1 | ;
|
2 |
|
3 | Object.defineProperty(exports, "__esModule", {
|
4 | value: true
|
5 | });
|
6 |
|
7 | var _logger = require('./logger');
|
8 |
|
9 | var _logger2 = _interopRequireDefault(_logger);
|
10 |
|
11 | var _bluebird = require('bluebird');
|
12 |
|
13 | var _bluebird2 = _interopRequireDefault(_bluebird);
|
14 |
|
15 | var _nodeCache = require('node-cache');
|
16 |
|
17 | var _nodeCache2 = _interopRequireDefault(_nodeCache);
|
18 |
|
19 | var _trustedEndpointBase = require('./trusted-endpoint-base');
|
20 |
|
21 | var _trustedEndpointBase2 = _interopRequireDefault(_trustedEndpointBase);
|
22 |
|
23 | var _schemas = require('./schemas');
|
24 |
|
25 | var _trustedCacheSchemas = require('./schemas/trusted-cache-schemas');
|
26 |
|
27 | var _trustedCacheSchemas2 = _interopRequireDefault(_trustedCacheSchemas);
|
28 |
|
29 | function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }
|
30 |
|
31 | const logger = (0, _logger2.default)('with-cache');
|
32 |
|
33 | const CACHE_CHECK_PERIOD_FACTOR = 1.2;
|
34 | const DEFA_LOCAL_AUTH_TIMEOUT_SECONDS = 15 * 60; // 15 minutes
|
35 | const DEFA_REMOTE_AUTH_TIMEOUT_SECONDS = 5 * 60; // 5 minutes
|
36 |
|
37 | let $cache = Symbol('cache');
|
38 | let $promiseCacheGet = Symbol('promiseCacheGet');
|
39 | let $promiseCacheSet = Symbol('promiseCacheSet');
|
40 | let $localAuthTimeoutSeconds = Symbol('localAuthTimeoutSeconds');
|
41 | let $remoteAuthTimeoutSeconds = Symbol('remoteAuthTimeoutSeconds');
|
42 |
|
43 | class TrustedEndpointWithCache extends _trustedEndpointBase2.default {
|
44 | constructor(options) {
|
45 | super(options);
|
46 | (0, _schemas.validate)(options, _trustedCacheSchemas2.default);
|
47 |
|
48 | this[$localAuthTimeoutSeconds] = options.localAuthTimeoutSeconds || DEFA_LOCAL_AUTH_TIMEOUT_SECONDS;
|
49 | this[$remoteAuthTimeoutSeconds] = options.remoteAuthTimeoutSeconds || DEFA_REMOTE_AUTH_TIMEOUT_SECONDS;
|
50 | this[$cache] = new _nodeCache2.default({
|
51 | stdTtl: this.remoteAuthTimeoutSeconds,
|
52 | checkperiod: Math.round(this.remoteAuthTimeoutSeconds * CACHE_CHECK_PERIOD_FACTOR),
|
53 | useClones: false
|
54 | });
|
55 | this[$promiseCacheGet] = _bluebird2.default.promisify(this[$cache].get);
|
56 | this[$promiseCacheSet] = _bluebird2.default.promisify(this[$cache].set);;
|
57 | }
|
58 |
|
59 | get localAuthTimeoutSeconds() {
|
60 | return this[$localAuthTimeoutSeconds];
|
61 | }
|
62 |
|
63 | get remoteAuthTimeoutSeconds() {
|
64 | return this[$remoteAuthTimeoutSeconds];
|
65 | }
|
66 |
|
67 | resolveAndVerifyClaims(keyId, ttl) {
|
68 | ttl = ttl || this.remoteAuthTimeoutSeconds;
|
69 | let cacheKey = `claims: ${ keyId }`;
|
70 | return this[$promiseCacheGet](cacheKey).then(item => {
|
71 | if (item !== undefined) {
|
72 | if (item.isExpired) {
|
73 | logger.debug(`expired claims evicted from cache: ${ keyId }:${ item.id }`);
|
74 | this.flush(cacheKey);
|
75 | } else {
|
76 | return item;
|
77 | }
|
78 | }
|
79 | return super.resolveAndVerifyClaims(keyId).then(auth => {
|
80 | if (auth.verified && !auth.isExpired) {
|
81 | return this[$promiseCacheSet](cacheKey, auth, ttl).then(() => auth);
|
82 | }
|
83 | return auth;
|
84 | });
|
85 | });
|
86 | }
|
87 |
|
88 | resolveEndpointKey(keyId, ttl) {
|
89 | let cacheKey = `key: ${ keyId }`;
|
90 | return this[$promiseCacheGet](cacheKey).then(item => {
|
91 | if (item !== undefined) {
|
92 | return item;
|
93 | }
|
94 | return super.resolveEndpointKey(keyId).then(key => {
|
95 | return this[$promiseCacheSet](cacheKey, key, ttl).then(() => key);
|
96 | });
|
97 | });
|
98 | }
|
99 |
|
100 | getLocalAuth() {
|
101 | return this.resolveAndVerifyClaims(this.keyId, this.localAuthTimeoutSeconds);
|
102 | }
|
103 |
|
104 | flush(keyId) {
|
105 | let cache = this[$cache];
|
106 | if (cache) {
|
107 | let claimsKey = `claims: ${ keyId }`;
|
108 | let keyKey = `key: ${ keyId }`;
|
109 | cache.del(claimsKey);
|
110 | cache.del(keyKey);
|
111 | }
|
112 | }
|
113 |
|
114 | flushAll() {
|
115 | let cache = this[$cache];
|
116 | if (cache) {
|
117 | cache.flushAll();
|
118 | }
|
119 | }
|
120 |
|
121 | close() {
|
122 | let cache = this[$cache];
|
123 | if (cache) {
|
124 | cache.close();
|
125 | }
|
126 | }
|
127 |
|
128 | }
|
129 |
|
130 | exports.default = TrustedEndpointWithCache;
|
131 | module.exports = exports['default'];
|
132 | //# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJzb3VyY2VzIjpbIi4uL2xpYi90cnVzdGVkLWVuZHBvaW50LWNhY2hlLmpzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7Ozs7OztBQUFBOzs7O0FBQ0E7Ozs7QUFDQTs7OztBQUNBOzs7O0FBQ0E7O0FBQ0E7Ozs7OztBQUVBLE1BQU0sU0FBUyxzQkFBYSxZQUFiLENBQVQ7O0FBRU4sTUFBTSw0QkFBNEIsR0FBNUI7QUFDTixNQUFNLGtDQUFrQyxLQUFLLEVBQUw7QUFDeEMsTUFBTSxtQ0FBbUMsSUFBSSxFQUFKOztBQUV6QyxJQUFJLFNBQVMsT0FBTyxPQUFQLENBQVQ7QUFDSixJQUFJLG1CQUFtQixPQUFPLGlCQUFQLENBQW5CO0FBQ0osSUFBSSxtQkFBbUIsT0FBTyxpQkFBUCxDQUFuQjtBQUNKLElBQUksMkJBQTJCLE9BQU8seUJBQVAsQ0FBM0I7QUFDSixJQUFJLDRCQUE0QixPQUFPLDBCQUFQLENBQTVCOztBQUVKLE1BQU0sd0JBQU4sdUNBQXVEO0FBQ3JELGNBQVksT0FBWixFQUFxQjtBQUNuQixVQUFNLE9BQU4sRUFEbUI7QUFFbkIsMkJBQVMsT0FBVCxpQ0FGbUI7O0FBSW5CLFNBQUssd0JBQUwsSUFBaUMsUUFBUSx1QkFBUixJQUFtQywrQkFBbkMsQ0FKZDtBQUtuQixTQUFLLHlCQUFMLElBQWtDLFFBQVEsd0JBQVIsSUFBb0MsZ0NBQXBDLENBTGY7QUFNbkIsU0FBSyxNQUFMLElBQWUsd0JBQWM7QUFDM0IsY0FBUSxLQUFLLHdCQUFMO0FBQ1IsbUJBQWEsS0FBSyxLQUFMLENBQVcsS0FBSyx3QkFBTCxHQUFnQyx5QkFBaEMsQ0FBeEI7QUFDQSxpQkFBVyxLQUFYO0tBSGEsQ0FBZixDQU5tQjtBQVduQixTQUFLLGdCQUFMLElBQXlCLG1CQUFRLFNBQVIsQ0FBa0IsS0FBSyxNQUFMLEVBQWEsR0FBYixDQUEzQyxDQVhtQjtBQVluQixTQUFLLGdCQUFMLElBQXlCLG1CQUFRLFNBQVIsQ0FBa0IsS0FBSyxNQUFMLEVBQWEsR0FBYixDQUEzQyxDQVptQjtHQUFyQjs7QUFlQSxNQUFJLHVCQUFKLEdBQThCO0FBQzVCLFdBQU8sS0FBSyx3QkFBTCxDQUFQLENBRDRCO0dBQTlCOztBQUlBLE1BQUksd0JBQUosR0FBK0I7QUFDN0IsV0FBTyxLQUFLLHlCQUFMLENBQVAsQ0FENkI7R0FBL0I7O0FBSUEseUJBQXVCLEtBQXZCLEVBQThCLEdBQTlCLEVBQW1DO0FBQ2pDLFVBQU0sT0FBTyxLQUFLLHdCQUFMLENBRG9CO0FBRWpDLFFBQUksV0FBVyxDQUFDLFFBQUQsR0FBVyxLQUFYLEVBQWlCLENBQTVCLENBRjZCO0FBR2pDLFdBQU8sS0FBSyxnQkFBTCxFQUF1QixRQUF2QixFQUNKLElBREksQ0FDQyxRQUFRO0FBQ1osVUFBSSxTQUFTLFNBQVQsRUFBb0I7QUFDdEIsWUFBSSxLQUFLLFNBQUwsRUFBZ0I7QUFDbEIsaUJBQU8sS0FBUCxDQUFhLENBQUMsbUNBQUQsR0FBc0MsS0FBdEMsRUFBNEMsQ0FBNUMsR0FBK0MsS0FBSyxFQUFMLEVBQVEsQ0FBcEUsRUFEa0I7QUFFbEIsZUFBSyxLQUFMLENBQVcsUUFBWCxFQUZrQjtTQUFwQixNQUdPO0FBQ0wsaUJBQU8sSUFBUCxDQURLO1NBSFA7T0FERjtBQVFBLGFBQU8sTUFBTSxzQkFBTixDQUE2QixLQUE3QixFQUNKLElBREksQ0FDQyxRQUFRO0FBQ1osWUFBSSxLQUFLLFFBQUwsSUFBaUIsQ0FBQyxLQUFLLFNBQUwsRUFBZ0I7QUFDcEMsaUJBQU8sS0FBSyxnQkFBTCxFQUF1QixRQUF2QixFQUFpQyxJQUFqQyxFQUF1QyxHQUF2QyxFQUNKLElBREksQ0FDQyxNQUFNLElBQU4sQ0FEUixDQURvQztTQUF0QztBQUlBLGVBQU8sSUFBUCxDQUxZO09BQVIsQ0FEUixDQVRZO0tBQVIsQ0FEUixDQUhpQztHQUFuQzs7QUF5QkEscUJBQW1CLEtBQW5CLEVBQTBCLEdBQTFCLEVBQStCO0FBQzdCLFFBQUksV0FBVyxDQUFDLEtBQUQsR0FBUSxLQUFSLEVBQWMsQ0FBekIsQ0FEeUI7QUFFN0IsV0FBTyxLQUFLLGdCQUFMLEVBQXVCLFFBQXZCLEVBQ0osSUFESSxDQUNDLFFBQVE7QUFDWixVQUFJLFNBQVMsU0FBVCxFQUFvQjtBQUN0QixlQUFPLElBQVAsQ0FEc0I7T0FBeEI7QUFHQSxhQUFPLE1BQU0sa0JBQU4sQ0FBeUIsS0FBekIsRUFDSixJQURJLENBQ0MsT0FBTztBQUNYLGVBQU8sS0FBSyxnQkFBTCxFQUF1QixRQUF2QixFQUFpQyxHQUFqQyxFQUFzQyxHQUF0QyxFQUNKLElBREksQ0FDQyxNQUFNLEdBQU4sQ0FEUixDQURXO09BQVAsQ0FEUixDQUpZO0tBQVIsQ0FEUixDQUY2QjtHQUEvQjs7QUFlQSxpQkFBZTtBQUNiLFdBQU8sS0FBSyxzQkFBTCxDQUE0QixLQUFLLEtBQUwsRUFBWSxLQUFLLHVCQUFMLENBQS9DLENBRGE7R0FBZjs7QUFJQSxRQUFNLEtBQU4sRUFBYTtBQUNYLFFBQUksUUFBUSxLQUFLLE1BQUwsQ0FBUixDQURPO0FBRVgsUUFBSSxLQUFKLEVBQVc7QUFDVCxVQUFJLFlBQVksQ0FBQyxRQUFELEdBQVcsS0FBWCxFQUFpQixDQUE3QixDQURLO0FBRVQsVUFBSSxTQUFTLENBQUMsS0FBRCxHQUFRLEtBQVIsRUFBYyxDQUF2QixDQUZLO0FBR1QsWUFBTSxHQUFOLENBQVUsU0FBVixFQUhTO0FBSVQsWUFBTSxHQUFOLENBQVUsTUFBVixFQUpTO0tBQVg7R0FGRjs7QUFVQSxhQUFXO0FBQ1QsUUFBSSxRQUFRLEtBQUssTUFBTCxDQUFSLENBREs7QUFFVCxRQUFJLEtBQUosRUFBVztBQUNULFlBQU0sUUFBTixHQURTO0tBQVg7R0FGRjs7QUFPQSxVQUFRO0FBQ04sUUFBSSxRQUFRLEtBQUssTUFBTCxDQUFSLENBREU7QUFFTixRQUFJLEtBQUosRUFBVztBQUNULFlBQU0sS0FBTixHQURTO0tBQVg7R0FGRjs7Q0FyRkY7O2tCQThGZSIsImZpbGUiOiJ0cnVzdGVkLWVuZHBvaW50LWNhY2hlLmpzIiwic291cmNlc0NvbnRlbnQiOlsiaW1wb3J0IGNyZWF0ZUxvZ2dlciBmcm9tICcuL2xvZ2dlcic7XG5pbXBvcnQgUHJvbWlzZSBmcm9tICdibHVlYmlyZCc7XG5pbXBvcnQgTm9kZUNhY2hlIGZyb20gJ25vZGUtY2FjaGUnO1xuaW1wb3J0IFRydXN0ZWRFbmRwb2ludCBmcm9tICcuL3RydXN0ZWQtZW5kcG9pbnQtYmFzZSc7XG5pbXBvcnQgeyB2YWxpZGF0ZSB9IGZyb20gJy4vc2NoZW1hcyc7XG5pbXBvcnQgb3B0aW9uc1NjaGVtYSBmcm9tICcuL3NjaGVtYXMvdHJ1c3RlZC1jYWNoZS1zY2hlbWFzJztcblxuY29uc3QgbG9nZ2VyID0gY3JlYXRlTG9nZ2VyKCd3aXRoLWNhY2hlJyk7XG5cbmNvbnN0IENBQ0hFX0NIRUNLX1BFUklPRF9GQUNUT1IgPSAxLjI7XG5jb25zdCBERUZBX0xPQ0FMX0FVVEhfVElNRU9VVF9TRUNPTkRTID0gMTUgKiA2MDsgLy8gMTUgbWludXRlc1xuY29uc3QgREVGQV9SRU1PVEVfQVVUSF9USU1FT1VUX1NFQ09ORFMgPSA1ICogNjA7IC8vIDUgbWludXRlc1xuXG5sZXQgJGNhY2hlID0gU3ltYm9sKCdjYWNoZScpO1xubGV0ICRwcm9taXNlQ2FjaGVHZXQgPSBTeW1ib2woJ3Byb21pc2VDYWNoZUdldCcpO1xubGV0ICRwcm9taXNlQ2FjaGVTZXQgPSBTeW1ib2woJ3Byb21pc2VDYWNoZVNldCcpO1xubGV0ICRsb2NhbEF1dGhUaW1lb3V0U2Vjb25kcyA9IFN5bWJvbCgnbG9jYWxBdXRoVGltZW91dFNlY29uZHMnKTtcbmxldCAkcmVtb3RlQXV0aFRpbWVvdXRTZWNvbmRzID0gU3ltYm9sKCdyZW1vdGVBdXRoVGltZW91dFNlY29uZHMnKTtcblxuY2xhc3MgVHJ1c3RlZEVuZHBvaW50V2l0aENhY2hlIGV4dGVuZHMgVHJ1c3RlZEVuZHBvaW50IHtcbiAgY29uc3RydWN0b3Iob3B0aW9ucykge1xuICAgIHN1cGVyKG9wdGlvbnMpO1xuICAgIHZhbGlkYXRlKG9wdGlvbnMsIG9wdGlvbnNTY2hlbWEpO1xuXG4gICAgdGhpc1skbG9jYWxBdXRoVGltZW91dFNlY29uZHNdID0gb3B0aW9ucy5sb2NhbEF1dGhUaW1lb3V0U2Vjb25kcyB8fCBERUZBX0xPQ0FMX0FVVEhfVElNRU9VVF9TRUNPTkRTO1xuICAgIHRoaXNbJHJlbW90ZUF1dGhUaW1lb3V0U2Vjb25kc10gPSBvcHRpb25zLnJlbW90ZUF1dGhUaW1lb3V0U2Vjb25kcyB8fCBERUZBX1JFTU9URV9BVVRIX1RJTUVPVVRfU0VDT05EUztcbiAgICB0aGlzWyRjYWNoZV0gPSBuZXcgTm9kZUNhY2hlKHtcbiAgICAgIHN0ZFR0bDogdGhpcy5yZW1vdGVBdXRoVGltZW91dFNlY29uZHMsXG4gICAgICBjaGVja3BlcmlvZDogTWF0aC5yb3VuZCh0aGlzLnJlbW90ZUF1dGhUaW1lb3V0U2Vjb25kcyAqIENBQ0hFX0NIRUNLX1BFUklPRF9GQUNUT1IpLFxuICAgICAgdXNlQ2xvbmVzOiBmYWxzZVxuICAgIH0pO1xuICAgIHRoaXNbJHByb21pc2VDYWNoZUdldF0gPSBQcm9taXNlLnByb21pc2lmeSh0aGlzWyRjYWNoZV0uZ2V0KTtcbiAgICB0aGlzWyRwcm9taXNlQ2FjaGVTZXRdID0gUHJvbWlzZS5wcm9taXNpZnkodGhpc1skY2FjaGVdLnNldCk7O1xuICB9XG5cbiAgZ2V0IGxvY2FsQXV0aFRpbWVvdXRTZWNvbmRzKCkge1xuICAgIHJldHVybiB0aGlzWyRsb2NhbEF1dGhUaW1lb3V0U2Vjb25kc107XG4gIH1cblxuICBnZXQgcmVtb3RlQXV0aFRpbWVvdXRTZWNvbmRzKCkge1xuICAgIHJldHVybiB0aGlzWyRyZW1vdGVBdXRoVGltZW91dFNlY29uZHNdO1xuICB9XG5cbiAgcmVzb2x2ZUFuZFZlcmlmeUNsYWltcyhrZXlJZCwgdHRsKSB7XG4gICAgdHRsID0gdHRsIHx8IHRoaXMucmVtb3RlQXV0aFRpbWVvdXRTZWNvbmRzO1xuICAgIGxldCBjYWNoZUtleSA9IGBjbGFpbXM6ICR7a2V5SWR9YDtcbiAgICByZXR1cm4gdGhpc1skcHJvbWlzZUNhY2hlR2V0XShjYWNoZUtleSlcbiAgICAgIC50aGVuKGl0ZW0gPT4ge1xuICAgICAgICBpZiAoaXRlbSAhPT0gdW5kZWZpbmVkKSB7XG4gICAgICAgICAgaWYgKGl0ZW0uaXNFeHBpcmVkKSB7XG4gICAgICAgICAgICBsb2dnZXIuZGVidWcoYGV4cGlyZWQgY2xhaW1zIGV2aWN0ZWQgZnJvbSBjYWNoZTogJHtrZXlJZH06JHtpdGVtLmlkfWApO1xuICAgICAgICAgICAgdGhpcy5mbHVzaChjYWNoZUtleSk7XG4gICAgICAgICAgfSBlbHNlIHtcbiAgICAgICAgICAgIHJldHVybiBpdGVtO1xuICAgICAgICAgIH1cbiAgICAgICAgfVxuICAgICAgICByZXR1cm4gc3VwZXIucmVzb2x2ZUFuZFZlcmlmeUNsYWltcyhrZXlJZClcbiAgICAgICAgICAudGhlbihhdXRoID0+IHtcbiAgICAgICAgICAgIGlmIChhdXRoLnZlcmlmaWVkICYmICFhdXRoLmlzRXhwaXJlZCkge1xuICAgICAgICAgICAgICByZXR1cm4gdGhpc1skcHJvbWlzZUNhY2hlU2V0XShjYWNoZUtleSwgYXV0aCwgdHRsKVxuICAgICAgICAgICAgICAgIC50aGVuKCgpID0+IGF1dGgpO1xuICAgICAgICAgICAgfVxuICAgICAgICAgICAgcmV0dXJuIGF1dGg7XG4gICAgICAgICAgfSk7XG5cbiAgICAgIH0pO1xuICB9XG5cbiAgcmVzb2x2ZUVuZHBvaW50S2V5KGtleUlkLCB0dGwpIHtcbiAgICBsZXQgY2FjaGVLZXkgPSBga2V5OiAke2tleUlkfWA7XG4gICAgcmV0dXJuIHRoaXNbJHByb21pc2VDYWNoZUdldF0oY2FjaGVLZXkpXG4gICAgICAudGhlbihpdGVtID0+IHtcbiAgICAgICAgaWYgKGl0ZW0gIT09IHVuZGVmaW5lZCkge1xuICAgICAgICAgIHJldHVybiBpdGVtO1xuICAgICAgICB9XG4gICAgICAgIHJldHVybiBzdXBlci5yZXNvbHZlRW5kcG9pbnRLZXkoa2V5SWQpXG4gICAgICAgICAgLnRoZW4oa2V5ID0+IHtcbiAgICAgICAgICAgIHJldHVybiB0aGlzWyRwcm9taXNlQ2FjaGVTZXRdKGNhY2hlS2V5LCBrZXksIHR0bClcbiAgICAgICAgICAgICAgLnRoZW4oKCkgPT4ga2V5KTtcbiAgICAgICAgICB9KTtcbiAgICAgIH0pO1xuICB9XG5cbiAgZ2V0TG9jYWxBdXRoKCkge1xuICAgIHJldHVybiB0aGlzLnJlc29sdmVBbmRWZXJpZnlDbGFpbXModGhpcy5rZXlJZCwgdGhpcy5sb2NhbEF1dGhUaW1lb3V0U2Vjb25kcyk7XG4gIH1cblxuICBmbHVzaChrZXlJZCkge1xuICAgIGxldCBjYWNoZSA9IHRoaXNbJGNhY2hlXTtcbiAgICBpZiAoY2FjaGUpIHtcbiAgICAgIGxldCBjbGFpbXNLZXkgPSBgY2xhaW1zOiAke2tleUlkfWA7XG4gICAgICBsZXQga2V5S2V5ID0gYGtleTogJHtrZXlJZH1gO1xuICAgICAgY2FjaGUuZGVsKGNsYWltc0tleSk7XG4gICAgICBjYWNoZS5kZWwoa2V5S2V5KTtcbiAgICB9XG4gIH1cblxuICBmbHVzaEFsbCgpIHtcbiAgICBsZXQgY2FjaGUgPSB0aGlzWyRjYWNoZV07XG4gICAgaWYgKGNhY2hlKSB7XG4gICAgICBjYWNoZS5mbHVzaEFsbCgpO1xuICAgIH1cbiAgfVxuXG4gIGNsb3NlKCkge1xuICAgIGxldCBjYWNoZSA9IHRoaXNbJGNhY2hlXTtcbiAgICBpZiAoY2FjaGUpIHtcbiAgICAgIGNhY2hlLmNsb3NlKCk7XG4gICAgfVxuICB9XG5cbn1cblxuZXhwb3J0IGRlZmF1bHQgVHJ1c3RlZEVuZHBvaW50V2l0aENhY2hlO1xuIl19 |
\ | No newline at end of file |