From 572d85fcdab53b035a12b86d12d739bd129a79a7 Mon Sep 17 00:00:00 2001 From: Nandan Sridhar Date: Sat, 5 Jan 2019 15:07:05 -0800 Subject: [PATCH 01/10] support explicit cache ttl --- apikeys/index.js | 15 +++++++++++++-- oauth/index.js | 25 ++++++++++++++++++++----- oauthv2/index.js | 9 ++++++--- 3 files changed, 39 insertions(+), 10 deletions(-) diff --git a/apikeys/index.js b/apikeys/index.js index 58ca3c8..06b349f 100644 --- a/apikeys/index.js +++ b/apikeys/index.js @@ -22,6 +22,8 @@ acceptField.alg = acceptAlg; var productOnly; var cacheKey = false; +var cacheKeyTTL = 60000; //set default cache TTL to 1 minute +var cacheSize = 100; //default cache size module.exports.init = function(config, logger, stats) { @@ -35,6 +37,10 @@ module.exports.init = function(config, logger, stats) { var keepApiKey = config.hasOwnProperty('keep-api-key') ? config['keep-api-key'] : false; //cache api keys cacheKey = config.hasOwnProperty("cacheKey") ? config.cacheKey : false; + //cache ttl + cacheKeyTTL = config.hasOwnProperty("cacheKeyTTL") ? config.cacheKeyTTL : 60000; + //cache size + cacheSize = config.hasOwnProperty("cacheSize") ? config.cacheSize : 100; //set grace period var gracePeriod = config.hasOwnProperty("gracePeriod") ? config.gracePeriod : 0; acceptField.gracePeriod = gracePeriod; @@ -198,8 +204,13 @@ module.exports.init = function(config, logger, stats) { // default to now (in seconds) + 30m if not set decodedToken.exp = decodedToken.exp || +(((Date.now() / 1000) + 1800).toFixed(0)); //apiKeyCache[apiKey] = decodedToken; - cache.store(apiKey, decodedToken); - debug("api key cache store", apiKey); + cache.size(function(err, sizevalue) { + if (!err && sizevalue != null && sizevalue < cacheSize) { + cache.store(apiKey, decodedToken, cacheKeyTTL); + } else { + debug('too many keys in cache; ignore storing token'); + } + }); } else { debug("api key cache skip", apiKey); } diff --git a/oauth/index.js b/oauth/index.js index ee6264e..e4dcabd 100644 --- a/oauth/index.js +++ b/oauth/index.js @@ -30,7 +30,10 @@ map.setup({ purgeInterval: 10000 }); -var tokenCacheSize = 100; +var tokenCacheSize = 100; //default cache size for access tokens +var tokenCacheTTL = 60000; //set default token cache TTL to 1 minute +var cacheKeyTTL = 60000; //set default apikey cache TTL to 1 minute +var cacheSize = 100; //default cache size for api keys module.exports.init = function(config, logger, stats) { @@ -43,6 +46,10 @@ module.exports.init = function(config, logger, stats) { var apiKeyHeaderName = config.hasOwnProperty('api-key-header') ? config['api-key-header'] : 'x-api-key'; var keepAuthHeader = config.hasOwnProperty('keep-authorization-header') ? config['keep-authorization-header'] : false; cacheKey = config.hasOwnProperty('cacheKey') ? config.cacheKey : false; + //cache ttl + cacheKeyTTL = config.hasOwnProperty("cacheKeyTTL") ? config.cacheKeyTTL : 60000; + //cache size + cacheSize = config.hasOwnProperty("cacheSize") ? config.cacheSize : 100; //set grace period var gracePeriod = config.hasOwnProperty('gracePeriod') ? config.gracePeriod : 0; acceptField.gracePeriod = gracePeriod; @@ -59,6 +66,8 @@ module.exports.init = function(config, logger, stats) { } //token cache settings tokenCache = config.hasOwnProperty('tokenCache') ? config.tokenCache : false; + //token cache ttl + tokenCacheTTL = config.hasOwnProperty("tokenCacheTTL") ? config.cacheKeyTTL : 60000; //max number of tokens in the cache tokenCacheSize = config.hasOwnProperty('tokenCacheSize') ? config.tokenCacheSize : 100; // @@ -198,6 +207,7 @@ module.exports.init = function(config, logger, stats) { var isValid = false; var oauthtoken = token && token.token ? token.token : token; var decodedToken = JWS.parse(oauthtoken); + if (tokenCache == true) { debug('token caching enabled') map.read(oauthtoken, function(err, tokenvalue) { @@ -230,8 +240,8 @@ module.exports.init = function(config, logger, stats) { } else { if (tokenvalue == null || tokenvalue == undefined) { map.size(function(err, sizevalue) { - if (!err && sizevalue != null && sizevalue < 100) { - map.store(oauthtoken, oauthtoken); + if (!err && sizevalue != null && sizevalue < tokenCacheSize) { + map.store(oauthtoken, oauthtoken, tokenCacheTTL); } else { debug('too many tokens in cache; ignore storing token'); } @@ -288,8 +298,13 @@ module.exports.init = function(config, logger, stats) { // default to now (in seconds) + 30m if not set decodedToken.exp = decodedToken.exp || +(((Date.now() / 1000) + 1800).toFixed(0)); //apiKeyCache[apiKey] = decodedToken; - cache.store(apiKey, decodedToken); - debug('api key cache store', apiKey); + cache.size(function(err, sizevalue) { + if (!err && sizevalue != null && sizevalue < cacheSize) { + cache.store(apiKey, decodedToken, cacheKeyTTL); + } else { + debug('too many keys in cache; ignore storing token'); + } + }); } else { debug('api key cache skip', apiKey); } diff --git a/oauthv2/index.js b/oauthv2/index.js index c738b79..28d0c71 100644 --- a/oauthv2/index.js +++ b/oauthv2/index.js @@ -28,7 +28,8 @@ map.setup({ purgeInterval: 10000 }); -var tokenCacheSize = 100; +var tokenCacheSize = 100; //default cache size for access tokens +var tokenCacheTTL = 60000; //set default token cache TTL to 1 minute module.exports.init = function(config, logger, stats) { @@ -50,6 +51,8 @@ module.exports.init = function(config, logger, stats) { } //token cache settings tokenCache = config.hasOwnProperty('tokenCache') ? config.tokenCache : false; + //token cache ttl + tokenCacheTTL = config.hasOwnProperty("tokenCacheTTL") ? config.cacheKeyTTL : 60000; //max number of tokens in the cache tokenCacheSize = config.hasOwnProperty('tokenCacheSize') ? config.tokenCacheSize : 100; // @@ -129,8 +132,8 @@ module.exports.init = function(config, logger, stats) { } else { if (tokenvalue == null || tokenvalue == undefined) { map.size(function(err, sizevalue) { - if (!err && sizevalue != null && sizevalue < 100) { - map.store(oauthtoken, oauthtoken); + if (!err && sizevalue != null && sizevalue < tokenCacheSize) { + map.store(oauthtoken, oauthtoken, tokenCacheTTL); } else { debug('too many tokens in cache; ignore storing token'); } From b2c16146e13bb5f0370705fe0e7029dd39376204 Mon Sep 17 00:00:00 2001 From: Nandan Sridhar Date: Sat, 2 Feb 2019 16:56:11 -0800 Subject: [PATCH 02/10] remove dep buffer api --- apikeys/index.js | 2 +- oauth/index.js | 2 +- oauthv2/index.js | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/apikeys/index.js b/apikeys/index.js index 06b349f..ee1c548 100644 --- a/apikeys/index.js +++ b/apikeys/index.js @@ -196,7 +196,7 @@ module.exports.init = function(config, logger, stats) { req.token = decodedToken; var authClaims = _.omit(decodedToken, PRIVATE_JWT_VALUES); - req.headers["x-authorization-claims"] = new Buffer(JSON.stringify(authClaims)).toString("base64"); + req.headers["x-authorization-claims"] = Buffer.from(JSON.stringify(authClaims)).toString("base64"); if (apiKey) { var cacheControl = req.headers["cache-control"]; diff --git a/oauth/index.js b/oauth/index.js index e4dcabd..164f78a 100644 --- a/oauth/index.js +++ b/oauth/index.js @@ -290,7 +290,7 @@ module.exports.init = function(config, logger, stats) { req.token = decodedToken; var authClaims = _.omit(decodedToken, PRIVATE_JWT_VALUES); - req.headers['x-authorization-claims'] = new Buffer(JSON.stringify(authClaims)).toString('base64'); + req.headers['x-authorization-claims'] = Buffer.from(JSON.stringify(authClaims)).toString('base64'); if (apiKey) { var cacheControl = req.headers['cache-control']; diff --git a/oauthv2/index.js b/oauthv2/index.js index 28d0c71..89bd955 100644 --- a/oauthv2/index.js +++ b/oauthv2/index.js @@ -181,7 +181,7 @@ module.exports.init = function(config, logger, stats) { if (checkIfAuthorized(config, req.reqUrl.path, res.proxy, decodedToken)) { req.token = decodedToken; var authClaims = _.omit(decodedToken, PRIVATE_JWT_VALUES); - req.headers['x-authorization-claims'] = new Buffer(JSON.stringify(authClaims)).toString('base64'); + req.headers['x-authorization-claims'] = Buffer.from(JSON.stringify(authClaims)).toString('base64'); next(); } else { return sendError(req, res, next, logger, stats, 'access_denied'); From 0956e0b5fc281c48476db896a2194fad5839e02e Mon Sep 17 00:00:00 2001 From: Nandan Sridhar Date: Sun, 10 Feb 2019 09:39:06 -0800 Subject: [PATCH 03/10] respect default values --- apikeys/index.js | 4 ++-- oauth/index.js | 8 ++++---- oauthv2/index.js | 4 ++-- 3 files changed, 8 insertions(+), 8 deletions(-) diff --git a/apikeys/index.js b/apikeys/index.js index ee1c548..27cc20f 100644 --- a/apikeys/index.js +++ b/apikeys/index.js @@ -38,9 +38,9 @@ module.exports.init = function(config, logger, stats) { //cache api keys cacheKey = config.hasOwnProperty("cacheKey") ? config.cacheKey : false; //cache ttl - cacheKeyTTL = config.hasOwnProperty("cacheKeyTTL") ? config.cacheKeyTTL : 60000; + cacheKeyTTL = config.hasOwnProperty("cacheKeyTTL") ? config.cacheKeyTTL : cacheKeyTTL; //cache size - cacheSize = config.hasOwnProperty("cacheSize") ? config.cacheSize : 100; + cacheSize = config.hasOwnProperty("cacheSize") ? config.cacheSize : cacheSize; //set grace period var gracePeriod = config.hasOwnProperty("gracePeriod") ? config.gracePeriod : 0; acceptField.gracePeriod = gracePeriod; diff --git a/oauth/index.js b/oauth/index.js index 164f78a..0500d4c 100644 --- a/oauth/index.js +++ b/oauth/index.js @@ -47,9 +47,9 @@ module.exports.init = function(config, logger, stats) { var keepAuthHeader = config.hasOwnProperty('keep-authorization-header') ? config['keep-authorization-header'] : false; cacheKey = config.hasOwnProperty('cacheKey') ? config.cacheKey : false; //cache ttl - cacheKeyTTL = config.hasOwnProperty("cacheKeyTTL") ? config.cacheKeyTTL : 60000; + cacheKeyTTL = config.hasOwnProperty("cacheKeyTTL") ? config.cacheKeyTTL : cacheKeyTTL; //cache size - cacheSize = config.hasOwnProperty("cacheSize") ? config.cacheSize : 100; + cacheSize = config.hasOwnProperty("cacheSize") ? config.cacheSize : cacheSize; //set grace period var gracePeriod = config.hasOwnProperty('gracePeriod') ? config.gracePeriod : 0; acceptField.gracePeriod = gracePeriod; @@ -67,9 +67,9 @@ module.exports.init = function(config, logger, stats) { //token cache settings tokenCache = config.hasOwnProperty('tokenCache') ? config.tokenCache : false; //token cache ttl - tokenCacheTTL = config.hasOwnProperty("tokenCacheTTL") ? config.cacheKeyTTL : 60000; + tokenCacheTTL = config.hasOwnProperty("tokenCacheTTL") ? config.tokenCacheTTL : tokenCacheTTL; //max number of tokens in the cache - tokenCacheSize = config.hasOwnProperty('tokenCacheSize') ? config.tokenCacheSize : 100; + tokenCacheSize = config.hasOwnProperty('tokenCacheSize') ? config.tokenCacheSize : tokenCacheSize; // //support for enabling oauth or api key only if (oauth_only) { diff --git a/oauthv2/index.js b/oauthv2/index.js index 89bd955..2c64fff 100644 --- a/oauthv2/index.js +++ b/oauthv2/index.js @@ -52,9 +52,9 @@ module.exports.init = function(config, logger, stats) { //token cache settings tokenCache = config.hasOwnProperty('tokenCache') ? config.tokenCache : false; //token cache ttl - tokenCacheTTL = config.hasOwnProperty("tokenCacheTTL") ? config.cacheKeyTTL : 60000; + tokenCacheTTL = config.hasOwnProperty("tokenCacheTTL") ? config.cacheKeyTTL : tokenCacheTTL; //max number of tokens in the cache - tokenCacheSize = config.hasOwnProperty('tokenCacheSize') ? config.tokenCacheSize : 100; + tokenCacheSize = config.hasOwnProperty('tokenCacheSize') ? config.tokenCacheSize : tokenCacheSize; // if (!req.headers[authHeaderName]) { if (config.allowNoAuthorization) { From 869b4774acfbc25c2629e8511bec884af04cc867 Mon Sep 17 00:00:00 2001 From: Nandan Sridhar Date: Sun, 31 Mar 2019 18:45:24 +0000 Subject: [PATCH 04/10] fix audit errors --- npm-shrinkwrap.json => package-lock.json | 34 ++++++++++++++---------- package.json | 6 ++--- 2 files changed, 23 insertions(+), 17 deletions(-) rename npm-shrinkwrap.json => package-lock.json (97%) diff --git a/npm-shrinkwrap.json b/package-lock.json similarity index 97% rename from npm-shrinkwrap.json rename to package-lock.json index a30df0f..74e2f85 100644 --- a/npm-shrinkwrap.json +++ b/package-lock.json @@ -240,6 +240,12 @@ "resolved": "https://registry.npmjs.org/ee-first/-/ee-first-1.1.0.tgz", "integrity": "sha1-ag18YiHkkP7v2S7D9EHJzozQl/Q=" }, + "es6-promisify": { + "version": "6.0.1", + "resolved": "https://registry.npmjs.org/es6-promisify/-/es6-promisify-6.0.1.tgz", + "integrity": "sha512-J3ZkwbEnnO+fGAKrjVpeUAnZshAdfZvbhQpqfIH9kSAspReRC4nJnu8ewm55b4y9ElyeuhCTzJD0XiH8Tsbhlw==", + "dev": true + }, "escape-string-regexp": { "version": "1.0.5", "resolved": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-1.0.5.tgz", @@ -247,9 +253,9 @@ "dev": true }, "esprima": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/esprima/-/esprima-4.0.0.tgz", - "integrity": "sha512-oftTcaMu/EGrEIu904mWteKIv8vMuOgGYo7EhVJJN00R/EED9DCua/xxHRdYnKtcECzVg7xOWhflvJMnqcFZjw==" + "version": "4.0.1", + "resolved": "https://registry.npmjs.org/esprima/-/esprima-4.0.1.tgz", + "integrity": "sha512-eGuFFw7Upda+g4p+QHvnW0RyTX/SVeJBDM/gCtMARO0cLuT2HcEKnTPvhjV6aGeqrCB/sbNop0Kszm0jsaWU4A==" }, "eureka-js-client": { "version": "4.4.1", @@ -428,9 +434,9 @@ "integrity": "sha1-R+Y/evVa+m+S4VAOaQ64uFKcCZo=" }, "js-yaml": { - "version": "3.11.0", - "resolved": "https://registry.npmjs.org/js-yaml/-/js-yaml-3.11.0.tgz", - "integrity": "sha512-saJstZWv7oNeOyBh3+Dx1qWzhW0+e6/8eDzo7p5rDFqxntSztloLtuKu+Ejhtq82jsilwOIZYsCz+lIjthg1Hw==", + "version": "3.13.0", + "resolved": "https://registry.npmjs.org/js-yaml/-/js-yaml-3.13.0.tgz", + "integrity": "sha512-pZZoSxcCYco+DIKBTimr67J6Hy+EYGZDY/HCWC+iAEA9h1ByhMXAIVUXMcMFpOCxQ/xjXmPI2MkDL5HRm5eFrQ==", "requires": { "argparse": "^1.0.7", "esprima": "^4.0.0" @@ -535,9 +541,9 @@ } }, "lodash": { - "version": "4.17.10", - "resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.10.tgz", - "integrity": "sha512-UejweD1pDoXu+AD825lWwp4ZGtSwgnpZxb3JDViD7StjQz+Nb/6l093lx4OQ0foGWNRoc19mWy7BzL+UAK2iVg==" + "version": "4.17.11", + "resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.11.tgz", + "integrity": "sha512-cQKh8igo5QUhZ7lg38DYWAxMvjSAKG0A8wGSVimP07SIUEK2UO+arSRKbRZWtelMtN5V0Hkwh5ryOto/SshYIg==" }, "lru-cache-plus": { "version": "2.5.0", @@ -695,15 +701,15 @@ "dev": true }, "pem": { - "version": "1.12.3", - "resolved": "https://registry.npmjs.org/pem/-/pem-1.12.3.tgz", - "integrity": "sha512-hT7GwvQL35+0iqgYUl8vn5I5pAVR0HcJas07TXL8bNaR4c5kAFRquk4ZqQk1F9YMcQOr6WjGdY5OnDC0RBnzig==", + "version": "1.14.2", + "resolved": "https://registry.npmjs.org/pem/-/pem-1.14.2.tgz", + "integrity": "sha512-TOnPtq3ZFnCniOZ+rka4pk8UIze9xG1qI+wNE7EmkiR/cg+53uVvk5QbkWZ7M6RsuOxzz62FW1hlAobJr/lTOA==", "dev": true, "requires": { + "es6-promisify": "^6.0.0", "md5": "^2.2.1", "os-tmpdir": "^1.0.1", - "safe-buffer": "^5.1.1", - "which": "^1.2.4" + "which": "^1.3.1" } }, "performance-now": { diff --git a/package.json b/package.json index 1971d69..bd2218e 100644 --- a/package.json +++ b/package.json @@ -12,7 +12,7 @@ "eureka-js-client": "^4.3.0", "js2xmlparser": "^2.0.2", "jsrsasign": "^7.2.0", - "lodash": "^4.17.10", + "lodash": "^4.17.11", "lynx": "^0.2.0", "memored": "^1.1.1", "minimatch": "^3.0.4", @@ -27,13 +27,13 @@ "xml2js": "^0.4.17" }, "devDependencies": { - "js-yaml": "^3.4.2", + "js-yaml": "^3.13", "chai": "^2.3.0", "config": "^1.13.0", "mocha": "^5.2.0", "supertest": "^3.1.0", "jsonwebtoken": "^5.0.1", - "pem": "^1.7.2", + "pem": "^1.14.2", "volos-analytics-memory": "^0.2.0", "volos-quota-memory": "^0.11.0" } From c01d20cfc066ccc7011b9fffe72fc7babeef11f9 Mon Sep 17 00:00:00 2001 From: Nandan Sridhar Date: Sun, 26 May 2019 15:40:33 -0700 Subject: [PATCH 05/10] use local memored --- apikeys/index.js | 3 ++- monitor/index.js | 4 +++- package-lock.json => npm-shrinkwrap.json | 0 oauth/index.js | 5 +++-- oauthv2/index.js | 3 ++- package.json | 1 - 6 files changed, 10 insertions(+), 6 deletions(-) rename package-lock.json => npm-shrinkwrap.json (100%) diff --git a/apikeys/index.js b/apikeys/index.js index d5ed64a..efaa17c 100644 --- a/apikeys/index.js +++ b/apikeys/index.js @@ -5,7 +5,8 @@ var url = require("url"); var rs = require("jsrsasign"); var fs = require("fs"); var path = require("path"); -var cache = require("memored"); +const memoredpath = path.resolve(__dirname,'../../..')+'/cli/lib/memored'; +var cache = require(memoredpath); var JWS = rs.jws.JWS; var requestLib = require("request"); var _ = require("lodash"); diff --git a/monitor/index.js b/monitor/index.js index 98ffa9d..28a96a4 100644 --- a/monitor/index.js +++ b/monitor/index.js @@ -4,7 +4,9 @@ */ var debug = require('debug')('plugin:monitor'); -var cache = require('memored'); +var path = require("path"); +const memoredpath = path.resolve(__dirname,'../../..')+'/cli/lib/memored'; +var cache = require(memoredpath); const lynx = require('lynx'); module.exports.init = function(config, logger, stats) { diff --git a/package-lock.json b/npm-shrinkwrap.json similarity index 100% rename from package-lock.json rename to npm-shrinkwrap.json diff --git a/oauth/index.js b/oauth/index.js index bc7cd62..ae7b2d1 100644 --- a/oauth/index.js +++ b/oauth/index.js @@ -5,8 +5,9 @@ var url = require('url'); var rs = require('jsrsasign'); var fs = require('fs'); var path = require('path'); -var cache = require('memored'); -var map = require('memored'); +const memoredpath = path.resolve(__dirname,'../../..')+'/cli/lib/memored'; +var cache = require(memoredpath); +var map = require(memoredpath); var JWS = rs.jws.JWS; var requestLib = require('request'); var _ = require('lodash'); diff --git a/oauthv2/index.js b/oauthv2/index.js index 5cad3eb..6fce78e 100644 --- a/oauthv2/index.js +++ b/oauthv2/index.js @@ -5,7 +5,8 @@ var url = require('url'); var rs = require('jsrsasign'); var fs = require('fs'); var path = require('path'); -var map = require('memored'); +const memoredpath = path.resolve(__dirname,'../../..')+'/cli/lib/memored'; +var map = require(memoredpath); var JWS = rs.jws.JWS; var requestLib = require('request'); var _ = require('lodash'); diff --git a/package.json b/package.json index c19b2d5..ba54743 100644 --- a/package.json +++ b/package.json @@ -14,7 +14,6 @@ "jsrsasign": "^7.2.0", "lodash": "^4.17.11", "lynx": "^0.2.0", - "memored": "^1.1.1", "minimatch": "^3.0.4", "portastic": "^1.0.1", "request": "^2.87.0", From 07fdd3302bc8db4250f2c46aa859b785f731c5a0 Mon Sep 17 00:00:00 2001 From: Nandan Sridhar Date: Sun, 26 May 2019 15:41:37 -0700 Subject: [PATCH 06/10] version bump --- npm-shrinkwrap.json | 7 +------ package.json | 2 +- 2 files changed, 2 insertions(+), 7 deletions(-) diff --git a/npm-shrinkwrap.json b/npm-shrinkwrap.json index 74e2f85..9803464 100644 --- a/npm-shrinkwrap.json +++ b/npm-shrinkwrap.json @@ -1,6 +1,6 @@ { "name": "microgateway-plugins", - "version": "2.3.29", + "version": "2.5.38", "lockfileVersion": 1, "requires": true, "dependencies": { @@ -570,11 +570,6 @@ "is-buffer": "~1.1.1" } }, - "memored": { - "version": "1.1.1", - "resolved": "https://registry.npmjs.org/memored/-/memored-1.1.1.tgz", - "integrity": "sha1-fIHATuCEyVbVRuyNuTdc52T150Y=" - }, "mersenne": { "version": "0.0.4", "resolved": "https://registry.npmjs.org/mersenne/-/mersenne-0.0.4.tgz", diff --git a/package.json b/package.json index ba54743..d13cd18 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "microgateway-plugins", - "version": "2.5.37", + "version": "2.5.38", "description": "Plugins for Apige Edge Microgateway", "main": "index.js", "scripts": { From 439f133ac4527b03bde0d588928acae8c55a63b2 Mon Sep 17 00:00:00 2001 From: Nandan Sridhar Date: Wed, 29 May 2019 12:22:12 -0700 Subject: [PATCH 07/10] use third party lib --- apikeys/index.js | 2 +- monitor/index.js | 2 +- oauth/index.js | 2 +- oauthv2/index.js | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/apikeys/index.js b/apikeys/index.js index efaa17c..12beb8c 100644 --- a/apikeys/index.js +++ b/apikeys/index.js @@ -5,7 +5,7 @@ var url = require("url"); var rs = require("jsrsasign"); var fs = require("fs"); var path = require("path"); -const memoredpath = path.resolve(__dirname,'../../..')+'/cli/lib/memored'; +const memoredpath = path.resolve(__dirname,'../../..')+'/third_party/memored/memored'; var cache = require(memoredpath); var JWS = rs.jws.JWS; var requestLib = require("request"); diff --git a/monitor/index.js b/monitor/index.js index 28a96a4..b53cdcc 100644 --- a/monitor/index.js +++ b/monitor/index.js @@ -5,7 +5,7 @@ var debug = require('debug')('plugin:monitor'); var path = require("path"); -const memoredpath = path.resolve(__dirname,'../../..')+'/cli/lib/memored'; +const memoredpath = path.resolve(__dirname,'../../..')+'/third_party/memored/memored'; var cache = require(memoredpath); const lynx = require('lynx'); diff --git a/oauth/index.js b/oauth/index.js index ae7b2d1..227e93a 100644 --- a/oauth/index.js +++ b/oauth/index.js @@ -5,7 +5,7 @@ var url = require('url'); var rs = require('jsrsasign'); var fs = require('fs'); var path = require('path'); -const memoredpath = path.resolve(__dirname,'../../..')+'/cli/lib/memored'; +const memoredpath = path.resolve(__dirname,'../../..')+'/third_party/memored/memored'; var cache = require(memoredpath); var map = require(memoredpath); var JWS = rs.jws.JWS; diff --git a/oauthv2/index.js b/oauthv2/index.js index 6fce78e..77b12af 100644 --- a/oauthv2/index.js +++ b/oauthv2/index.js @@ -5,7 +5,7 @@ var url = require('url'); var rs = require('jsrsasign'); var fs = require('fs'); var path = require('path'); -const memoredpath = path.resolve(__dirname,'../../..')+'/cli/lib/memored'; +const memoredpath = path.resolve(__dirname,'../../..')+'/third_party/memored/memored'; var map = require(memoredpath); var JWS = rs.jws.JWS; var requestLib = require('request'); From 7d0c3c01de198d12d76d9562f45e69a0d13df0c3 Mon Sep 17 00:00:00 2001 From: Nandan Sridhar Date: Mon, 8 Jul 2019 17:28:50 -0700 Subject: [PATCH 08/10] merge changes --- apikeys/index.js | 15 +++++++++++++-- oauth/index.js | 32 +++++++++++++++++++++++++++++++- oauthv2/index.js | 10 +++++++++- 3 files changed, 53 insertions(+), 4 deletions(-) diff --git a/apikeys/index.js b/apikeys/index.js index 47e523e..caa241d 100644 --- a/apikeys/index.js +++ b/apikeys/index.js @@ -23,6 +23,8 @@ acceptField.alg = acceptAlg; var productOnly; var cacheKey = false; +var cacheKeyTTL = 60000; //set default cache TTL to 1 minute +var cacheSize = 100; //default cache size module.exports.init = function(config, logger, stats) { @@ -36,6 +38,10 @@ module.exports.init = function(config, logger, stats) { var keepApiKey = config.hasOwnProperty('keep-api-key') ? config['keep-api-key'] : false; //cache api keys cacheKey = config.hasOwnProperty("cacheKey") ? config.cacheKey : false; + //cache ttl + cacheKeyTTL = config.hasOwnProperty("cacheKeyTTL") ? config.cacheKeyTTL : 60000; + //cache size + cacheSize = config.hasOwnProperty("cacheSize") ? config.cacheSize : 100; //set grace period var gracePeriod = config.hasOwnProperty("gracePeriod") ? config.gracePeriod : 0; acceptField.gracePeriod = gracePeriod; @@ -200,8 +206,13 @@ module.exports.init = function(config, logger, stats) { // default to now (in seconds) + 30m if not set decodedToken.exp = decodedToken.exp || +(((Date.now() / 1000) + 1800).toFixed(0)); //apiKeyCache[apiKey] = decodedToken; - cache.store(apiKey, decodedToken); - debug("api key cache store", apiKey); + cache.size(function(err, sizevalue) { + if (!err && sizevalue != null && sizevalue < cacheSize) { + cache.store(apiKey, decodedToken, cacheKeyTTL); + } else { + debug('too many keys in cache; ignore storing token'); + } + }); } else { debug("api key cache skip", apiKey); } diff --git a/oauth/index.js b/oauth/index.js index 62166aa..9ba85a3 100644 --- a/oauth/index.js +++ b/oauth/index.js @@ -31,7 +31,10 @@ map.setup({ purgeInterval: 10000 }); -var tokenCacheSize = 100; +var tokenCacheSize = 100; //default cache size for access tokens +var tokenCacheTTL = 60000; //set default token cache TTL to 1 minute +var cacheKeyTTL = 60000; //set default apikey cache TTL to 1 minute +var cacheSize = 100; //default cache size for api keys module.exports.init = function(config, logger, stats) { @@ -49,6 +52,10 @@ module.exports.init = function(config, logger, stats) { var apiKeyHeaderName = config.hasOwnProperty('api-key-header') ? config['api-key-header'] : 'x-api-key'; var keepAuthHeader = config.hasOwnProperty('keep-authorization-header') ? config['keep-authorization-header'] : false; cacheKey = config.hasOwnProperty('cacheKey') ? config.cacheKey : false; + //cache ttl + cacheKeyTTL = config.hasOwnProperty("cacheKeyTTL") ? config.cacheKeyTTL : 60000; + //cache size + cacheSize = config.hasOwnProperty("cacheSize") ? config.cacheSize : 100; //set grace period var gracePeriod = config.hasOwnProperty('gracePeriod') ? config.gracePeriod : 0; acceptField.gracePeriod = gracePeriod; @@ -65,6 +72,8 @@ module.exports.init = function(config, logger, stats) { } //token cache settings tokenCache = config.hasOwnProperty('tokenCache') ? config.tokenCache : false; + //token cache ttl + tokenCacheTTL = config.hasOwnProperty("tokenCacheTTL") ? config.cacheKeyTTL : 60000; //max number of tokens in the cache tokenCacheSize = config.hasOwnProperty('tokenCacheSize') ? config.tokenCacheSize : 100; // @@ -206,6 +215,7 @@ module.exports.init = function(config, logger, stats) { var isValid = false; var oauthtoken = token && token.token ? token.token : token; +<<<<<<< HEAD var decodedToken = null; // try { @@ -216,6 +226,11 @@ module.exports.init = function(config, logger, stats) { } // if (tokenCache === true) { +======= + var decodedToken = JWS.parse(oauthtoken); + + if (tokenCache == true) { +>>>>>>> support explicit cache ttl debug('token caching enabled') map.read(oauthtoken, function(err, tokenvalue) { if (!err && tokenvalue !== undefined && tokenvalue !== null && tokenvalue === oauthtoken) { @@ -251,8 +266,13 @@ module.exports.init = function(config, logger, stats) { } else { if (tokenvalue === null || tokenvalue === undefined) { map.size(function(err, sizevalue) { +<<<<<<< HEAD if (!err && sizevalue !== null && sizevalue < tokenCacheSize) { map.store(oauthtoken, oauthtoken, decodedToken.payloadObj.exp); +======= + if (!err && sizevalue != null && sizevalue < tokenCacheSize) { + map.store(oauthtoken, oauthtoken, tokenCacheTTL); +>>>>>>> support explicit cache ttl } else { debug('too many tokens in cache; ignore storing token'); } @@ -301,8 +321,18 @@ module.exports.init = function(config, logger, stats) { // default to now (in seconds) + 30m if not set decodedToken.exp = decodedToken.exp || +(((Date.now() / 1000) + 1800).toFixed(0)); //apiKeyCache[apiKey] = decodedToken; +<<<<<<< HEAD cache.store(apiKey, decodedToken,decodedToken.exp); debug('api key cache store', apiKey); +======= + cache.size(function(err, sizevalue) { + if (!err && sizevalue != null && sizevalue < cacheSize) { + cache.store(apiKey, decodedToken, cacheKeyTTL); + } else { + debug('too many keys in cache; ignore storing token'); + } + }); +>>>>>>> support explicit cache ttl } else { debug('api key cache skip', apiKey); } diff --git a/oauthv2/index.js b/oauthv2/index.js index 0d36b65..0826e75 100644 --- a/oauthv2/index.js +++ b/oauthv2/index.js @@ -27,7 +27,8 @@ map.setup({ purgeInterval: 10000 }); -var tokenCacheSize = 100; +var tokenCacheSize = 100; //default cache size for access tokens +var tokenCacheTTL = 60000; //set default token cache TTL to 1 minute module.exports.init = function(config, logger, stats) { @@ -49,6 +50,8 @@ module.exports.init = function(config, logger, stats) { } //token cache settings tokenCache = config.hasOwnProperty('tokenCache') ? config.tokenCache : false; + //token cache ttl + tokenCacheTTL = config.hasOwnProperty("tokenCacheTTL") ? config.cacheKeyTTL : 60000; //max number of tokens in the cache tokenCacheSize = config.hasOwnProperty('tokenCacheSize') ? config.tokenCacheSize : 100; // @@ -133,8 +136,13 @@ module.exports.init = function(config, logger, stats) { } else { if (tokenvalue === null || tokenvalue === undefined) { map.size(function(err, sizevalue) { +<<<<<<< HEAD if (!err && sizevalue !== null && sizevalue < tokenCacheSize) { map.store(oauthtoken, oauthtoken, decodedToken.payloadObj.exp); +======= + if (!err && sizevalue != null && sizevalue < tokenCacheSize) { + map.store(oauthtoken, oauthtoken, tokenCacheTTL); +>>>>>>> support explicit cache ttl } else { debug('too many tokens in cache; ignore storing token'); } From 42e5bc5fbd4977d3d437cdb3027f9db4eebeae8e Mon Sep 17 00:00:00 2001 From: Nandan Sridhar Date: Mon, 8 Jul 2019 17:37:28 -0700 Subject: [PATCH 09/10] merge changes --- oauth/index.js | 63 +++--------------------------------------------- oauthv2/index.js | 31 +++--------------------- package.json | 10 -------- 3 files changed, 8 insertions(+), 96 deletions(-) diff --git a/oauth/index.js b/oauth/index.js index f4d46f6..1f43665 100644 --- a/oauth/index.js +++ b/oauth/index.js @@ -5,11 +5,7 @@ var url = require('url'); var rs = require('jsrsasign'); var fs = require('fs'); var path = require('path'); -<<<<<<< HEAD -const memoredpath = path.resolve(__dirname,'../../..')+'/third_party/memored/memored'; -======= const memoredpath = '../third_party/memored/index'; ->>>>>>> 7d0c3c0 var cache = require(memoredpath); var map = require(memoredpath); var JWS = rs.jws.JWS; @@ -35,10 +31,7 @@ map.setup({ purgeInterval: 10000 }); -var tokenCacheSize = 100; //default cache size for access tokens -var tokenCacheTTL = 60000; //set default token cache TTL to 1 minute -var cacheKeyTTL = 60000; //set default apikey cache TTL to 1 minute -var cacheSize = 100; //default cache size for api keys +var tokenCacheSize = 100; module.exports.init = function(config, logger, stats) { @@ -56,16 +49,6 @@ module.exports.init = function(config, logger, stats) { var apiKeyHeaderName = config.hasOwnProperty('api-key-header') ? config['api-key-header'] : 'x-api-key'; var keepAuthHeader = config.hasOwnProperty('keep-authorization-header') ? config['keep-authorization-header'] : false; cacheKey = config.hasOwnProperty('cacheKey') ? config.cacheKey : false; - //cache ttl -<<<<<<< HEAD - cacheKeyTTL = config.hasOwnProperty("cacheKeyTTL") ? config.cacheKeyTTL : cacheKeyTTL; - //cache size - cacheSize = config.hasOwnProperty("cacheSize") ? config.cacheSize : cacheSize; -======= - cacheKeyTTL = config.hasOwnProperty("cacheKeyTTL") ? config.cacheKeyTTL : 60000; - //cache size - cacheSize = config.hasOwnProperty("cacheSize") ? config.cacheSize : 100; ->>>>>>> 7d0c3c0 //set grace period var gracePeriod = config.hasOwnProperty('gracePeriod') ? config.gracePeriod : 0; acceptField.gracePeriod = gracePeriod; @@ -82,14 +65,8 @@ module.exports.init = function(config, logger, stats) { } //token cache settings tokenCache = config.hasOwnProperty('tokenCache') ? config.tokenCache : false; - //token cache ttl -<<<<<<< HEAD - tokenCacheTTL = config.hasOwnProperty("tokenCacheTTL") ? config.tokenCacheTTL : tokenCacheTTL; -======= - tokenCacheTTL = config.hasOwnProperty("tokenCacheTTL") ? config.cacheKeyTTL : 60000; ->>>>>>> 7d0c3c0 //max number of tokens in the cache - tokenCacheSize = config.hasOwnProperty('tokenCacheSize') ? config.tokenCacheSize : tokenCacheSize; + tokenCacheSize = config.hasOwnProperty('tokenCacheSize') ? config.tokenCacheSize : 100; // //support for enabling oauth or api key only var header = false; @@ -229,7 +206,6 @@ module.exports.init = function(config, logger, stats) { var isValid = false; var oauthtoken = token && token.token ? token.token : token; -<<<<<<< HEAD var decodedToken = null; // try { @@ -240,11 +216,6 @@ module.exports.init = function(config, logger, stats) { } // if (tokenCache === true) { -======= - var decodedToken = JWS.parse(oauthtoken); - - if (tokenCache == true) { ->>>>>>> support explicit cache ttl debug('token caching enabled') map.read(oauthtoken, function(err, tokenvalue) { if (!err && tokenvalue !== undefined && tokenvalue !== null && tokenvalue === oauthtoken) { @@ -280,18 +251,8 @@ module.exports.init = function(config, logger, stats) { } else { if (tokenvalue === null || tokenvalue === undefined) { map.size(function(err, sizevalue) { -<<<<<<< HEAD - if (!err && sizevalue != null && sizevalue < tokenCacheSize) { - map.store(oauthtoken, oauthtoken, tokenCacheTTL); -======= -<<<<<<< HEAD if (!err && sizevalue !== null && sizevalue < tokenCacheSize) { map.store(oauthtoken, oauthtoken, decodedToken.payloadObj.exp); -======= - if (!err && sizevalue != null && sizevalue < tokenCacheSize) { - map.store(oauthtoken, oauthtoken, tokenCacheTTL); ->>>>>>> support explicit cache ttl ->>>>>>> 7d0c3c0 } else { debug('too many tokens in cache; ignore storing token'); } @@ -332,7 +293,7 @@ module.exports.init = function(config, logger, stats) { req.token = decodedToken; var authClaims = _.omit(decodedToken, PRIVATE_JWT_VALUES); - req.headers['x-authorization-claims'] = Buffer.from(JSON.stringify(authClaims)).toString('base64'); + req.headers['x-authorization-claims'] = new Buffer(JSON.stringify(authClaims)).toString('base64'); if (apiKey) { var cacheControl = req.headers['cache-control'] || 'no-cache'; @@ -340,24 +301,8 @@ module.exports.init = function(config, logger, stats) { // default to now (in seconds) + 30m if not set decodedToken.exp = decodedToken.exp || +(((Date.now() / 1000) + 1800).toFixed(0)); //apiKeyCache[apiKey] = decodedToken; -<<<<<<< HEAD -======= -<<<<<<< HEAD cache.store(apiKey, decodedToken,decodedToken.exp); debug('api key cache store', apiKey); -======= ->>>>>>> 7d0c3c0 - cache.size(function(err, sizevalue) { - if (!err && sizevalue != null && sizevalue < cacheSize) { - cache.store(apiKey, decodedToken, cacheKeyTTL); - } else { - debug('too many keys in cache; ignore storing token'); - } - }); -<<<<<<< HEAD -======= ->>>>>>> support explicit cache ttl ->>>>>>> 7d0c3c0 } else { debug('api key cache skip', apiKey); } @@ -563,4 +508,4 @@ function sendError(req, res, next, logger, stats, code, message) { next(code, message); return code; -} +} \ No newline at end of file diff --git a/oauthv2/index.js b/oauthv2/index.js index 016607c..25c65a9 100644 --- a/oauthv2/index.js +++ b/oauthv2/index.js @@ -3,13 +3,7 @@ var debug = require('debug')('plugin:oauthv2'); var url = require('url'); var rs = require('jsrsasign'); -<<<<<<< HEAD -var fs = require('fs'); -var path = require('path'); -const memoredpath = path.resolve(__dirname,'../../..')+'/third_party/memored/memored'; -======= const memoredpath = '../third_party/memored/index'; ->>>>>>> 7d0c3c0 var map = require(memoredpath); var JWS = rs.jws.JWS; //var requestLib = require('request'); @@ -33,8 +27,7 @@ map.setup({ purgeInterval: 10000 }); -var tokenCacheSize = 100; //default cache size for access tokens -var tokenCacheTTL = 60000; //set default token cache TTL to 1 minute +var tokenCacheSize = 100; module.exports.init = function(config, logger, stats) { @@ -56,14 +49,8 @@ module.exports.init = function(config, logger, stats) { } //token cache settings tokenCache = config.hasOwnProperty('tokenCache') ? config.tokenCache : false; - //token cache ttl -<<<<<<< HEAD - tokenCacheTTL = config.hasOwnProperty("tokenCacheTTL") ? config.cacheKeyTTL : tokenCacheTTL; -======= - tokenCacheTTL = config.hasOwnProperty("tokenCacheTTL") ? config.cacheKeyTTL : 60000; ->>>>>>> 7d0c3c0 //max number of tokens in the cache - tokenCacheSize = config.hasOwnProperty('tokenCacheSize') ? config.tokenCacheSize : tokenCacheSize; + tokenCacheSize = config.hasOwnProperty('tokenCacheSize') ? config.tokenCacheSize : 100; // var header = false; if (!req.headers[authHeaderName]) { @@ -146,18 +133,8 @@ module.exports.init = function(config, logger, stats) { } else { if (tokenvalue === null || tokenvalue === undefined) { map.size(function(err, sizevalue) { -<<<<<<< HEAD - if (!err && sizevalue != null && sizevalue < tokenCacheSize) { - map.store(oauthtoken, oauthtoken, tokenCacheTTL); -======= -<<<<<<< HEAD if (!err && sizevalue !== null && sizevalue < tokenCacheSize) { map.store(oauthtoken, oauthtoken, decodedToken.payloadObj.exp); -======= - if (!err && sizevalue != null && sizevalue < tokenCacheSize) { - map.store(oauthtoken, oauthtoken, tokenCacheTTL); ->>>>>>> support explicit cache ttl ->>>>>>> 7d0c3c0 } else { debug('too many tokens in cache; ignore storing token'); } @@ -197,7 +174,7 @@ module.exports.init = function(config, logger, stats) { if (checkIfAuthorized(config, req.reqUrl.path, res.proxy, decodedToken)) { req.token = decodedToken; var authClaims = _.omit(decodedToken, PRIVATE_JWT_VALUES); - req.headers['x-authorization-claims'] = Buffer.from(JSON.stringify(authClaims)).toString('base64'); + req.headers['x-authorization-claims'] = new Buffer(JSON.stringify(authClaims)).toString('base64'); next(); } else { return sendError(req, res, next, logger, stats, 'access_denied'); @@ -375,4 +352,4 @@ function sendError(req, res, next, logger, stats, code, message) { stats.incrementStatusCount(res.statusCode); next(code, message); return code; -} +} \ No newline at end of file diff --git a/package.json b/package.json index 6d579e6..1f79ec6 100644 --- a/package.json +++ b/package.json @@ -1,10 +1,6 @@ { "name": "microgateway-plugins", -<<<<<<< HEAD - "version": "2.5.38", -======= "version": "3.0.1", ->>>>>>> 7d0c3c0 "description": "Plugins for Apige Edge Microgateway", "license": "Apache-2.0", "main": "index.js", @@ -37,20 +33,14 @@ "xml2js": "^0.4.17" }, "devDependencies": { -<<<<<<< HEAD - "js-yaml": "^3.13", -======= ->>>>>>> 7d0c3c0 "chai": "^2.3.0", "config": "^1.13.0", "js-yaml": "^3.4.2", "jshint-stylish": "^2.2.1", "jsonwebtoken": "^5.0.1", -<<<<<<< HEAD "pem": "^1.14.2", "volos-analytics-memory": "^0.2.0", "volos-quota-memory": "^0.11.0" -======= "mocha": "^5.2.0", "nyc": "^14.1.1", "pem": "^1.7.2", From 9f127adc38c4804b0d90ee394482471709f8b704 Mon Sep 17 00:00:00 2001 From: Nandan Sridhar Date: Mon, 8 Jul 2019 17:39:14 -0700 Subject: [PATCH 10/10] merge changes --- monitor/index.js | 7 +------ 1 file changed, 1 insertion(+), 6 deletions(-) diff --git a/monitor/index.js b/monitor/index.js index 39a1551..66e73f2 100644 --- a/monitor/index.js +++ b/monitor/index.js @@ -4,13 +4,8 @@ */ var debug = require('debug')('plugin:monitor'); -<<<<<<< HEAD -var path = require("path"); -const memoredpath = path.resolve(__dirname,'../../..')+'/third_party/memored/memored'; -======= // var path = require('path'); const memoredpath = '../third_party/memored/index'; ->>>>>>> 7d0c3c0 var cache = require(memoredpath); const lynx = require('lynx'); const os = require('os'); @@ -147,4 +142,4 @@ module.exports.init = function(config /*, logger, stats */) { next(); } }; -} +} \ No newline at end of file