integrationos-domain 8.0.0

Shared library for IntegrationOS
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142

pub mod hashed_secret;
pub mod oauth_secret;

use crate::{IntegrationOSError, InternalError};
use chrono::Utc;
use secrecy::SecretString;
use serde::{Deserialize, Serialize};
use serde_json::Value;
use uuid::Uuid;

#[derive(Debug, Serialize, Deserialize, Clone)]
pub struct SecretAuthor {
    #[serde(rename = "_id")]
    pub id: String,
}

impl Default for SecretAuthor {
    fn default() -> Self {
        Self {
            id: "anonymous".to_string(),
        }
    }
}

#[derive(Debug, Serialize, Deserialize, Clone, Default, Eq, PartialEq, Hash, Copy)]
#[serde(rename_all = "kebab-case")]
pub enum SecretVersion {
    #[default]
    // Refers to Google Cloud KMS
    V1,
    // Refers to Ios KMS
    V2,
}

#[derive(Debug, Serialize, Deserialize, Clone)]
#[serde(rename_all = "camelCase")]
pub struct Secret {
    #[serde(rename = "_id")]
    id: String,
    buildable_id: String,
    // Note: this was done due to an initial error making the timestamp as an f64
    created_at: f64,
    author: SecretAuthor,
    encrypted_secret: String,
    #[serde(default)]
    version: Option<SecretVersion>,
}

impl Secret {
    pub fn new(
        secret: String,
        version: Option<SecretVersion>,
        buildable_id: String,
        created_at: Option<i64>,
    ) -> Self {
        Self {
            id: Uuid::new_v4().to_string(),
            buildable_id,
            created_at: created_at.unwrap_or(Utc::now().timestamp_millis()) as f64,
            author: SecretAuthor::default(),
            encrypted_secret: secret,
            version,
        }
    }

    pub fn id(&self) -> String {
        self.id.clone()
    }

    pub fn decode<T>(&self) -> Result<T, IntegrationOSError>
    where
        T: for<'a> Deserialize<'a>,
    {
        serde_json::from_str(&self.encrypted_secret)
            .map_err(|e| InternalError::deserialize_error(&e.to_string(), None))
    }

    pub fn as_value(&self) -> Result<Value, IntegrationOSError> {
        self.decode()
            .or_else(|_| serde_json::to_value(&self.encrypted_secret))
            .map_err(|e| InternalError::deserialize_error(&e.to_string(), None))
    }

    pub fn version(&self) -> Option<SecretVersion> {
        self.version
    }

    pub fn created_at(&self) -> i64 {
        self.created_at as i64
    }

    pub fn buildable_id(&self) -> String {
        self.buildable_id.clone()
    }

    pub fn encrypted_secret(&self) -> SecretString {
        SecretString::new(self.encrypted_secret.clone())
    }
}

#[cfg(test)]
mod tests {

    use super::*;
    use serde_json::json;

    #[test]
    fn test_should_deserialize_secret_as_value() {
        let secret = Secret::new(
            "brand_new_secret".to_string(),
            None,
            "buildable_id".to_string(),
            None,
        );
        let value = secret.as_value().unwrap();
        assert_eq!(value, json!("brand_new_secret"));
    }

    #[test]
    fn test_should_deserialize_secret_as_json() {
        let secret = json!({"SECRET_KEY": "brand_new_secret"});
        let secret = Secret::new(secret.to_string(), None, "buildable_id".to_string(), None);
        let value = secret.as_value().unwrap();
        assert_eq!(value, json!({"SECRET_KEY": "brand_new_secret"}));
    }

    #[test]
    fn test_should_deserialize_secret_as_a_custom_type() {
        #[derive(Deserialize, Serialize)]
        struct CustomSecret {
            secret_key: String,
        }
        let secret = CustomSecret {
            secret_key: "brand_new_secret".to_string(),
        };
        let secret = serde_json::to_value(secret).expect("Failed to serialize secret");

        let secret = Secret::new(secret.to_string(), None, "buildable_id".to_string(), None);
        let custom_secret: CustomSecret = secret.decode().expect("Failed to decode secret");
        assert_eq!(custom_secret.secret_key, "brand_new_secret");
    }
}