akamai / akamaiopen-edgegrid-node Goto Github PK

Reading through this code, it appears to be nothing special... just hashing, encoding, and signing of requests using standard libraries. Why are there not basic explanatory instructions on how to forge an "edgegrid" request yourself instead of having to rely on installing akamai-provided libraries?

It doesn't appear that using edge.auth() / edge.send() you can upload binary data like a *.tgz tarball. This is necessary to interact with the new EdgeWorkers OPEN API. Can support or suggestions for existing usage if it exists, be provided for this use case? Thanks!

Reported by a customer:

The example '.edgerc' content 'host' attributes contains trailing forward slashes:

[default]
host = akaa-XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX.luna.akamaiapis.net/

The customer included these and subsequently encountered auth issues (signature does not match), due to the confusion.

Can this be removed? It doesn't conform to other .edgerc examples on other projects...

In the readme it gives an example of chaining call . However, it appears that functionality was removed for example this commit.

I'd be more than happy to submit a PR either removing the documentation or going through and adding back in the return statements I just need to know which direction the maintainers would like to take.

I personally like chaining but that's me.

I have an existing node.js tool that pulls Property Manager information via PAPI. I don't like the "prp_", "ctr_", "grp_", etc. appended values so I have always used the PAPI-Use-Prefixes request header set to false.

When I upgraded from [email protected] to [email protected], Edgegrid appears to ignore the request header key/values in my code (i.e. {'PAPI-Use-Prefixes': false}) and the response includes the undesired "prp_", "ctr_", "grp_" appended values to the property ID, contract ID, and group ID.

I'm able to resolve this problem by downgrading back to [email protected] (no other code changes).

Was the ability to set headers removed from v3.4.0? Thanks.

Hi,

May I know how can I use this module with web proxy with authentication

Hello guys,

CCU v3 returns something like this:

{  
    "detail": "Request accepted",   
    "estimatedSeconds": 5,   
    "httpStatus": 201,   
    "purgeId": "5f45684a-3d97-11e6-aaa0-73dc7cf18dee",   
    "supportId": "17PY1467163102911830-244184256"  
}  

My question is how to validate purge process? I don't see any examples.
It says, that purge will take 5 seconds, how to validate that purge was successful after 5 seconds?

Thanks

We have noticed that when we get error responses they are in html format, this is a big problem. Ideally the library would only return json for easy parsing and error management. This also relates to the existing PR to improve the error handling.

Given request/request#3142 and the request module going into "maintenance mode", is there a plan for using an alternative package for this library?

If there are comments in the .edgerc file the library doesn't not handle them correctly (ignore them).

Comments start with a ; and may be be on a line by themselves, or at the end of a line.

;comment

access_key = "foo bar" ;comment
client_secret = bat ;comment

I have some trouble in getting products from akami api using nodejs AkamaiOPEN-edgegrid-node.
Here is my code:
eg.auth({
path: '/billing-usage/v1/products',
method: 'POST',
headers: {'reportSources': '[{'id':'123','type':'reportGroup'},{'id':'123','type':'contract'},{'id':'123','type':'reportGroup'}]',
'startDate': '{'month':1, 'year': 2015}',
'endDate': '{'month':11, 'year': 2015}'}
});

eg.send(function(error, response, body) {
    console.log(error);
    //console.log(response);
    console.log(body);
});    

like in example.
Also i have tried change headers key name to body, still getting result 400 Bad request.

Trying to use the edgegrid library for purge API calls, but getting the following error trace:
{ "level": "error", "message": "Internal API Error", "name": "AkamaiError", "service": "cdn-cache-purge", "awsRequestId": "1e846559-dfba-4e30-a9d2-9ef8894cb530", "errorId": "8122f00f-680e-4862-89a7-3da6203e7595", "stack": "AkamaiError: Internal API Error\n at /var/task/common/src/common.js:56:13\n at /opt/nodejs/node_modules/akamai-edgegrid/src/api.js:101:9\n at process.processTicksAndRejections (node:internal/process/task_queues:95:5)", "cause": { "message": "socket hang up", "name": "Error", "stack": "Error: socket hang up\n at AxiosError.from (/opt/nodejs/node_modules/axios/dist/node/axios.cjs:837:14)\n at ClientRequest.handleRequestError (/opt/nodejs/node_modules/axios/dist/node/axios.cjs:3083:25)\n at ClientRequest.emit (node:events:517:28)\n at TLSSocket.socketOnEnd (node:_http_client:525:9)\n at TLSSocket.emit (node:events:529:35)\n at endReadableNT (node:internal/streams/readable:1400:12)\n at process.processTicksAndRejections (node:internal/process/task_queues:82:21)"

The client making the request is an AWS lambda instance. Is this a known issue with Axios and proxies, or is this something coming from the client side?
new_error_line_101_feb_28.txt

The version of Request currently in use (2.83.0) depends on [email protected], which again depends on [email protected]. It has a known security vulnerability: https://nvd.nist.gov/vuln/detail/CVE-2018-1000620

Updating to the latest version of Request (2.88.0) seems to remove the dependency to Hawk alltogether(?), thus it should hopefully fix this.

While uploading the EdgeWorker code the standard way through the /edgeworkers/v1/ids/${edgeWorkerId}/versions endpoint works fine it's impossible to do the same for the sandbox environment.

The sandbox endpoint I'm using is /sandbox-api/v1/sandboxes/${sandboxId}/edgeworkers/${edgeWorkerId} with the PUT method. Link to official documentation.

The problem is that the sandbox endpoint requires the Content-Type header to have the value equal to application/tar+gzip while the standard one requires application/gzip and only the latter is supported in this library.

api.ts file. Line 61.
let isTarball = req.body instanceof Uint8Array && req.headers['Content-Type'] === 'application/gzip';

The goal is to recognize both application/gzip and application/tar+gzip content types as valid tarball options and handle the file buffer the same way in both cases.

As API calls can be rate-limited, there should be an option within the edgegrid library to rate-limit. Rate limiting could be applied elsewhere, but the most logical place would be in the edgegrid library

the current release on npm emits console.log() debug output.

Ensure that the script can handle the case of underscore or hyphenated versions of the max body property (max-body and max_body) in the .edgerc file to handle edge cases where this might not be standardized.

We are trying to update Akamai CLI Edgeworkers from edgegrid to akamai-edgegrid. However the gzip response with the edgegrid library was a "buffer" and with the akamai-edgegrid the response is some gibberish stream. Can you please let me know if we need to pass any header to receive the gzip response as buffer ? It is currently breaking our existing module.

"\\u001f�\\b\\u0000 xz^\\u0000\\u0003�X�n�6\\u0014V;\\f[}��f\\u001b�+�\\u0003*y�lɖ�Z#�\\u0012�Y��h��k�4\\r\\u0018�v�Ȓ+RM��\\u0017{�=���{�����\u001d��-Ki��u��>�b�<?\u001fy~x���A�;\u001e��B\u0003_Y\f\u0019�Ѵ,����0L\u0004ߦY7�� �4�Yo֛V�2��Z]AƂ��PD\\u0019\\u000e\\u0001\\n���_c\\u0007�R���]�\\u000f��H��(����o�GH\\u0012\\u001fS��S��Ox����\\u0017S����%�b����Ȱ\\\\��*ʗv0���\\bbp����o\\u0007��\\u000f\\u0004�\\u001f�(��S��\\u0011\\u000e��\\\\�(\\u000fv��vǬ[5�u�m=�\\u001aF��4H\\u000b7��YwC�\\u000fN:�n��}"

I used the edge auth / send methods with the /ccu/v3/invalidate/url/ entrypoint and the server seems to return a statuscode 413 when the entitiy is too long.

The send message does not handle this 413 status code and html response message. It returns the 413 html message instead of returning any json response.

Please address:

• Return JSON response in API and maybe in server response aswell for such conditions.
• Handle these status code with a error that the caller can react in a good case.

Thanks.

https://github.com/akamai-open/AkamaiOPEN-edgegrid-node/blob/master/src/api.js#L68-L72

The 'best practice' in an async method is to return an error object as the first item of the callback if an error occurred, or null if otherwise. It appears the way this throw is implemented, it cannot be caught.

Per conversation here, there are some open questions surrounding the max body size requirements of Akamai's REST API.

The Akamai documentation continues to read that "The size of the POST body must be less than or equal to the value specified by the service. Any request that does not meet this criteria SHOULD be rejected during the signing process, as the request will be rejected by EdgeGrid," though @maglietti pointed out this is incorrect and should be updated.

Could Akamai please update the documentation such that AkamaiOPEN-edgegrid-node be refactored accordingly, assuming changes are necessary?

Thanks!

There are no types provided for using this library in a TypeScript project. Would you be interested in either:

1. Converting this library to TypeScript?
2. Adding TypeScript declaration files (i.e. *.d.ts files and a types property in package.json)?

If you are interested and/or not opposed, I am willing to start this work on my company's time and provide the work as a pull request to this repo. If you are not interested and/or opposed, I will try to get the types added separately from this repo via DefinitelyTyped.

The Issue

Some of Akamai's documented APIs have optional parameters. Papi example in docs.

/papi/v1/properties/{propertyId}/versions/{propertyVersion}/rules{?contractId,groupId,validateRules,validateMode}

In this example, the contractId and groupId are optional. If these are not supplied and the API is called, I receive a 401. Tracing this through a proxy, what seems to happen is it's hitting one endpoint, receiving a 302 redirect to a URL which then contains generated contractId and groupId parameters and making another request.

{
  "type": "https://problems.luna.akamaiapis.net/-/pep-authn/deny",
  "title": "Not authorized",
  "status": 401,
  "detail": "The signature does not match",
... 
}

If I make a request using the optional parameters already set, the request is successful and returns a 200 with the expected data.

The Bug

I believe the issue lies with the redirected request utilizing the same Auth token as the first request which is extremely time-sensitive and has expired, hence returns a 401 Not authorized error as below.

This can also be seen using the POSTMAN API client.

Every eg.send() invocation will print some Preparedbody: line. A bit annoying...

https://github.com/akamai-open/AkamaiOPEN-edgegrid-node/blob/master/src/helpers.js#L29

API endpoint : /etp-report/v3/configs/*****/dns-activities/details
response code was 200 as well but the return body is garbed characters what I attached the example.

It is assumed that it could be possible to reproduce when the number of total character above 6,000 with edgegrid 3.3.0 ver.

We could see the published below, related aoxis previous version, is it related on this?
axios/axios#5296
-->Had this issue, I set version to 1.1.x. Can confirm this fixed the issue, short term at least.

It's closed issue but looks like similar issue had before:
#83

On NPM I see that the published version is 3.0.6, however here on Github I see that the published version is 3.2.0. It seems that the published versions on Github are not submitted to NPM.

NPM error:

No matching version found for [email protected].
In most cases you or one of your dependencies are requesting
a package version that doesn't exist.

NPM version 3.0.6: https://www.npmjs.com/package/edgegrid-no-log4js
Github version 3.2.0: https://github.com/akamai/AkamaiOPEN-edgegrid-node/releases

1. I cloned the repo and followed readme to do
   npm install --save edgegrid
   I got this error: npm WARN install Refusing to install edgegrid as a dependency of itself
   so I did npm install
2. How do I run the app?
3. In which file can I find the '/path/to/.edgerc', and change it according to my env? I have .edgerc in my ~ directory

The default value for the max-body (if none is found in the .edgerc file) should be 131072 bytes (128K). If a value is found in the corresponding section of the .edgerc file, then that value should be used.

I need to use proxy and can't figure out how to modify, any tips?

While performing POST request body truncation if body length is larger than maximum 131072, if body contains unicode characters like emoji, API will return 401 status with 'Signature does not match' error.

Unicode characters should be escaped in order for the signature to match.
example: '🤖' => '\uD83E\uDD16'

Currently, the Node implementation (maybe others too) only allows 4 lines within each section, e.g.:

[default]
client_secret = b4Dh...
host = akab-vos...
access_token = akab-7dt...
client_token = akab-evi...

However, I have gotten in the habit of adding additional information as separate values, e.g.:

[default]
client_description = Rory Hewitt
open_identity_id = f4y...
api_authorization_0 = Property Manager (PAPI); /papi; READ-WRITE
api_authorization_1 = Identity Management: API; /identity-management/v1/open-identities/*/credentials*; READ-ONLY
api_authorization_2 = Network Lists; /network-list; READ-ONLY
api_authorization_3 = User Admin V2; /identity-management/v*/user-admin/*; READ-ONLY
api_authorization_4 = Firewall Rules Manager; /firewall-rules-manager; READ-ONLY
client_secret = b4Dh...
host = akab-vos...
access_token = akab-7dt...
client_token = akab-evi...

That causes problems with Node, since it only reads the first 4 lines, and expects (client_secret, host, access_token and client_token)...

Can we change this to explicitly look for those 4 values within a section, and ignore any other lines?

requests dependency has a vulnerability for versions <2.60.0 and >2.2.5

For more details visit => Snyk link

Relevant PR: #28

Hi,

I am trying to initialize egdegrid using

const EdgeGrid = require('edgegrid');
...
let eg = EdgeGrid(<clientToken>, <clientSecret>,< accessToken>, <CDN_INVALIDATE_URL>)

but i am seeing this following error.

[4/28/2020 1:22:07 AM] Executed 'Functions.TransformAppleSoftwareUpdateData' (Failed, Id=5e2ae32a-0c71-4223-8553-9e68e4ab45bd)
[4/28/2020 1:22:07 AM] System.Private.CoreLib: Exception while executing function: Functions.TransformAppleSoftwareUpdateData. System.Private.CoreLib: Result: Failure
[4/28/2020 1:22:07 AM] Exception: TypeError: this._setConfigFromStrings is not a function
[4/28/2020 1:22:07 AM] Stack: TypeError: this._setConfigFromStrings is not a function
[4/28/2020 1:22:07 AM]     at EdgeGrid (/Users/mrinal_khanvilkar/cb/apple-software-update-data-transformer/node_modules/edgegrid/src/api.js:30:10)
[4/28/2020 1:22:07 AM]     at invalidateCDN (/Users/mrinal_khanvilkar/cb/apple-software-update-data-transformer/TransformAppleSoftwareUpdateData/index.js:103:14)
[4/28/2020 1:22:07 AM]     at processTicksAndRejections (internal/process/task_queues.js:85:5)
[4/28/2020 1:22:07 AM]     at async module.exports (/Users/mrinal_khanvilkar/cb/apple-software-update-data-transformer/TransformAppleSoftwareUpdateData/index.js:83:13).

Because Axios lacks support for CONNECT over an HTTP proxy (see axios/axios#4531) it is not possible to use this library with an HTTP proxy.

Any attempt to do so will instead make the request over HTTP, which will then be rejected by the Akamai API endpoint.

Currently the EdgeGrid.protype.send method accepts a callback. On error this callback is executed with the first argument as (error), on success however to callback executed with arguments (body, response)

EdgeGrid.prototype.send = function(callback) {
  request(this.request, function(error, response, body) { 
    if (error) {
      callback(error)
      return
    }
    if (helpers.isRedirect(response.statusCode)) {
      this._handleRedirect(response, callback);
      return;
    }

    callback(body, response);
  }.bind(this));

  return this;
};

I propose this be changed to conform to node style callbacks and to preserve the request callback signature of (err, response, body)

EdgeGrid.prototype.send = function(callback) {
  request(this.request, function(error, response, body) { 
    if (error) {
      callback(error)
      return
    }
    if (helpers.isRedirect(response.statusCode)) {
      this._handleRedirect(response, callback);
      return;
    }

    callback(null, response, body);
  }.bind(this));

  return this;
};

This IMO is the expected behavior and should make it easier to use things like Bluebirds promisify to generate promises for this library.

Add environment variable support.

AKAMAI[_SECTION]_* where * is one of HOST, CLIENT_TOKEN, CLIENT_SECRET, ACCESS_TOKEN or MAX_SIZE

If you specify the section 'default' (or none) it will use AKAMAI_*, otherwise it's AKAMAI_$SECTION_*

See functionality in PHP Signing Library: https://github.com/akamai-open/AkamaiOPEN-edgegrid-php/blob/master/src/Authentication.php#L422 and https://github.com/akamai-open/AkamaiOPEN-edgegrid-php/blob/master/src/Authentication.php#L388

Facing intermittent (~50% of the time) ECONNRESET while hitting akamai endpoint(s):

error read ECONNRESET Error: read ECONNRESET
at _errnoException (util.js:1022:11)
at TLSWrap.onread (net.js:615:25)

No logs are available on Akamai servers indicating request did not make it to endpoint during the above-mentioned instances.

I am currently behind a corporate proxy, within which I am using the http(s)-proxy for "npm install" commands.

Proxy variable setting was done using "npm config set https-proxy http://{username}:{passphrase}@{url}:{port}"

Additionally, interested to know if current implementation has the option to force traffic over TLS 1.2 or TLS1.3 as it is a requirement for endpoints connecting to *.akamaiapis.net by October 15, 2018

HI, I keep getting the following issue:

"type": "https://problems.purge.akamaiapis.net/-/pep-authn/request-error"
"title": "Bad request",
"status": 400,
"detail": "Invalid timestamp"

I've read it's to do with not syncing with NTP time. How would I do this with this node client?