Encryption Middleware Library
A library that provides a set of middlewares for decrypting the request body and encrypting the API response.
Getting Started:
-
Install the package in the chosen service
npm install @edirect/encryption-handler --save
-
The environment variables of the service that has installed the package must be updated
On projects that work with the
configpackage, you should add the following environment variables to thedefault.jsonor the.jsonresponsible for the environment variables.{ "encryption-service": { "baseUrl": "http://localhost:4212" }, "entity-service": { "baseUrl": "http://localhost:9091" } }On projects that work with the
.envfile, you can simply set the environment variable on the correspondent file.ENCRYPTION_URL=<my_encryption_service_dns> ENTITY_URL=<my_entity_service_dns>
Usage Examples:
- Express:
const express = require('express')
/* Require the package by setting a default name or extracting the methods */
const encryptionHandler = require('@edirect/encryption-handler')
const app = express()
const PORT = 3000
/* Set usage of the middlewares (decrypt/encrypt) */
const middleware = [ encryptionHandler.decrypt, encryptionHandler.encrypt ]
/* Addition of middleware array usage on an endpoint */
app.post('/', middleware, (request, response) => handleRequest)- NestJs:
/* Require the package by setting a default name or extracting the methods */
import * as encryptionHandler from '@edirect/encryption-handler';
import { Module, NestModule, MiddlewareConsumer } from '@nestjs/common';
import { PolicyModule } from './policy/policy.module';
import { PolicyController } from './policy/policy.controller.ts';
@Module({
imports: [PolicyModule],
})
export class AppModule implements NestModule {
configure(consumer: MiddlewareConsumer) {
consumer
/* Addition of middleware usage on endpoints separated by comma */
.apply(encryptionHandler.decrypt, encryptionHandler.encrypt)
.forRoutes(PolicyController);
}
}Development Environment
Aiming to show you how to use and test the package locally, we are going to take the package installation in the gateway as an example.
Clone the encryption-js-lib package project in your local environment
$ git clone git@bitbucket.org:gofrank/encryption-js-lib.git
Supposing you have the insurtech-gateway service installed in your environment. Download the package in the gateway service by running one of the following commands:
$ npm install @edirect/encryption-handler --save
$ npm install /your/file/full/path/to/encryption-js-lib
In the root of the encryption-js-lib package run the following command:
$ npm link
In the root of the insurtech-gateway service run the following command:
$ npm link @edirect/encryption-handler
Every change you do on the package is going to be reflected in the package installed in the Gateway service.
Possible Responses:
Using these middlewares the client can receive different types of responses depending on whether the decryption/encryption flow has succeeded or not.
- Success Response:
{
"status": 200,
"data": "encrypted/signed string"
}- Error Response
{ "status": 400, "code": "ENC001", "message": "Failed to encrypt" }
{ "status": 400, "code": "DEC001", "message": "Failed to decrypt" }
{ "status": 401, "code": "SIG001", "message": "Invalid signature" }
{ "status": 401, "code": "VAD001", "message": "Missing partner’s or bolttech’s keys" }
{ "status": 500, "code": "SYS001", "message": "System Error" }Description:
ENC001: Failed to encrypt due to wrong payload format or internal error
DEC001: Failed to decrypt due to wrong payload format or internal error
SIG001: Failed to verify the signature
VAD001: Missing partner’s or bolttech’s keys
SYS001: Internal server error
Encryption / Decryption Flow:
