(); | ||
if (!userConfiguration) { | ||
throw new Error('Authentication failure'); | ||
} | ||
coronerd_nonce = result.headers['x-service-nonce']; | ||
coronerd_hmac = result.headers['x-service-hmac']; | ||
if (!coronerd_nonce || !coronerd_hmac) { | ||
throw new apiError_1.ApiError('Missing response parameters - coronerd_nonce/hmac', 400); | ||
} | ||
if (!this.checkHmac(this.descr.secret, coronerd_nonce, coronerd_hmac)) { | ||
throw new apiError_1.ApiError('Invalid server generated HMAC', 400); | ||
} | ||
return [2 /*return*/, result.data]; | ||
return [2 /*return*/, userConfiguration]; | ||
} | ||
@@ -599,4 +579,4 @@ }); | ||
/** | ||
* Get Backtrace configuration. For service owners, if you want to get | ||
* coronerd configuration, please use `loginCoronerd` instead. | ||
* Get Backtrace configuration by using universe url and token. | ||
* Please use this method to retrieve coronerd configuration for the user-based flows. | ||
* @param universeUrl url to coronerd universe | ||
@@ -603,0 +583,0 @@ * @param authToken user token |
{ | ||
"name": "backtrace-service", | ||
"version": "3.4.11", | ||
"version": "3.4.12", | ||
"description": "Common tools for Backtrace Node services", | ||
@@ -5,0 +5,0 @@ "author": "Backtrace", |
Sorry, the diff of this file is not supported yet
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
237207
3471