nix/infisical-node-sdk
1
0
Fork 0
Code Issues Pull Requests Activity

feat: less verbose errors

Browse Source
This commit is contained in:
Daniel Hougaard
2024-10-10 00:57:24 +04:00
parent b789129f3d
commit aefae1c470
1 changed files with 66 additions and 22 deletions
Download Patch File Download Diff File Expand all files Collapse all files

52
src/custom/auth.ts
View File

@@ -2,6 +2,7 @@ import { InfisicalSDK } from "..";
import { ApiV1AuthUniversalAuthLoginPostRequest } from "../infisicalapi_client"; import { ApiV1AuthUniversalAuthLoginPostRequest } from "../infisicalapi_client";
import { DefaultApi as InfisicalApi } from "../infisicalapi_client"; import { DefaultApi as InfisicalApi } from "../infisicalapi_client";
import { MACHINE_IDENTITY_ID_ENV_NAME } from "./constants"; import { MACHINE_IDENTITY_ID_ENV_NAME } from "./constants";
import { InfisicalSDKError, newInfisicalError } from "./errors";
import { getAwsRegion, performAwsIamLogin } from "./util"; import { getAwsRegion, performAwsIamLogin } from "./util";
type AuthenticatorFunction = (accessToken: string) => InfisicalSDK; type AuthenticatorFunction = (accessToken: string) => InfisicalSDK;
@@ -10,23 +11,42 @@ type AwsAuthLoginOptions = {
identityId?: string; identityId?: string;
}; };
export const renewToken = async (apiClient: InfisicalApi, token?: string) => {
try {
if (!token) {
throw new InfisicalSDKError("Unable to renew access token, no access token set. Are you sure you're authenticated?");
}
const res = await apiClient.apiV1AuthTokenRenewPost({
apiV1AuthTokenRenewPostRequest: {
accessToken: token
}
});
return res.data;
} catch (err) {
throw newInfisicalError(err);
}
};
export default class AuthClient { export default class AuthClient {
#sdkAuthenticator: AuthenticatorFunction; #sdkAuthenticator: AuthenticatorFunction;
#apiClient: InfisicalApi; #apiClient: InfisicalApi;
#baseUrl: string; #accessToken?: string;
constructor(authenticator: AuthenticatorFunction, apiInstance: InfisicalApi, baseUrl: string) { constructor(authenticator: AuthenticatorFunction, apiInstance: InfisicalApi, accessToken?: string) {
this.#sdkAuthenticator = authenticator; this.#sdkAuthenticator = authenticator;
this.#apiClient = apiInstance; this.#apiClient = apiInstance;
this.#baseUrl = baseUrl; this.#accessToken = accessToken;
} }
awsIamAuth = { awsIamAuth = {
login: async (options?: AwsAuthLoginOptions) => { login: async (options?: AwsAuthLoginOptions) => {
try {
const identityId = options?.identityId || process.env[MACHINE_IDENTITY_ID_ENV_NAME]; const identityId = options?.identityId || process.env[MACHINE_IDENTITY_ID_ENV_NAME];
if (!identityId) { if (!identityId) {
throw new Error("Identity ID is required for AWS IAM authentication"); throw new InfisicalSDKError("Identity ID is required for AWS IAM authentication");
} }
const iamRequest = await performAwsIamLogin(await getAwsRegion()); const iamRequest = await performAwsIamLogin(await getAwsRegion());
@@ -41,16 +61,40 @@ export default class AuthClient {
}); });
return this.#sdkAuthenticator(res.data.accessToken); return this.#sdkAuthenticator(res.data.accessToken);
} catch (err) {
throw newInfisicalError(err);
}
},
renew: async () => {
try {
const refreshedToken = await renewToken(this.#apiClient, this.#accessToken);
return this.#sdkAuthenticator(refreshedToken.accessToken);
} catch (err) {
throw newInfisicalError(err);
}
} }
}; };
universalAuth = { universalAuth = {
login: async (options: ApiV1AuthUniversalAuthLoginPostRequest) => { login: async (options: ApiV1AuthUniversalAuthLoginPostRequest) => {
try {
const res = await this.#apiClient.apiV1AuthUniversalAuthLoginPost({ const res = await this.#apiClient.apiV1AuthUniversalAuthLoginPost({
apiV1AuthUniversalAuthLoginPostRequest: options apiV1AuthUniversalAuthLoginPostRequest: options
}); });
return this.#sdkAuthenticator(res.data.accessToken); return this.#sdkAuthenticator(res.data.accessToken);
} catch (err) {
throw newInfisicalError(err);
}
},
renew: async () => {
try {
const refreshedToken = await renewToken(this.#apiClient, this.#accessToken);
return this.#sdkAuthenticator(refreshedToken.accessToken);
} catch (err) {
throw newInfisicalError(err);
}
} }
}; };