| 1 | {"version":3,"file":"SasToken.js","sourceRoot":"","sources":["../../../src/utils/SasToken.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC;AAGlC,OAAO,EAAE,SAAS,EAAE,aAAa,EAAE,sBAAsB,EAAE,MAAM,WAAW,CAAC;AAC7E,OAAO,EAAE,UAAU,EAAE,MAAM,UAAU,CAAC;AACtC,OAAO,EAAE,IAAI,EAAE,MAAM,QAAQ,CAAC;AAE9B;;;GAGG;AAEH,MAAM,CAAC,KAAK,UAAU,2BAA2B,CAC/C,SAAiB,EACjB,kBAAsC;IAEtC,IAAI,kBAAkB,GAAG,EAAE,CAAC;IAC5B,IACE,OAAO,kBAAkB,CAAC,YAAY,KAAK,QAAQ;QACnD,kBAAkB,CAAC,YAAY,KAAK,EAAE,EACtC;QACA,kBAAkB,IAAI,IAAI,SAAS,CAAC,IAAI,CAAC,oBAAoB,IAAI,kBAAkB,CAAC,YAAY,EAAE,CAAC;KACpG;IAED,IACE,OAAO,kBAAkB,CAAC,aAAa,KAAK,QAAQ;QACpD,kBAAkB,CAAC,aAAa,KAAK,EAAE,EACvC;QACA,IAAI,kBAAkB,CAAC,YAAY,KAAK,EAAE,EAAE;YAC1C,MAAM,IAAI,KAAK,CAAC,8BAA8B,kBAAkB,CAAC,YAAY;sDAC7B,CAAC,CAAC;SACnD;QACD,kBAAkB,IAAI,IAAI,SAAS,CAAC,IAAI,CAAC,sBAAsB,IAAI,kBAAkB,CAAC,aAAa,EAAE,CAAC;KACvG;IAED,IACE,OAAO,kBAAkB,CAAC,YAAY,KAAK,QAAQ;QACnD,kBAAkB,CAAC,YAAY,KAAK,EAAE,EACtC;QACA,IAAI,kBAAkB,CAAC,aAAa,KAAK,EAAE,EAAE;YAC3C,MAAM,IAAI,KAAK,CAAC,8BAA8B,kBAAkB,CAAC,aAAa;uDAC7B,CAAC,CAAC;SACpD;QACD,QAAQ,kBAAkB,CAAC,YAAY,EAAE;YACvC,KAAK,MAAM;gBACT,kBAAkB,IAAI,GAAG,SAAS,CAAC,IAAI,CAAC,IAAI,GAAG,SAAS,CAAC,IAAI,CAAC,oBAAoB,EAAE,CAAC;gBACrF,MAAM;YACR,KAAK,kBAAkB;gBACrB,kBAAkB,IAAI,GAAG,SAAS,CAAC,IAAI,CAAC,IAAI,GAAG,SAAS,CAAC,IAAI,CAAC,2BAA2B,EAAE,CAAC;gBAC5F,MAAM;YACR,KAAK,uBAAuB;gBAC1B,kBAAkB,IAAI,GAAG,SAAS,CAAC,IAAI,CAAC,IAAI,GAAG,SAAS,CAAC,IAAI,CAAC,+BAA+B,EAAE,CAAC;gBAChG,MAAM;YACR,KAAK,SAAS;gBACZ,kBAAkB,IAAI,GAAG,SAAS,CAAC,IAAI,CAAC,IAAI,GAAG,SAAS,CAAC,IAAI,CAAC,mBAAmB,EAAE,CAAC;gBACpF,MAAM;YACR;gBACE,MAAM,IAAI,KAAK,CAAC,8BAA8B,kBAAkB,CAAC,YAAY;sDAC/B,CAAC,CAAC;gBAChD,MAAM;SACT;QACD,kBAAkB,IAAI,GAAG,SAAS,CAAC,IAAI,CAAC,IAAI,GAAG,kBAAkB,CAAC,YAAY,GAAG,SAAS,CAAC,IAAI,CAAC,IAAI,EAAE,CAAC;KACxG;IACD,kBAAkB,CAAC,YAAY,GAAG,kBAAkB,CAAC,QAAQ,EAAE,CAAC;IAEhE,IAAI,eAAe,GAAG,EAAE,CAAC;IAEzB,IACE,kBAAkB,CAAC,uBAAuB,KAAK,SAAS;QACxD,kBAAkB,CAAC,uBAAuB,CAAC,MAAM,GAAG,CAAC,EACrD;QACA,IACE,OAAO,kBAAkB,CAAC,YAAY,KAAK,QAAQ;YACnD,kBAAkB,CAAC,YAAY,KAAK,MAAM,EAC1C;YACA,MAAM,IAAI,KAAK,CAAC,8BAA8B,kBAAkB,CAAC,YAAY;kEACjB,CAAC,CAAC;SAC/D;QACD,kBAAkB,CAAC,uBAAuB,CAAC,OAAO,CAAC,CAAC,KAAK,EAAE,EAAE;YAC3D,eAAe,IAAI,GAAG,UAAU,CAAC,KAAK,CAAC,GAAG,CAAC;QAC7C,CAAC,CAAC,CAAC;KACJ;IAED,IAAI,kBAAkB,CAAC,uBAAuB,KAAK,CAAC,EAAE;QACpD,kBAAkB,CAAC,uBAAuB,IAAI,sBAAsB,CAAC,gBAAgB,CAAC;QACtF,kBAAkB,CAAC,uBAAuB,IAAI,sBAAsB,CAAC,gBAAgB,CAAC;KACvF;IAED,IACE,kBAAkB,CAAC,oBAAoB,KAAK,CAAC;QAC7C,kBAAkB,CAAC,oBAAoB,KAAK,CAAC,EAC7C;QACA,kBAAkB,CAAC,oBAAoB,GAAG,sBAAsB,CAAC,mBAAmB,CAAC;QACrF,kBAAkB,CAAC,oBAAoB,GAAG,sBAAsB,CAAC,mBAAmB,CAAC;KACtF;IAED,IACE,OAAO,kBAAkB,CAAC,OAAO,KAAK,QAAQ;QAC9C,OAAO,kBAAkB,CAAC,OAAO,KAAK,SAAS,EAC/C;QACA,QAAQ,kBAAkB,CAAC,OAAO,EAAE;YAClC,KAAK,aAAa,CAAC,aAAa;gBAC9B,kBAAkB,CAAC,OAAO,GAAG,CAAC,CAAC;gBAC/B,MAAM;YACR,KAAK,aAAa,CAAC,eAAe;gBAChC,kBAAkB,CAAC,OAAO,GAAG,CAAC,CAAC;gBAC/B,MAAM;YACR,KAAK,aAAa,CAAC,eAAe;gBAChC,kBAAkB,CAAC,OAAO,GAAG,CAAC,CAAC;gBAC/B,MAAM;YACR,KAAK,aAAa,CAAC,iBAAiB;gBAClC,kBAAkB,CAAC,OAAO,GAAG,CAAC,CAAC;gBAC/B,MAAM;YACR;gBACE,MAAM,IAAI,KAAK,CAAC,8BAA8B,kBAAkB,CAAC,OAAO;iDAC/B,CAAC,CAAC;gBAC3C,MAAM;SACT;KACF;IAED,MAAM,OAAO,GACX,kBAAkB,CAAC,IAAI;QACvB,IAAI;QACJ,kBAAkB,CAAC,OAAO;QAC1B,IAAI;QACJ,kBAAkB,CAAC,YAAY;QAC/B,IAAI;QACJ,eAAe;QACf,IAAI;QACJ,oBAAoB,CAAC,kBAAkB,CAAC,SAAS,CAAC,CAAC,QAAQ,CAAC,EAAE,CAAC;QAC/D,IAAI;QACJ,oBAAoB,CAAC,kBAAkB,CAAC,UAAU,CAAC,CAAC,QAAQ,CAAC,EAAE,CAAC;QAChE,IAAI;QACJ,kBAAkB,CAAC,OAAO;QAC1B,IAAI;QACJ,kBAAkB,CAAC,uBAAuB,CAAC,QAAQ,CAAC,EAAE,CAAC;QACvD,IAAI;QACJ,kBAAkB,CAAC,uBAAuB,CAAC,QAAQ,CAAC,EAAE,CAAC;QACvD,IAAI;QACJ,kBAAkB,CAAC,oBAAoB,CAAC,QAAQ,CAAC,EAAE,CAAC;QACpD,IAAI;QACJ,kBAAkB,CAAC,oBAAoB,CAAC,QAAQ,CAAC,EAAE,CAAC;QACpD,IAAI,CAAC;IAEP,MAAM,aAAa,GAAG,MAAM,IAAI,CAAC,SAAS,EAAE,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC,CAAC;IACrF,OAAO,uBAAuB,GAAG,aAAa,GAAG,GAAG,GAAG,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC;AACjG,CAAC;AACD;;GAEG;AACH,mCAAmC;AACnC,MAAM,UAAU,oBAAoB,CAAC,IAAU;IAC7C,OAAO,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,OAAO,EAAE,GAAG,IAAI,CAAC,CAAC;AAC3C,CAAC","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT license.\n\nimport { SasTokenProperties } from \"../client/SasToken/SasTokenProperties\";\nimport { Constants, CosmosKeyType, SasTokenPermissionKind } from \"../common\";\nimport { encodeUTF8 } from \"./encode\";\nimport { hmac } from \"./hmac\";\n\n/**\n * Experimental internal only\n * Generates the payload representing the permission configuration for the sas token.\n */\n\nexport async function createAuthorizationSasToken(\n masterKey: string,\n sasTokenProperties: SasTokenProperties\n): Promise<string> {\n let resourcePrefixPath = \"\";\n if (\n typeof sasTokenProperties.databaseName === \"string\" &&\n sasTokenProperties.databaseName !== \"\"\n ) {\n resourcePrefixPath += `/${Constants.Path.DatabasesPathSegment}/${sasTokenProperties.databaseName}`;\n }\n\n if (\n typeof sasTokenProperties.containerName === \"string\" &&\n sasTokenProperties.containerName !== \"\"\n ) {\n if (sasTokenProperties.databaseName === \"\") {\n throw new Error(`illegalArgumentException : ${sasTokenProperties.databaseName} \\\n is an invalid database name`);\n }\n resourcePrefixPath += `/${Constants.Path.CollectionsPathSegment}/${sasTokenProperties.containerName}`;\n }\n\n if (\n typeof sasTokenProperties.resourceName === \"string\" &&\n sasTokenProperties.resourceName !== \"\"\n ) {\n if (sasTokenProperties.containerName === \"\") {\n throw new Error(`illegalArgumentException : ${sasTokenProperties.containerName} \\\n is an invalid container name`);\n }\n switch (sasTokenProperties.resourceKind) {\n case \"ITEM\":\n resourcePrefixPath += `${Constants.Path.Root}${Constants.Path.DocumentsPathSegment}`;\n break;\n case \"STORED_PROCEDURE\":\n resourcePrefixPath += `${Constants.Path.Root}${Constants.Path.StoredProceduresPathSegment}`;\n break;\n case \"USER_DEFINED_FUNCTION\":\n resourcePrefixPath += `${Constants.Path.Root}${Constants.Path.UserDefinedFunctionsPathSegment}`;\n break;\n case \"TRIGGER\":\n resourcePrefixPath += `${Constants.Path.Root}${Constants.Path.TriggersPathSegment}`;\n break;\n default:\n throw new Error(`illegalArgumentException : ${sasTokenProperties.resourceKind} \\\n is an invalid resource kind`);\n break;\n }\n resourcePrefixPath += `${Constants.Path.Root}${sasTokenProperties.resourceName}${Constants.Path.Root}`;\n }\n sasTokenProperties.resourcePath = resourcePrefixPath.toString();\n\n let partitionRanges = \"\";\n\n if (\n sasTokenProperties.partitionKeyValueRanges !== undefined &&\n sasTokenProperties.partitionKeyValueRanges.length > 0\n ) {\n if (\n typeof sasTokenProperties.resourceKind !== \"string\" &&\n sasTokenProperties.resourceKind !== \"ITEM\"\n ) {\n throw new Error(`illegalArgumentException : ${sasTokenProperties.resourceKind} \\\n is an invalid partition key value range`);\n }\n sasTokenProperties.partitionKeyValueRanges.forEach((range) => {\n partitionRanges += `${encodeUTF8(range)},`;\n });\n }\n\n if (sasTokenProperties.controlPlaneReaderScope === 0) {\n sasTokenProperties.controlPlaneReaderScope += SasTokenPermissionKind.ContainerReadAny;\n sasTokenProperties.controlPlaneWriterScope += SasTokenPermissionKind.ContainerReadAny;\n }\n\n if (\n sasTokenProperties.dataPlaneReaderScope === 0 &&\n sasTokenProperties.dataPlaneWriterScope === 0\n ) {\n sasTokenProperties.dataPlaneReaderScope = SasTokenPermissionKind.ContainerFullAccess;\n sasTokenProperties.dataPlaneWriterScope = SasTokenPermissionKind.ContainerFullAccess;\n }\n\n if (\n typeof sasTokenProperties.keyType !== \"number\" ||\n typeof sasTokenProperties.keyType === undefined\n ) {\n switch (sasTokenProperties.keyType) {\n case CosmosKeyType.PrimaryMaster:\n sasTokenProperties.keyType = 1;\n break;\n case CosmosKeyType.SecondaryMaster:\n sasTokenProperties.keyType = 2;\n break;\n case CosmosKeyType.PrimaryReadOnly:\n sasTokenProperties.keyType = 3;\n break;\n case CosmosKeyType.SecondaryReadOnly:\n sasTokenProperties.keyType = 4;\n break;\n default:\n throw new Error(`illegalArgumentException : ${sasTokenProperties.keyType} \\\n is an invalid key type`);\n break;\n }\n }\n\n const payload =\n sasTokenProperties.user +\n \"\\n\" +\n sasTokenProperties.userTag +\n \"\\n\" +\n sasTokenProperties.resourcePath +\n \"\\n\" +\n partitionRanges +\n \"\\n\" +\n utcsecondsSinceEpoch(sasTokenProperties.startTime).toString(16) +\n \"\\n\" +\n utcsecondsSinceEpoch(sasTokenProperties.expiryTime).toString(16) +\n \"\\n\" +\n sasTokenProperties.keyType +\n \"\\n\" +\n sasTokenProperties.controlPlaneReaderScope.toString(16) +\n \"\\n\" +\n sasTokenProperties.controlPlaneWriterScope.toString(16) +\n \"\\n\" +\n sasTokenProperties.dataPlaneReaderScope.toString(16) +\n \"\\n\" +\n sasTokenProperties.dataPlaneWriterScope.toString(16) +\n \"\\n\";\n\n const signedPayload = await hmac(masterKey, Buffer.from(payload).toString(\"base64\"));\n return \"type=sas&ver=1.0&sig=\" + signedPayload + \";\" + Buffer.from(payload).toString(\"base64\");\n}\n/**\n * @hidden\n */\n// TODO: utcMilllisecondsSinceEpoch\nexport function utcsecondsSinceEpoch(date: Date): number {\n return Math.round(date.getTime() / 1000);\n}\n"]} |