README

tymly-crypto-plugin

Plugin to enable Tymly to perform encryption. Powered by JSON web tokens

tymly-crypto-plugin provides access to the Tymly crypto service, the schema for the cryptoLocker model, and the state resources:

addCryptoEntry

A state resource to grab some sensitive data from a given JSON path, and encrypt within a JWT

Whose resourceConfig requires:

A values array which is a list of JSON Paths to encrypt and store in tymly_cryptoLocker table
An expiryOffset which is the lifetime of the JWT that will hold the sensitive data

"AddCryptoEntry": {
      "Type": "Task",
      "Resource": "module:addCryptoEntry",
      "ResourceConfig": {
        "values": [
          "$.JSONPath.to.value.to.encrypt"
        ],
        "expiryOffset": "ExpiryTime"
      },
      "End": true
    }

getCryptoEntry

A state resource to grab some some encrypted data, and decrypt a JWT

Whose resourceConfig requires:

A source string which is a path to the in-memory OR postgres table the data to be decrypted is held in, in the form "NAMESPACE_TABLENAME"
A pathToDecryptionTargets array which is a list of JSONPaths
A values array which is a list of JSON paths

"GetCryptoEntry": {
      "Type": "Task",
      "Resource": "module:getCryptoEntry",
      "ResourceConfig": {
        "source": "NAMESPACE_TABLENAME",
        "pathToDecryptionTargets": [
          "$.JSONPath.to.decryption.targets",
          "$.JSONPath.to.decryption.targets",
          ...
        ],
        "values": [
          "$.JSONPath.to.value.to.decrypt",
          ...
        ]
      },
      "End": true
    }

and is soon to include:

deleteExpiredCryptoValues

Install

$ npm install @wmfs/tymly-crypto-plugin --save

Testing

tymly-crypto-plugin only requires an encryption string to be present to run.

$ npm run test

Environment Variables

TYMLY_AUTH_AUDIENCE=anyStringYouLike

Usage no npm install needed!

README

tymly-crypto-plugin

Install

Testing

Environment Variables