@inventsable/gatekeeper

Installation

npm i @inventsable/gatekeeper

import {
  encrypt,
  decrypt,
  getAWSSecrets,
  parseJWTString,
  login,
  makeRequest,
  requestFromServer,
  isJSON,
} from "@inventsable/gatekeeper";

API

encrypt(value, password) ⇒ CiperParams | Error

Encodes any valid string, object or array data with a given password to a CipherParams object containing ciphertext, salt and initialization vector keys inline with CryptoJS

decrypt(CipherParams, password) ⇒ any | Error

Decodes any valid CipherParams string with a given password to its original value

async login(username, password, url) ⇒ Object | Error

Thenable method for remote OAuth access to Moore's SSO system

async makeRequest(data, headers, asJSON) ⇒ Object | Error

Thenable shorthand method for POST with dynamic body and header content

async requestFromServer(url, requestOptions, asJSON) ⇒ Object

async getAWSSecrets(config) ⇒ Object | Error

Thenable method for querying AWS Key Manager contents, later to be used for all decryption and encryption. By default this assumes the existence of environment variables containing the 4 required keys designated below, but these can be passed as the parameter to the function in a destructured options/config format

parseJWTString(stringValue) ⇒ Object | Error

Shorthand method to parse JWT (JSON web token) string contents and retrieve original data object

isJSON(text) ⇒ Boolean

Shorthand to determine whether data is string or stringified JSON

async login(username, password, url) ⇒ Object | Error

Thenable method for remote OAuth access to Moore's SSO system

Kind: global function

Param	Type	Default	Description
username	String		Exact string of user to log in
password	String		Exact string of password associated to user
url	String	https://dev-sso.gomsi.net/auth/realms/sso/protocol/openid-connect/token	(optional) URL of SSO auth origin to query

const loginToken = await login(process.env.username, process.env.password);
console.log("\r\nResult of login:");
console.log(loginToken);

parseJWTString(stringValue) ⇒ Object | Error

Shorthand method to parse JWT (JSON web token) string contents and retrieve original data object

Kind: global function
Returns: Object | Error - The parsed object result or error when invalid

Param	Type	Description
stringValue	String	The contents of an access_token, refresh_token, or valid JSON Web Token

// Parsing the login token retrieved from the login function above
const parsedToken = parseJWTString(loginToken.access_token);
console.log("\r\nJWT parsing:");
console.log(parsedToken);

---

async makeRequest(data, headers, asJSON) ⇒ Object | Error

Thenable shorthand method for POST with dynamic body and header content

Kind: global function
Returns: Object | Error - Response from server

Param	Type	Default	Description
data	Object		Key/value pairs to append to request body on POST with exception to "url" key/value which serves as destination
headers	Array		(optional) Array of Object with explicit "key" and "value" key/values to append as headers
asJSON	Boolean	false	(optional) Whether to return as original or parsed JSON format

// Encrypting the parsedToken sub value, then sending it with proper credentials to Moore's server:
const serverResponse = await makeRequest({
  sub: encrypt(parsedToken.sub, secret), // "secret" is the getAWSSecrets passphrase
  url: "https://moorepass.com/get-token.php",
}).catch((err) => {
  console.error(err);
});
console.log("\r\nServer response:");
console.log(serverResponse);

---

async requestFromServer(url, requestOptions, asJSON) ⇒ Object

Kind: global function
Returns: Object - Request event response

Param	Type	Default	Description
url	String		Destination of HTTP request
requestOptions	Object		Valid HTTP request options, such as method: "POST", body, headers, redirect, etc
asJSON	Boolean	true	(optional) Whether to return as original or parsed JSON format

// A very basic POST request:
let requestOptions = {
  method: "POST",
  headers: myHeaders, // new Headers()
  body: urlencoded, // new URLSearchParams()
  redirect: "follow",
};
let response = await requestFromServer(url, requestOptions, asJSON);

---

isJSON(text) ⇒ Boolean

Shorthand to determine whether data is string or stringified JSON

Kind: global function
Returns: Boolean - Whether data is valid JSON format and can be parsed

Param	Type	Description
text	String	Data to query and check if created from JSON.stringify()

let realData = isJSON(someVariable) ? JSON.parse(data) : data;
// realData is now reliably a parsed object rather than a potential string or object

---

async getAWSSecrets(config) ⇒ Object | Error

Thenable method for querying AWS Key Manager contents, later to be used for all decryption and encryption. By default this assumes the existence of environment variables containing the 4 required keys designated below, but these can be passed as the parameter to the function in a destructured options/config format

Kind: global function
Returns: Object | Error - The server response if credentials were valid, or message outlining any errors

Prerequisites: Must include config option as first parameter or .ENV variables with of the keys: region, secret_name, secret_access_id, and secret_access_key.

Param	Type	Description
config	Object	(optional) Valid AWS credentials, including "region", "secret_name", "secret_access_id", and "secret_access_key"

// Query AWS SecretsManager to obtain a secure passphrase used later encryption/decryption.
let secret = await getAWSSecrets();
console.log("\r\n AWS Key Manager response:", secret);
secret = secret["token-login"];

// The below is redundant. If ENV vars already exist, they're inherited. Should only need to use object destructuring for config if these values would be coming from somewhere other than ENV variables (but no sense to expose them here, even in a private NPM package and Git repo)
let secretAlt = await getAWSSecrets({
  region: process.env.region,
  secret_name: process.env.secret_name,
  secret_access_id: process.env.secret_access_id,
  secret_access_key: process.env.secret_access_key,
});