| 1 | ;
|
| 2 |
|
| 3 | Object.defineProperty(exports, "__esModule", {
|
| 4 | value: true
|
| 5 | });
|
| 6 | exports.keyManager = undefined;
|
| 7 |
|
| 8 | var _gcloud = require('./gcloud');
|
| 9 |
|
| 10 | var _config = require('./config');
|
| 11 |
|
| 12 | var _config2 = _interopRequireDefault(_config);
|
| 13 |
|
| 14 | function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }
|
| 15 |
|
| 16 | function _asyncToGenerator(fn) { return function () { var gen = fn.apply(this, arguments); return new Promise(function (resolve, reject) { function step(key, arg) { try { var info = gen[key](arg); var value = info.value; } catch (error) { reject(error); return; } if (info.done) { resolve(value); } else { return Promise.resolve(value).then(function (value) { step("next", value); }, function (err) { step("throw", err); }); } } return step("next"); }); }; } /*
|
| 17 | * MIT License
|
| 18 | *
|
| 19 | * Copyright (c) 2017 Choko (choko@curioswitch.org)
|
| 20 | *
|
| 21 | * Permission is hereby granted, free of charge, to any person obtaining a copy
|
| 22 | * of this software and associated documentation files (the "Software"), to deal
|
| 23 | * in the Software without restriction, including without limitation the rights
|
| 24 | * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
|
| 25 | * copies of the Software, and to permit persons to whom the Software is
|
| 26 | * furnished to do so, subject to the following conditions:
|
| 27 | *
|
| 28 | * The above copyright notice and this permission notice shall be included in all
|
| 29 | * copies or substantial portions of the Software.
|
| 30 | *
|
| 31 | * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
| 32 | * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
| 33 | * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
|
| 34 | * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
|
| 35 | * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
|
| 36 | * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
|
| 37 | * SOFTWARE.
|
| 38 | */
|
| 39 |
|
| 40 | class KeyManager {
|
| 41 | constructor() {
|
| 42 | this.decryptedKeys = new Map();
|
| 43 | }
|
| 44 |
|
| 45 | getGithubToken(repo) {
|
| 46 | var _this = this;
|
| 47 |
|
| 48 | return _asyncToGenerator(function* () {
|
| 49 | return _this.getDecrypted(_config2.default.repos[repo].encryptedGithubToken, `GITHUB_TOKEN-${repo}`);
|
| 50 | })();
|
| 51 | }
|
| 52 |
|
| 53 | getWebhookSecret() {
|
| 54 | var _this2 = this;
|
| 55 |
|
| 56 | return _asyncToGenerator(function* () {
|
| 57 | return _this2.getDecrypted(_config2.default.encryptedWebhookSecret, 'WEBHOOK_SECRET');
|
| 58 | })();
|
| 59 | }
|
| 60 |
|
| 61 | getDecrypted(encryptedBase64, cacheKey) {
|
| 62 | var _this3 = this;
|
| 63 |
|
| 64 | return _asyncToGenerator(function* () {
|
| 65 | const cached = _this3.decryptedKeys.get(cacheKey);
|
| 66 | if (cached) {
|
| 67 | return cached;
|
| 68 | }
|
| 69 | console.log('Decrypting ', cacheKey);
|
| 70 | const decrypted = Buffer.from((yield _gcloud.googleApis.decryptKey(_config2.default.kms.location, _config2.default.kms.keyring, _config2.default.kms.key, encryptedBase64)), 'base64').toString('ascii');
|
| 71 | _this3.decryptedKeys.set(cacheKey, decrypted);
|
| 72 | return decrypted;
|
| 73 | })();
|
| 74 | }
|
| 75 | }
|
| 76 |
|
| 77 | const keyManager = exports.keyManager = new KeyManager(); |
| \ | No newline at end of file |