update deno commons mod
This commit is contained in:
@@ -1315,6 +1315,60 @@ export async function fetchAlibabaCloudInstanceIdentityV1(
|
|||||||
return await pkcs7Response.text();
|
return await pkcs7Response.text();
|
||||||
}
|
}
|
||||||
|
|
||||||
|
export type InvokeMethod = "GET" | "POST";
|
||||||
|
|
||||||
|
export interface SimpleResponse {
|
||||||
|
status: number;
|
||||||
|
message: string;
|
||||||
|
}
|
||||||
|
|
||||||
|
export async function invokeViaAlibabaCloudInstanceIdentity(
|
||||||
|
method: InvokeMethod,
|
||||||
|
path: string,
|
||||||
|
params?: string[][],
|
||||||
|
body?: string,
|
||||||
|
mode?: AlibabaCloudInstanceIdentityMode,
|
||||||
|
): Promise<SimpleResponse> {
|
||||||
|
const pkcs7 = await fetchAlibabaCloudInstanceIdentityV1(
|
||||||
|
`hatter.ink:${path}`,
|
||||||
|
mode,
|
||||||
|
);
|
||||||
|
const url = [];
|
||||||
|
url.push(`https://global.hatter.ink${path}`);
|
||||||
|
if (params) {
|
||||||
|
for (let i = 0; i < params.length; i++) {
|
||||||
|
const param = params[i];
|
||||||
|
url.push((i == 0) ? "?" : "&");
|
||||||
|
url.push(encodeURIComponent(param[0]));
|
||||||
|
url.push("=");
|
||||||
|
url.push(encodeURIComponent(param[1]));
|
||||||
|
}
|
||||||
|
}
|
||||||
|
const httpResponse = await fetchDataWithTimeout(
|
||||||
|
url.join(""),
|
||||||
|
{
|
||||||
|
method: method,
|
||||||
|
headers: {
|
||||||
|
"Authorization": `PKCS7 ${pkcs7}`,
|
||||||
|
},
|
||||||
|
},
|
||||||
|
);
|
||||||
|
if (httpResponse.status != 200) {
|
||||||
|
throw new Error(`Get ${path} failed: ${httpResponse.status}`);
|
||||||
|
}
|
||||||
|
const simpleResponse = await httpResponse
|
||||||
|
.json() as SimpleResponse;
|
||||||
|
log.debug("simpleResponse", simpleResponse);
|
||||||
|
if (simpleResponse.status != 200) {
|
||||||
|
throw new Error(
|
||||||
|
`Get ${path} failed: ${simpleResponse.status}, raw: ${
|
||||||
|
JSON.stringify(simpleResponse)
|
||||||
|
}`,
|
||||||
|
);
|
||||||
|
}
|
||||||
|
return simpleResponse;
|
||||||
|
}
|
||||||
|
|
||||||
interface GetSecretResponse {
|
interface GetSecretResponse {
|
||||||
status: number;
|
status: number;
|
||||||
message: string;
|
message: string;
|
||||||
@@ -1334,29 +1388,13 @@ export async function getSecretValueViaAlibabaCloudInstanceIdentity(
|
|||||||
key: string,
|
key: string,
|
||||||
mode?: AlibabaCloudInstanceIdentityMode,
|
mode?: AlibabaCloudInstanceIdentityMode,
|
||||||
): Promise<string> {
|
): Promise<string> {
|
||||||
const pkcs7 = await fetchAlibabaCloudInstanceIdentityV1(
|
const secretResponse = await invokeViaAlibabaCloudInstanceIdentity(
|
||||||
"hatter.ink:/secret/get.json",
|
"GET",
|
||||||
|
"/secret/get.json",
|
||||||
|
[["name", key]],
|
||||||
|
null,
|
||||||
mode,
|
mode,
|
||||||
);
|
) as GetSecretResponse;
|
||||||
const httpSecretResponse = await fetchDataWithTimeout(
|
|
||||||
`https://global.hatter.ink/secret/get.json?name=${
|
|
||||||
encodeURIComponent(key)
|
|
||||||
}`,
|
|
||||||
{
|
|
||||||
headers: {
|
|
||||||
"Authorization": `PKCS7 ${pkcs7}`,
|
|
||||||
},
|
|
||||||
},
|
|
||||||
);
|
|
||||||
if (httpSecretResponse.status != 200) {
|
|
||||||
throw new Error(`Get secret failed: ${httpSecretResponse.status}`);
|
|
||||||
}
|
|
||||||
const secretResponse = await httpSecretResponse
|
|
||||||
.json() as GetSecretResponse;
|
|
||||||
log.debug("secretResponse", secretResponse);
|
|
||||||
if (secretResponse.status != 200) {
|
|
||||||
throw new Error(`Get secret failed: ${secretResponse.status}`);
|
|
||||||
}
|
|
||||||
return secretResponse.data.value;
|
return secretResponse.data.value;
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -1412,39 +1450,19 @@ export async function assumeRoleByKeyViaAlibabaCloudInstanceIdentity(
|
|||||||
roleArn: string,
|
roleArn: string,
|
||||||
mode?: AlibabaCloudInstanceIdentityMode,
|
mode?: AlibabaCloudInstanceIdentityMode,
|
||||||
): Promise<StsToken> {
|
): Promise<StsToken> {
|
||||||
const pkcs7 = await fetchAlibabaCloudInstanceIdentityV1(
|
const assumeRoleResponse = await invokeViaAlibabaCloudInstanceIdentity(
|
||||||
"hatter.ink:/cloud/alibaba_cloud/assume_role_by_key.json",
|
"GET",
|
||||||
|
"/cloud/alibaba_cloud/assume_role_by_key.json",
|
||||||
|
[["roleArn", roleArn]],
|
||||||
|
null,
|
||||||
mode,
|
mode,
|
||||||
);
|
) as AssumeRoleByKeyResponse;
|
||||||
const httpAssumeRoleResponse = await fetchDataWithTimeout(
|
|
||||||
`https://global.hatter.ink/cloud/alibaba_cloud/assume_role_by_key.json?roleArn=${
|
|
||||||
encodeURIComponent(roleArn)
|
|
||||||
}`,
|
|
||||||
{
|
|
||||||
headers: {
|
|
||||||
"Authorization": `PKCS7 ${pkcs7}`,
|
|
||||||
},
|
|
||||||
},
|
|
||||||
);
|
|
||||||
if (httpAssumeRoleResponse.status != 200) {
|
|
||||||
throw new Error(
|
|
||||||
`Assume role by key failed: ${httpAssumeRoleResponse.status}`,
|
|
||||||
);
|
|
||||||
}
|
|
||||||
const assumeRoleResponse = await httpAssumeRoleResponse
|
|
||||||
.json() as AssumeRoleByKeyResponse;
|
|
||||||
log.debug("assumeRoleResponse", assumeRoleResponse);
|
|
||||||
if (assumeRoleResponse.status != 200) {
|
|
||||||
throw new Error(
|
|
||||||
`Assume role by key failed: ${assumeRoleResponse.status}, raw: ${
|
|
||||||
JSON.stringify(assumeRoleResponse)
|
|
||||||
}`,
|
|
||||||
);
|
|
||||||
}
|
|
||||||
return assumeRoleResponse.data;
|
return assumeRoleResponse.data;
|
||||||
}
|
}
|
||||||
|
|
||||||
export async function assumeRoleByKeyViaHatterCli(roleArn: string): Promise<string> {
|
export async function assumeRoleByKeyViaHatterCli(
|
||||||
|
roleArn: string,
|
||||||
|
): Promise<string> {
|
||||||
const output = await execCommand("hatter", [
|
const output = await execCommand("hatter", [
|
||||||
"cloud-key",
|
"cloud-key",
|
||||||
"assume-role",
|
"assume-role",
|
||||||
|
|||||||
Reference in New Issue
Block a user