github/infisical
1
0
Fork 0
mirror of https://github.com/Infisical/infisical.git synced 2026-01-09 07:28:09 -05:00
Code Issues Packages Projects Releases Wiki Activity

fix: review comments

Browse Source
This commit is contained in:
Piyush Gupta
2025-12-12 20:06:57 +05:30
parent 5aa4864ec4
commit 9a475ac897
2 changed files with 36 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
backend/src/ee/routes/v1/external-kms-routers/external-kms-endpoints.ts
View File

@@ -11,6 +11,7 @@ import {
} from "@app/ee/services/external-kms/providers/model";
import { crypto } from "@app/lib/crypto/cryptography";
import { BadRequestError } from "@app/lib/errors";
import { deterministicStringify } from "@app/lib/fn/object";
import { readLimit, writeLimit } from "@app/server/config/rateLimiter";
import { verifyAuth } from "@app/server/plugins/auth/verify-auth";
import { AuthMode } from "@app/services/auth/auth-type";
@@ -88,7 +89,7 @@ export const registerExternalKmsEndpoints = <
...rest
} = externalKms;
const credentialsToHash = JSON.stringify(configuration.credential);
const credentialsToHash = deterministicStringify(configuration.credential);
const credentialsHash = crypto.nativeCrypto
.createHash("sha256")
@@ -156,7 +157,7 @@ export const registerExternalKmsEndpoints = <
...rest
} = externalKms;
const credentialsToHash = JSON.stringify(externalKmsConfiguration.credential);
const credentialsToHash = deterministicStringify(externalKmsConfiguration.credential);
const credentialsHash = crypto.nativeCrypto
.createHash("sha256")
@@ -228,7 +229,7 @@ export const registerExternalKmsEndpoints = <
...rest
} = externalKms;
const credentialsToHash = JSON.stringify(externalKmsConfiguration.credential);
const credentialsToHash = deterministicStringify(externalKmsConfiguration.credential);
const credentialsHash = crypto.nativeCrypto
.createHash("sha256")
@@ -286,7 +287,7 @@ export const registerExternalKmsEndpoints = <
...rest
} = externalKms;
const credentialsToHash = JSON.stringify(configuration.credential);
const credentialsToHash = deterministicStringify(configuration.credential);
const credentialsHash = crypto.nativeCrypto
.createHash("sha256")

31
backend/src/lib/fn/object.ts
View File

@@ -103,3 +103,34 @@ export const deepEqualSkipFields = (obj1: unknown, obj2: unknown, skipFields: st
return deepEqual(filtered1, filtered2);
};
export const deterministicStringify = (value: unknown): string => {
if (value === null || value === undefined) {
return JSON.stringify(value);
}
if (typeof value === "string" || typeof value === "number" || typeof value === "boolean") {
return JSON.stringify(value);
}
if (Array.isArray(value)) {
const items = value.map((item) => deterministicStringify(item));
return `[${items.join(",")}]`;
}
if (typeof value === "object") {
const sortedKeys = Object.keys(value).sort();
const sortedObj: Record<string, unknown> = {};
for (const key of sortedKeys) {
const val = (value as Record<string, unknown>)[key];
if (typeof val === "object" && val !== null) {
sortedObj[key] = JSON.parse(deterministicStringify(val));
} else {
sortedObj[key] = val;
}
}
return JSON.stringify(sortedObj);
}
return JSON.stringify(value);
};