diff --git a/.code-samples.meilisearch.yaml b/.code-samples.meilisearch.yaml index 654eac4db..a0909e542 100644 --- a/.code-samples.meilisearch.yaml +++ b/.code-samples.meilisearch.yaml @@ -709,7 +709,7 @@ tenant_token_guide_generate_sdk_1: |- const apiKeyUid = '85c3c2f9-bdd6-41f1-abd8-11fcf80e0f76' const expiresAt = new Date('2025-12-20') // optional - const token = client.generateTenantToken(apiKeyUid, searchRules, { + const token = await client.generateTenantToken(apiKeyUid, searchRules, { apiKey: apiKey, expiresAt: expiresAt, }) diff --git a/docker-compose.yml b/docker-compose.yml index bf1ba61c8..e56b69f66 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -1,8 +1,6 @@ -version: "3.8" - services: package: - image: node:16 + image: node:18 tty: true stdin_open: true working_dir: /home/package diff --git a/src/clients/client.ts b/src/clients/client.ts index 3cd9c6b74..2eb61713d 100644 --- a/src/clients/client.ts +++ b/src/clients/client.ts @@ -475,11 +475,11 @@ class Client { _apiKeyUid: string, _searchRules: TokenSearchRules, _options?: TokenOptions - ): string { + ): Promise { const error = new Error() - throw new Error( - `Meilisearch: failed to generate a tenant token. Generation of a token only works in a node environment \n ${error.stack}.` - ) + error.message = `Meilisearch: failed to generate a tenant token. Generation of a token only works in a node environment \n ${error.stack}.` + + return Promise.reject(error) } } diff --git a/src/clients/node-client.ts b/src/clients/node-client.ts index b4d581317..c74f96c3c 100644 --- a/src/clients/node-client.ts +++ b/src/clients/node-client.ts @@ -18,15 +18,19 @@ class MeiliSearch extends Client { * @param options - Token options to customize some aspect of the token. * @returns The token in JWT format. */ - generateTenantToken( + async generateTenantToken( apiKeyUid: string, searchRules: TokenSearchRules, options?: TokenOptions - ): string { + ): Promise { if (typeof window === 'undefined') { - return this.tokens.generateTenantToken(apiKeyUid, searchRules, options) + return await this.tokens.generateTenantToken( + apiKeyUid, + searchRules, + options + ) } - return super.generateTenantToken(apiKeyUid, searchRules, options) + return await super.generateTenantToken(apiKeyUid, searchRules, options) } } export { MeiliSearch } diff --git a/src/token.ts b/src/token.ts index 2a6f408ff..ee0170adc 100644 --- a/src/token.ts +++ b/src/token.ts @@ -1,5 +1,4 @@ import { Config, TokenSearchRules, TokenOptions } from './types' -import { createHmac } from 'crypto' import { MeiliSearchError } from './errors' import { validateUuid4 } from './utils' @@ -15,7 +14,13 @@ function encode64(data: any) { * @param encodedPayload - Payload of the token in base64. * @returns The signature of the token in base64. */ -function sign(apiKey: string, encodedHeader: string, encodedPayload: string) { +async function sign( + apiKey: string, + encodedHeader: string, + encodedPayload: string +) { + const { createHmac } = await import('crypto') + return createHmac('sha256', apiKey) .update(`${encodedHeader}.${encodedPayload}`) .digest('base64') @@ -132,11 +137,11 @@ class Token { * @param options - Token options to customize some aspect of the token. * @returns The token in JWT format. */ - generateTenantToken( + async generateTenantToken( apiKeyUid: string, searchRules: TokenSearchRules, options?: TokenOptions - ): string { + ): Promise { const apiKey = options?.apiKey || this.config.apiKey || '' const uid = apiKeyUid || '' const expiresAt = options?.expiresAt @@ -145,7 +150,7 @@ class Token { const encodedHeader = createHeader() const encodedPayload = createPayload({ searchRules, uid, expiresAt }) - const signature = sign(apiKey, encodedHeader, encodedPayload) + const signature = await sign(apiKey, encodedHeader, encodedPayload) return `${encodedHeader}.${encodedPayload}.${signature}` } diff --git a/tests/token.test.ts b/tests/token.test.ts index 45072a460..87963ea27 100644 --- a/tests/token.test.ts +++ b/tests/token.test.ts @@ -9,7 +9,6 @@ import { } from './utils/meilisearch-test-utils' import { createHmac } from 'crypto' import MeiliSearch from '../src' -import { MeiliSearchError } from '../src/errors' const HASH_ALGORITHM = 'HS256' const TOKEN_TYP = 'JWT' @@ -44,7 +43,7 @@ describe.each([{ permission: 'Admin' }])( const client = await getClient(permission) const apiKey = await getKey(permission) const { uid } = await client.getKey(apiKey) - const token = client.generateTenantToken(uid, [], {}) + const token = await client.generateTenantToken(uid, [], {}) const [header64] = token.split('.') // header @@ -57,7 +56,7 @@ describe.each([{ permission: 'Admin' }])( const client = await getClient(permission) const apiKey = await getKey(permission) const { uid } = await client.getKey(apiKey) - const token = client.generateTenantToken(uid, [], {}) + const token = await client.generateTenantToken(uid, [], {}) const [header64, payload64, signature64] = token.split('.') // signature @@ -75,7 +74,7 @@ describe.each([{ permission: 'Admin' }])( const client = await getClient(permission) const apiKey = await getKey(permission) const { uid } = await client.getKey(apiKey) - const token = client.generateTenantToken(uid, [], {}) + const token = await client.generateTenantToken(uid, [], {}) const [_, payload64] = token.split('.') // payload @@ -90,7 +89,7 @@ describe.each([{ permission: 'Admin' }])( const client = await getClient(permission) const apiKey = await getKey(permission) const { uid } = await client.getKey(apiKey) - const token = client.generateTenantToken(uid, [UID]) + const token = await client.generateTenantToken(uid, [UID]) const [_, payload64] = token.split('.') // payload @@ -105,7 +104,7 @@ describe.each([{ permission: 'Admin' }])( const client = await getClient(permission) const apiKey = await getKey(permission) const { uid } = await client.getKey(apiKey) - const token = client.generateTenantToken(uid, { [UID]: {} }) + const token = await client.generateTenantToken(uid, { [UID]: {} }) const [_, payload64] = token.split('.') // payload @@ -120,7 +119,7 @@ describe.each([{ permission: 'Admin' }])( const apiKey = await getKey(permission) const { uid } = await client.getKey(apiKey) - const token = client.generateTenantToken(uid, ['*']) + const token = await client.generateTenantToken(uid, ['*']) const searchClient = new MeiliSearch({ host: HOST, apiKey: token }) @@ -137,7 +136,7 @@ describe.each([{ permission: 'Admin' }])( indexes: [UID], }) const client = await getClient(permission) - const token = client.generateTenantToken(uid, ['*'], { + const token = await client.generateTenantToken(uid, ['*'], { apiKey: key, }) @@ -152,7 +151,7 @@ describe.each([{ permission: 'Admin' }])( const date = new Date('December 17, 4000 03:24:00') const apiKey = await getKey(permission) const { uid } = await client.getKey(apiKey) - const token = client.generateTenantToken(uid, ['*'], { + const token = await client.generateTenantToken(uid, ['*'], { expiresAt: date, }) @@ -171,18 +170,18 @@ describe.each([{ permission: 'Admin' }])( const { uid } = await client.getKey(apiKey) const date = new Date('December 17, 2000 03:24:00') - expect(() => - client.generateTenantToken(uid, ['*'], { - expiresAt: date, - }) - ).toThrow() + expect( + client.generateTenantToken(uid, ['*'], { expiresAt: date }) + ).rejects.toThrow( + `Meilisearch: The expiresAt field must be a date in the future.` + ) }) test(`${permission} key: Search in tenant token with specific index set to null`, async () => { const client = await getClient(permission) const apiKey = await getKey(permission) const { uid } = await client.getKey(apiKey) - const token = client.generateTenantToken(uid, { + const token = await client.generateTenantToken(uid, { [UID]: null, }) @@ -202,7 +201,7 @@ describe.each([{ permission: 'Admin' }])( const client = await getClient(permission) const apiKey = await getKey(permission) const { uid } = await client.getKey(apiKey) - const token = client.generateTenantToken(uid, { + const token = await client.generateTenantToken(uid, { [UID]: { filter: 'id = 2' }, }) @@ -216,7 +215,7 @@ describe.each([{ permission: 'Admin' }])( const client = await getClient(permission) const apiKey = await getKey(permission) const { uid } = await client.getKey(apiKey) - const token = client.generateTenantToken(uid, []) + const token = await client.generateTenantToken(uid, []) const searchClient = new MeiliSearch({ host: HOST, apiKey: token }) @@ -230,7 +229,7 @@ describe.each([{ permission: 'Admin' }])( const client = await getClient(permission) const apiKey = await getKey(permission) const { uid } = await client.getKey(apiKey) - const token = client.generateTenantToken(uid, { misc: null }) + const token = await client.generateTenantToken(uid, { misc: null }) const searchClient = new MeiliSearch({ host: HOST, apiKey: token }) @@ -246,7 +245,7 @@ describe.each([{ permission: 'Admin' }])( const { uid } = await client.getKey(apiKey) const date = new Date('December 17, 2000 03:24:00') - expect(() => + expect( client.generateTenantToken( uid, {}, @@ -254,30 +253,24 @@ describe.each([{ permission: 'Admin' }])( expiresAt: date, } ) - ).toThrowError( - new MeiliSearchError( - `Meilisearch: The expiresAt field must be a date in the future.` - ) + ).rejects.toThrow( + `Meilisearch: The expiresAt field must be a date in the future.` ) }) test(`${permission} key: Creates tenant token with wrong uid type throws an error`, async () => { const client = await getClient(permission) - expect(() => client.generateTenantToken('1234', ['*'])).toThrowError( - new MeiliSearchError( - `Meilisearch: The uid of your key is not a valid uuid4. To find out the uid of your key use getKey().` - ) + expect(client.generateTenantToken('1234', ['*'])).rejects.toThrow( + `Meilisearch: The uid of your key is not a valid uuid4. To find out the uid of your key use getKey().` ) }) test(`${permission} key: Creates a tenant token with no api key in client and in parameters throws an error`, () => { const client = new MeiliSearch({ host: HOST }) - expect(() => client.generateTenantToken('123', [])).toThrowError( - new MeiliSearchError( - `Meilisearch: The API key used for the token generation must exist and be of type string.` - ) + expect(client.generateTenantToken('123', [])).rejects.toThrow( + `Meilisearch: The API key used for the token generation must exist and be of type string.` ) }) }