1 | ;
|
2 |
|
3 | Object.defineProperty(exports, "__esModule", {
|
4 | value: true
|
5 | });
|
6 | exports.keyManager = undefined;
|
7 |
|
8 | var _gcloud = require('./gcloud');
|
9 |
|
10 | var _config = require('./config');
|
11 |
|
12 | var _config2 = _interopRequireDefault(_config);
|
13 |
|
14 | function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }
|
15 |
|
16 | function _asyncToGenerator(fn) { return function () { var gen = fn.apply(this, arguments); return new Promise(function (resolve, reject) { function step(key, arg) { try { var info = gen[key](arg); var value = info.value; } catch (error) { reject(error); return; } if (info.done) { resolve(value); } else { return Promise.resolve(value).then(function (value) { step("next", value); }, function (err) { step("throw", err); }); } } return step("next"); }); }; } /*
|
17 | * MIT License
|
18 | *
|
19 | * Copyright (c) 2017 Choko (choko@curioswitch.org)
|
20 | *
|
21 | * Permission is hereby granted, free of charge, to any person obtaining a copy
|
22 | * of this software and associated documentation files (the "Software"), to deal
|
23 | * in the Software without restriction, including without limitation the rights
|
24 | * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
|
25 | * copies of the Software, and to permit persons to whom the Software is
|
26 | * furnished to do so, subject to the following conditions:
|
27 | *
|
28 | * The above copyright notice and this permission notice shall be included in all
|
29 | * copies or substantial portions of the Software.
|
30 | *
|
31 | * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
32 | * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
33 | * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
|
34 | * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
|
35 | * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
|
36 | * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
|
37 | * SOFTWARE.
|
38 | */
|
39 |
|
40 | class KeyManager {
|
41 | constructor() {
|
42 | this.decryptedKeys = new Map();
|
43 | }
|
44 |
|
45 | getGithubToken(repo) {
|
46 | var _this = this;
|
47 |
|
48 | return _asyncToGenerator(function* () {
|
49 | return _this.getDecrypted(_config2.default.repos[repo].encryptedGithubToken, `GITHUB_TOKEN-${repo}`);
|
50 | })();
|
51 | }
|
52 |
|
53 | getWebhookSecret() {
|
54 | var _this2 = this;
|
55 |
|
56 | return _asyncToGenerator(function* () {
|
57 | return _this2.getDecrypted(_config2.default.encryptedWebhookSecret, 'WEBHOOK_SECRET');
|
58 | })();
|
59 | }
|
60 |
|
61 | getDecrypted(encryptedBase64, cacheKey) {
|
62 | var _this3 = this;
|
63 |
|
64 | return _asyncToGenerator(function* () {
|
65 | const cached = _this3.decryptedKeys.get(cacheKey);
|
66 | if (cached) {
|
67 | return cached;
|
68 | }
|
69 | console.log('Decrypting ', cacheKey);
|
70 | const decrypted = Buffer.from((yield _gcloud.googleApis.decryptKey(_config2.default.kms.location, _config2.default.kms.keyring, _config2.default.kms.key, encryptedBase64)), 'base64').toString('ascii');
|
71 | _this3.decryptedKeys.set(cacheKey, decrypted);
|
72 | return decrypted;
|
73 | })();
|
74 | }
|
75 | }
|
76 |
|
77 | const keyManager = exports.keyManager = new KeyManager(); |
\ | No newline at end of file |