nix/infisical-node-sdk
1
0
Fork 0
Code Issues Pull Requests Activity

Move from openapi-generator-cli to custom Axios approach, and add listFolders endpoint

Browse Source
This commit is contained in:
carlosmonastyrski
2025-05-02 19:12:08 -03:00
parent 1b8aa6d20e
commit 68613f6b13
25 changed files with 1757 additions and 2605 deletions
Download Patch File Download Diff File Expand all files Collapse all files

172
src/custom/auth.ts
View File

@@ -1,6 +1,6 @@
import { InfisicalSDK } from "..";
import { ApiV1AuthUniversalAuthLoginPostRequest } from "../infisicalapi_client";
import { DefaultApi as InfisicalApi } from "../infisicalapi_client";
import { AuthApi } from "../api/endpoints/auth";
import { UniversalAuthLoginRequest } from "../api/types";
import { MACHINE_IDENTITY_ID_ENV_NAME } from "./constants";
import { InfisicalSDKError, newInfisicalError } from "./errors";
import { getAwsRegion, performAwsIamLogin } from "./util";
@@ -8,97 +8,103 @@ import { getAwsRegion, performAwsIamLogin } from "./util";
type AuthenticatorFunction = (accessToken: string) => InfisicalSDK;
type AwsAuthLoginOptions = {
identityId?: string;
identityId?: string;
};
export const renewToken = async (apiClient: InfisicalApi, token?: string) => {
try {
if (!token) {
throw new InfisicalSDKError("Unable to renew access token, no access token set. Are you sure you're authenticated?");
}
export const renewToken = async (apiClient: AuthApi, token?: string) => {
try {
if (!token) {
throw new InfisicalSDKError(
"Unable to renew access token, no access token set."
);
}
const res = await apiClient.apiV1AuthTokenRenewPost({
apiV1AuthTokenRenewPostRequest: {
accessToken: token
}
});
return res.data;
} catch (err) {
throw newInfisicalError(err);
}
const res = await apiClient.renewToken({ accessToken: token });
return res;
} catch (err) {
throw newInfisicalError(err);
}
};
export default class AuthClient {
#sdkAuthenticator: AuthenticatorFunction;
#apiClient: InfisicalApi;
#accessToken?: string;
#sdkAuthenticator: AuthenticatorFunction;
#apiClient: AuthApi;
#accessToken?: string;
constructor(authenticator: AuthenticatorFunction, apiInstance: InfisicalApi, accessToken?: string) {
this.#sdkAuthenticator = authenticator;
this.#apiClient = apiInstance;
this.#accessToken = accessToken;
}
constructor(
authenticator: AuthenticatorFunction,
apiInstance: AuthApi,
accessToken?: string
) {
this.#sdkAuthenticator = authenticator;
this.#apiClient = apiInstance;
this.#accessToken = accessToken;
}
awsIamAuth = {
login: async (options?: AwsAuthLoginOptions) => {
try {
const identityId = options?.identityId || process.env[MACHINE_IDENTITY_ID_ENV_NAME];
awsIamAuth = {
login: async (options?: AwsAuthLoginOptions) => {
try {
const identityId =
options?.identityId || process.env[MACHINE_IDENTITY_ID_ENV_NAME];
if (!identityId) {
throw new InfisicalSDKError(
"Identity ID is required for AWS IAM authentication"
);
}
if (!identityId) {
throw new InfisicalSDKError("Identity ID is required for AWS IAM authentication");
}
const iamRequest = await performAwsIamLogin(await getAwsRegion());
const res = await this.#apiClient.awsIamAuthLogin({
iamHttpRequestMethod: iamRequest.iamHttpRequestMethod,
iamRequestBody: Buffer.from(iamRequest.iamRequestBody).toString(
"base64"
),
iamRequestHeaders: Buffer.from(
JSON.stringify(iamRequest.iamRequestHeaders)
).toString("base64"),
identityId,
});
const iamRequest = await performAwsIamLogin(await getAwsRegion());
return this.#sdkAuthenticator(res.accessToken);
} catch (err) {
throw newInfisicalError(err);
}
},
renew: async () => {
try {
const refreshedToken = await renewToken(
this.#apiClient,
this.#accessToken
);
return this.#sdkAuthenticator(refreshedToken.accessToken);
} catch (err) {
throw newInfisicalError(err);
}
},
};
const res = await this.#apiClient.apiV1AuthAwsAuthLoginPost({
apiV1AuthAwsAuthLoginPostRequest: {
iamHttpRequestMethod: iamRequest.iamHttpRequestMethod,
iamRequestBody: Buffer.from(iamRequest.iamRequestBody).toString("base64"),
iamRequestHeaders: Buffer.from(JSON.stringify(iamRequest.iamRequestHeaders)).toString("base64"),
identityId
}
});
universalAuth = {
login: async (options: UniversalAuthLoginRequest) => {
try {
const res = await this.#apiClient.universalAuthLogin(options);
return this.#sdkAuthenticator(res.accessToken);
} catch (err) {
throw newInfisicalError(err);
}
},
renew: async () => {
try {
const refreshedToken = await renewToken(
this.#apiClient,
this.#accessToken
);
return this.#sdkAuthenticator(refreshedToken.accessToken);
} catch (err) {
throw newInfisicalError(err);
}
},
};
return this.#sdkAuthenticator(res.data.accessToken);
} catch (err) {
throw newInfisicalError(err);
}
},
renew: async () => {
try {
const refreshedToken = await renewToken(this.#apiClient, this.#accessToken);
return this.#sdkAuthenticator(refreshedToken.accessToken);
} catch (err) {
throw newInfisicalError(err);
}
}
};
universalAuth = {
login: async (options: ApiV1AuthUniversalAuthLoginPostRequest) => {
try {
const res = await this.#apiClient.apiV1AuthUniversalAuthLoginPost({
apiV1AuthUniversalAuthLoginPostRequest: options
});
return this.#sdkAuthenticator(res.data.accessToken);
} catch (err) {
throw newInfisicalError(err);
}
},
renew: async () => {
try {
const refreshedToken = await renewToken(this.#apiClient, this.#accessToken);
return this.#sdkAuthenticator(refreshedToken.accessToken);
} catch (err) {
throw newInfisicalError(err);
}
}
};
accessToken = (token: string) => {
return this.#sdkAuthenticator(token);
};
accessToken = (token: string) => {
return this.#sdkAuthenticator(token);
};
}