mikeconrad/web-authenticator
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Added akeyless api integration

Browse Source
This commit is contained in:
Mike Conrad
2023-08-31 17:14:13 -04:00
parent e0d4cb41b0
commit 80737a2927
9 changed files with 95 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
.env.example Normal file
View File

@ -0,0 +1,3 @@
VITE_AKEYLESS_ACCESS_ID=""
VITE_AKEYLESS_ACCESS_KEY=""
VITE_AKEYLESS_KEY_PATH=""

2
.gitignore vendored
View File

@ -22,4 +22,4 @@ dist-ssr
*.njsproj *.njsproj
*.sln *.sln
*.sw? *.sw?
tokens.ts .env

12
src/env.d.ts vendored Normal file
View File

@ -0,0 +1,12 @@
/// <reference types="vite/client" />
interface ImportMetaEnv {
readonly VITE_AKEYLESS_KEY_PATH: string
readonly VITE_AKEYLESS_ACCESS_ID: string
readonly VITE_AKEYLESS_ACCESS_KEY: string
// more env variables...
}
interface ImportMeta {
readonly env: ImportMetaEnv
}

5
src/main.ts
View File

@ -2,7 +2,4 @@ import "./style.css";
import { tokenList } from "./tokenList"; import { tokenList } from "./tokenList";
import rootDiv from "./utils/root"; import rootDiv from "./utils/root";
rootDiv!.innerHTML = await tokenList();
rootDiv!.innerHTML = `
${tokenList()}
`;

5
src/toast.ts
View File

@ -2,6 +2,11 @@ export function toast(element: HTMLDivElement, message: string) {
// Target our predefined DIV that will hold toast messages. // Target our predefined DIV that will hold toast messages.
const toastDiv = element.getElementsByClassName('toast') const toastDiv = element.getElementsByClassName('toast')
const interval = setInterval(() => {
toastDiv[0].remove()
clearInterval(interval)
}, 5000)
// If we currently have a toast displayed, let's remove it from the DOM. // If we currently have a toast displayed, let's remove it from the DOM.
if (toastDiv && toastDiv.length != 0) { if (toastDiv && toastDiv.length != 0) {
for (const el of toastDiv){ for (const el of toastDiv){

1
src/token.ts
View File

@ -1,7 +1,6 @@
import totp from 'totp-generator' import totp from 'totp-generator'
const period = 30 const period = 30
const digits = 6 const digits = 6
export function displayToken(secret: string) { export function displayToken(secret: string) {
const token = totp(secret.replace(/ /g, '').trim(), { const token = totp(secret.replace(/ /g, '').trim(), {
digits, digits,

7
src/tokenList.ts
View File

@ -1,8 +1,9 @@
import { displayTokenListItem } from "./tokenListItem"; import { displayTokenListItem } from "./tokenListItem";
import { tokens } from "./tokens"; import { Token, decryptTokensWithAkeyless } from "./utils/api";
export function tokenList() { export async function tokenList() {
return `<form id="tokens">${tokens.map((token) => const decryptedTokens = (await decryptTokensWithAkeyless(import.meta.env.VITE_AKEYLESS_KEY_PATH))
return `<form id="tokens">${decryptedTokens.map((token: Token) =>
displayTokenListItem(token.account, token.secret) displayTokenListItem(token.account, token.secret)
)}</form>`; )}</form>`;
} }

1
src/tokens.ts Normal file
View File

@ -0,0 +1 @@
export const tokens = "AQAAAAEIAd3tVg6Vbzp/2fXBP6JdFoK7A5fu5n8daqwUzGKK3CgAYW+SujAoXcK5R3QgGkUp34Vi/DEtjOU9WNd3vGIMZAUQhngRqDS0rfK3i8kN4/C5oBjhkYhWKY6ABbJtmnI9p4EzfnC5RkZlSpHFNK6yAxk2jJVAFU6ynXkqVZKLamtf+aViyYyX8wI="

68
src/utils/api.ts Normal file
View File

@ -0,0 +1,68 @@
import { tokens } from "../tokens";
export interface TokenResponse {
token: string;
creds: null;
}
export interface Token {
account: string;
secret: string;
}
export interface GenericAPIResponse {
result: string;
}
const baseUrl = 'https://api.akeyless.io'
async function fetchAkeylessAuthToken(): Promise<TokenResponse> {
const options = {
method: 'POST',
headers: {accept: 'application/json', 'content-type': 'application/json'},
body: JSON.stringify({
'access-type': 'access_key',
'gcp-audience': 'akeyless.io',
json: false,
'access-id': import.meta.env.VITE_AKEYLESS_ACCESS_ID,
'access-key': import.meta.env.VITE_AKEYLESS_ACCESS_KEY
})
};
const token = await fetch(`${baseUrl}/auth`, options)
return await token.json()
}
async function encryptTokensWithAkeyless(encryptionKeyName: string): Promise<GenericAPIResponse>{
const options = {
method: 'POST',
headers: {accept: 'application/json', 'content-type': 'application/json'},
body: JSON.stringify({
json: false,
'key-name': encryptionKeyName,
plaintext: JSON.stringify(tokens),
token: (await fetchAkeylessAuthToken()).token
})
};
const response = await fetch(`${baseUrl}/encrypt`, options)
return await response.json()
}
async function decryptTokensWithAkeyless(encryptionKeyName: string): Promise<Token[]>{
const options = {
method: 'POST',
headers: {accept: 'application/json', 'content-type': 'application/json'},
body: JSON.stringify({
json: false,
'key-name': encryptionKeyName,
ciphertext: tokens,
token: (await fetchAkeylessAuthToken()).token
})
};
const response = await fetch(`${baseUrl}/decrypt`, options)
const decodedTokens = await response.json()
return JSON.parse(decodedTokens.result)
}
export {fetchAkeylessAuthToken, encryptTokensWithAkeyless, decryptTokensWithAkeyless}